Replay Attack

A replay attack in the blockchain context occurs when a transaction that is valid on one chain is maliciously rebroadcast — "replayed" — on another chain that shares the same transaction format and history. The most common trigger is a hard fork, where one ledger splits into two chains that share all history up to the split point. A signature valid before the fork is valid on both descendant chains, so an attacker can copy a victim's transaction and have the same coins move on the other chain too.

How a fork creates the exposure

After a contentious fork, a user spending on Chain A may find that identical, equally valid transaction data is broadcastable on Chain B. Without protection, sending coins on one chain can inadvertently move the user's coins on the other, draining the forked balance to an attacker who relays the message.

Replay protection

Defenses fall into two camps. Strong replay protection bakes a unique chain identifier into the signature or transaction format on the new chain, making its transactions structurally invalid on the legacy chain. Opt-in replay protection leaves it to users to add a distinguishing marker themselves. Beyond forks, the term also describes classic protocol replays — capturing and resending a valid authenticated message — which Bitcoin's per-transaction signatures and the unspent-output model inherently resist, since a confirmed spend cannot be re-mined.

Replay risk is one reason careful coin-splitting matters after any chain split; see also Double-Spend.