You may have paid more than you imagine—Replay Attacks on Ethereum Smart Contracts

Conference:  Defcon 26



The presentation discusses the issue of replay attacks in smart contracts and proposes a defense strategy to prevent them.
  • Replay attacks occur when a transaction is legitimate on one blockchain but is also legitimate on another blockchain, allowing for double-spending.
  • 52 smart contracts were found to be vulnerable to replay attacks.
  • To prevent replay attacks, smart contracts should conform to security standards, publicly disclose specific information, and pay attention to news and reports.
  • The issue of security in smart contracts is a growing concern and requires attention from developers and users.
Suppose there are three groups using the same specific perfect data in their smart contracts. If two of the groups have identical data, a replay attack can occur between them, allowing for double-spending. This highlights the importance of conforming to security standards when designing smart contracts.


In this paper, a new replay attack based on Ethereum smart contracts is presented. In the token transfer, the risk of replay attack cannot be completely avoided when the sender's signatures are abused, which can bring the loss to users. And the reason is that the applying scope of the signatures is not properly designed in the smart contracts. To test and verify this loophole, we selected two similar smart contracts for our experiment, at the same time, we used our own accounts in these two contracts to carry out the experiment. Because the same signatures of the two contracts were used in the experiment, we got a double income from sender successfully. The experiment verified that the replay attack is really exist. Besides, the replay attack may exist in multiple smart contracts. We calculated the number of smart contracts with this loophole, as well as the corresponding transaction activities, which find some Ethereum smart contracts are risked for this loophole. According to the vulnerability of the contract signature, the risk level is calibrated and depicted. Furthermore, the replay attack pattern is extended to within contract, cross contract and cross chain, which provide the pertinence and well reference for protection. Finally, the countermeasures are proposed to fix this vulnerability.