Post-Ethereum Merge proof-of-work (PoW) chain ETHW has moved to quell claims that it had suffered an on-chain replay attack over the weekend.
Smart contract auditing firm BlockSec flagged what it described as a replay attack that took place on Sept. 16, in which attackers harvested ETHW tokens by replaying the call data of Ethereum’s proof-of-stake (PoS) chain on the forked Ethereum PoW chain.
According to BlockSec, the root cause of the exploit was due to the fact that the Omni cross-chain bridge on the ETHW chain used old chainID and was not correctly verifying the correct chainId of the cross-chain message.
Ethereum’s Mainnet and test networks use two identifiers for different uses, namely, a network ID and a chain ID (chainID). Peer-to-peer messages between nodes make use of network ID, while transaction signatures make use of chainID. EIP-155 introduced chainID as a means to prevent replay attacks between the ETH and ETC blockchains.
1/ Alert | BlockSec detected that exploiters are replaying the message (calldata) of the PoS chain on @EthereumPow. The root cause of the exploitation is that the bridge doesn’t correctly verify the actual chainid (which is maintained by itself) of the cross-chain message.
— BlockSec (@BlockSecTeam) September 18, 2022
BlockSec was the first analytics service to flag the replay attack and notified ETHW, which in turn quickly rebuffed initial claims that a replay attack had been carried out on-chain. ETHW made attempts to notify Omni Bridge of the exploit at the contract level:
Had tried every way to contact Omni Bridge yesterday.
Bridges need to correctly verify the actual ChainID of the cross-chain messages.
Again this is not a transaction replay on the chain level, it is a calldata replay due to the flaw of the specific contract. https://t.co/bHbYR4b2AW pic.twitter.com/NZDn61cslJ
— EthereumPoW (ETHW) Official #ETHW #ETHPoW (@EthereumPoW) September 18, 2022
Analysis of the attack revealed that the exploiter started by…
Click Here to Read the Full Original Article at Cointelegraph.com News…
