Protecting From Replay Attacks After Recent BCH Hard Fork

自BCH于11月16日硬分叉并分裂为BCH ABC和BCH SV两条链以来,PeckShield检测到大量小额交易在ABC和SV链上重播。11月18日当天,就有1,409,055笔交易被重播。PeckShield建议采取钱包分离、添加特殊输入或OP代码等三种策略来保护交易所及投资者免受可能的BCH重播攻击。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Since the BCH hard fork on 11/16 and splitting into BCH ABC and BCH SV chains, PeckShield has detected huge amount of (small value) transactions replayed on ABC and SV chains. On a single day of 11/18, there were huge 1,409,055 transactions replayed!

Figure 1 shows the hourly replayed transaction numbers on BCH ABC and SV chains after the hard fork. Most of these replayed transactions are valid, but some of them may be related to intentional attacks, and we did notice reports about small scale replay attacks on BCH chains. Till now, ABC and SV chains still don’t provide replay protection mechanism. As exchanges begin to open up for BCH trades and deposits/withdraws, it becomes imperative to protect them (including investors) against possible BCH replay attacks. To this end, PeckShield would like to strongly suggest to follow the “wallet separation” principle, i.e., separating the ABC and SV tokens into different wallet addresses, and to do that, users can take one of three approaches suggested below:

Figure 1: Hourly replayed transaction numbers on hard-forked BCH ABC and BCH SV chains

  1. Splitting ABC/SV addresses: Generate two different addresses, one each on ABC and SV chains, then send the ABC and SV tokens separately to these two addresses. Once the two transactions are confirmed, the tokens in the two new addresses are protected against replay attacks. Some anecdotal reports mentioned that there were some SV nodes broadcasting SV transactions to ABC chain, so we suggest starting the ABC transaction first, after it’s confirmed, then start the SV transaction.

  2. Adding special input into transactions: When starting an ABC/SV transaction, add a special, small amount ABC/SV UTXO at the input side. Since this UTXO is not valid on the other chain, so this transaction is protected against replay attacks. These special UTXOs can be generated by third party services, or by users themselves.

  3. Adding special OP code into transactions: There are OP codes valid only on one of the two chains. By adding them into transaction input, one can also protect the transaction against replay attacks. For example, OP code OP_CHECKDATASIG can be used for ABC transactions, while OP_MUL for SV transactions.

To further improve security, more than one of these approaches can be used at the same time. We’d suggest general users to use the second approach, since it’s simple and straightforward; Exchanges may use the first and second approaches combined (or the first and third approaches combined). Furthermore, pay special attention for their token withdraw addresses. As always, please contact PeckShield if we can be of any help.

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值