What is a Replay attack?
A “replay attack” is an exploit that can occur when two forked crypto-currencies allow transactions to be valid across both chains.
Let’s say BTC forks into BT1 and BT2, and before the fork, you held all your BTC in one wallet.
You create a transaction that says “send 3 coins from my wallet to address Y.” You sign it, and you broadcast it to the BT2 network. The transaction circulates the BT2 network and is eventually confirmed, transferring 3 BT2 coins to address Y.
But somewhere along the line, somebody out there sees your transaction data, copies it, and re-uploads it to the BT1 network. Since there is no replay protection, the transaction is valid on the BT1 network as well. This can happen by accident as well - if a transaction is accidentally rebroadcast by services like blockchain.com or Bitpay.
The result is that not only are your 3 BT2 coins sent to address Y but so are your 3 BT1 coins! Except those end up on address Y on the BT1 chain.
A Replay Attack does not mean someone else has control over your funds, or that more transactions of the original asset can be sent without your permission, it only copies an existing transaction into a forked chain making you send identical amounts of two sister assets, instead of just the one you intended.
Keep in mind that transactions sent without proper replay protection can be subject to a replay attack months or even years later. This is why not sending or exchanging an asset forked without Replay Protection is the safest way to go if you want to be able to claim your forked coins down the line.
You can read more about replay attacks in this article.
Using the recent Bitcoin Cash (BCH) Fork as an example: If you sent BCH out to an exchange right after the fork, someone could also broadcast that same transaction on the BSV chain, meaning the same amount of BSV coins will be sent to the destination address you set the BCH to, instead of remaining on your address for you to claim later on as additional coins.
Note: The Exodus team has now created a way to protect your BCH and BSV with replay protection of our own making.