{"id":24329,"date":"2022-09-19T14:47:18","date_gmt":"2022-09-19T09:17:18","guid":{"rendered":"https:\/\/coinswitch.co\/switch\/?p=24329"},"modified":"2022-09-19T18:19:21","modified_gmt":"2022-09-19T12:49:21","slug":"ethereum-pow-hit-by-replay-exploit","status":"publish","type":"post","link":"https:\/\/coinswitch.co\/switch\/news\/ethereum-pow-hit-by-replay-exploit\/","title":{"rendered":"Ethereum PoW hit by replay exploit"},"content":{"rendered":"<p>The hard-forked Ethereum Proof-of-Work (PoW) blockchain was at the receiving end of a replay attack, according to BlockSec, a company that deals with blockchain infrastructure and security. BlockSec reported the issue on 18 September 2022 via <a href=\"https:\/\/twitter.com\/BlockSecTeam\/status\/1571433997460459521\" target=\"_blank\" rel=\"noopener\">Twitter<\/a>.<\/p>\n<p>A replay attack is a network exploit where hackers delay or fraudulently replay a transaction message on another chain to carry out the same transaction twice, or more. The contentious ETH PoW was always prone to such an attack post-Merge.<\/p>\n<p>Currently, the Ethereum PoW token (ETHW) token is down by 96.53%, from its all-time high. This development, however, also has to do with crypto exchange Poloniex\u2019s support for the rival Ethereum fork, EthereumFair, despite founder Justin Sun\u2019s prior pro-PoW comments.<\/p>\n<h2>How was the attack initiated?<\/h2>\n<p>The hacker first sent 200 wrapped ETH on the PoS mainnet using the Gnosis chain\u2019s Omni bridge. It was a standard bridge transfer. The same message (call data) was then replayed on the ETH PoW chain to get 200 ETHPoW (ETHW) tokens.<\/p>\n<p>The attack could take place because the Omni bridge didn\u2019t correctly verify the chain ID associated with the cross-chain message.<\/p>\n<h2>Team responds<\/h2>\n<p>The developer team said they have been trying to connect with Omni Bridge since 17 September to inform them about the associated risks.<\/p>\n<p>In response, the developer team at ETHPoW also published a <a href=\"https:\/\/medium.com\/@ETHW\/ethw-core-has-confirmed-that-a-contract-vulnerability-attack-against-a-bridge-is-not-a-replay-40bb797f9408\" target=\"_blank\" rel=\"noopener\">post<\/a> on Medium arguing that the attack is an exploit of a bridge-specific smart contract vulnerability and not due to their blockchain per se. According to them, no chain-specific replay attack has been initiated to and from the ETH PoS chain as their security engineers had planned proactive and preventive measures beforehand.<\/p>\n<p>The team\u2019s core developers even explained that they implemented the EIP-155 to ensure protection against replay attacks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The hard-forked Ethereum Proof-of-Work (PoW) blockchain was at the receiving end of a replay attack, according to BlockSec, a company that deals with blockchain infrastructure and security. BlockSec reported the issue on 18 September 2022 via Twitter. A replay attack is a network exploit where hackers delay or fraudulently replay a transaction message on another [&hellip;]<\/p>\n","protected":false},"author":76,"featured_media":24331,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_ayudawp_aiss_exclude":false,"footnotes":""},"categories":[7701],"tags":[6467,6536],"class_list":["post-24329","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-crypto","tag-news"],"acf":{"json_ld_schema":"\n[{\"@context\":\"https:\/\/schema.org\",\"@type\":\"FAQPage\",\"@id\":\"https:\/\/coinswitch.co\/switch\/us-stocks\/wall-street-jottings\/#FAQPage\",\"headline\":\"Wall Street jottings: A personal, guided tour to investing in US stocks\",\"keywords\":\"Personal Guide, US Investing, \",\"datePublished\":\"2022-07-22T13:28:55+05:30\",\"dateModified\":\"2022-07-22T13:28:55+05:30\",\"dateCreated\":\"2022-07-22T13:28:55+05:30\",\"author\":{\"@type\":\"Person\",\"name\":\"Ananda Banerjee\",\"description\":\"Ananda Banerjee is a creative copywriter at heart, a technical writer by profession, and a multifarious Web 3.0 creator in his leisure time. An ever-curious crypto connoisseur, he believes endless reading and purposeful learning are the keys to written and verbal specificity.\",\"url\":\"https:\/\/coinswitch.co\/switch\/author\/ananda-banerjee\/\",\"sameAs\":[\"A_B_boying\",\"https:\/\/www.linkedin.com\/in\/ananda-banerjee\"],\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/acf35d8cc57009e7786c2fbd6b587f8d?s=96&d=mm&r=g\",\"height\":96,\"width\":96}},\"image\":[{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/coinswitch.co\/switch\/us-stocks\/wall-street-jottings\/#primaryimage\",\"url\":\"https:\/\/coinswitch.co\/switch\/wp-content\/uploads\/2022\/07\/Wall-Street-Jottings.jpg\",\"width\":\"1800\",\"height\":\"1080\"},{\"@type\":\"ImageObject\",\"url\":\"https:\/\/coinswitch.co\/switch\/wp-content\/uploads\/2022\/07\/Wall-Street-Jottings-1200x900.jpg\",\"width\":\"1200\",\"height\":\"900\"},{\"@type\":\"ImageObject\",\"url\":\"https:\/\/coinswitch.co\/switch\/wp-content\/uploads\/2022\/07\/Wall-Street-Jottings-1200x675.jpg\",\"width\":\"1200\",\"height\":\"675\"}]}]\n","json_ld_custom_schema":"","youtube_vodeo_url":"","seo":{"title":"","keywords":"","description":"","canonical":""},"blog_banner_image":false,"blog_coin":false,"download_the_app":{"button_value":"","button_url":""},"twitter_card":{"twitter_title":"","twitter_description":"","twitter_link":""},"maturity_tag":"","post_author":false,"guest_author":false,"hide_toc":true,"key_takeways":false,"select_disclaimer":"Article Default Disclaimer"},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/posts\/24329","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/users\/76"}],"replies":[{"embeddable":true,"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/comments?post=24329"}],"version-history":[{"count":1,"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/posts\/24329\/revisions"}],"predecessor-version":[{"id":24334,"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/posts\/24329\/revisions\/24334"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/media\/24331"}],"wp:attachment":[{"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/media?parent=24329"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/categories?post=24329"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinswitch.co\/switch\/wp-json\/wp\/v2\/tags?post=24329"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}