After the Ethereum Merge, the proof-of-work (PoW) chain ETHW took action to dispel rumors that it had been the victim of an on-chain replay assault over the weekend. The replay attack, as disclosed by smart contract auditing company BlockSec, occurred on September 16 and included attackers harvesting ETHW tokens by replaying call data from Ethereum’s proof-of-stake (PoS) chain on the forked Ethereum PoW chain. According to BlockSec, the Omni cross-chain bridge on the ETHW chain utilized an outdated chainID and wrongly verified the cross-chain message’s chainID, which was the primary source of the vulnerability. BlockSec Identifies Replay Attack A network ID and a chain ID (chainID) are the two identifiers used by Ethereum’s Mainnet and test networks for various purposes. Network ID is used for peer-to-peer messaging between nodes, whereas chainID is used for transaction signatures. Replay attacks between ETH and Ethereum Classic (ETC) blockchains were made impossible with the introduction of chainID in EIP-155. 1/ Alert | BlockSec detected that exploiters are replaying the message (calldata) of the PoS chain on @EthereumPow. The root cause of the exploitation is that the bridge doesn't correctly verify the actual chainid (which is maintained by itself) of the cross-chain message. — BlockSec (@BlockSecTeam) September 18, 2022 The replay assault was initially identified by BlockSec, which then alerted ETHW. ETHW promptly refuted...
