What is a replay attack?

A “replay attack” is an exploit that can occur when two forked crypto-currencies allow transactions to be valid across both chains.

Let’s say BTC forks into BT1 and BT2, and before the fork, you held all your BTC in one wallet.

You create a transaction that says “send 3 coins from my wallet to address Y.” You sign it, and you broadcast it to the BT2 network. The transaction circulates the BT2 network and is eventually confirmed, transferring 3 BT2 coins to address Y.

But somewhere along the line, somebody out there sees your transaction data, copies it, and re-uploads it to the BTC network. Like somebody copying all your answers on a quiz. This can happen by accident as well - If a transaction is accidentally rebroadcast by insight servers like blockchain.info or Bitpay.

Imagine you gave someone a cheque (check), and they duplicated it perfectly - same signature, same amount, same recipient. And they could just go to the bank and cash two cheques, taking twice the money from you.

The result is that not only are your 3 BT2 coins sent to address Y, but so are your 3 BT1 coins!

Replay attacks aren’t exploitable for personal gain, however - The uploader can’t change details like ‘the number of coins to send’ or ‘the address to send them to.’ This would invalidate the digital signature of the transaction, making the whole transaction void. Replay attacks are applicable across chains - A transaction of BT1, for example, cannot be re-uploaded to send twice as many coins.

But even given these limitations, replay attacks are still highly abusable, and the risk of losing your funds is significant. If you hold coins of Bitcoin and a Bitcoin fork that lacks replay protection, you should either hold both currencies until a method of replay protection is developed, or you should choose which of the two coins is of more value to you, and use only that coin.

If you opt for the second option, be aware you may lose the other chain’s coins to replay attacks, however. Simply holding your coins in a wallet you control is the safest possible option. This gives you time to wait and see which chain emerges as the 'winner' as dictated by the market, and if replay protection is developed for one of the chains, it will allow you to eventually separate your coins.