Replay Attack

A replay attack occurs when a blockchain forks and a transaction signed for one chain is also valid on the other. If both chains share the same transaction format and chain ID, broadcasting a transaction on Chain A automatically makes it valid on Chain B — an attacker (or even wallet software) can 'replay' it to transfer funds they shouldn't control.

EIP-155, implemented in Ethereum in 2016, introduced chain IDs into transaction signatures to prevent replay attacks between Ethereum and Ethereum Classic. Bitcoin Cash added SIGHASH_FORKID replay protection at the time of its 2017 fork. Whenever a contentious hard fork occurs without explicit replay protection, users face risk in the early days after the split.

Practical defence: after a fork, avoid transacting on either chain until replay protection is confirmed active. Hardware wallets and major software wallets typically handle this automatically, but users operating with raw transactions or custom scripts must handle chain ID correctly.