EthereumPOW Sees 'Replay' Exploit for 200 ETHW Days After Rocky Start

The exploit took place on a contract, however, and does not affect the main Ethereum POW network itself.

AccessTimeIconSep 19, 2022 at 8:07 a.m. UTC
Updated May 11, 2023 at 5:26 p.m. UTC

EthereumPOW, the version of the Ethereum blockchain that continues to run on a proof-of-work (PoW) consensus mechanism, experienced a replay exploit over the weekend due to a faulty third-party contract.

Developers of EthereumPOW were alerted of the issues and immediately took steps to rectify the problem.

The blockchain was established as a fork of the Ethereum network, which switched to a proof-of-stake (PoS) consensus mechanism on Thursday in an event known as the Merge. The PoS network now continues as Ethereum.

The replay exploit refers to the same transaction being duplicated on both chains when they’re not supposed to.

This means if a user transacted on Ethereum PoW, the same was executed on Ethereum – which eventually allows attackers to illicitly trick smart contracts into releasing tokens from one chain, even as the actual transaction was executed on another chain.

Attackers used the Omni bridge of the Gnosis network to conduct the exploit. Some 200 weighted ether (wETH) was transferred through the bridge on Saturday, and the same transaction was replayed on the PoW chain – resulting in the attacker gaining 200 ETHW, or approximately $1,600 at the time.

Faulty data from the Ethereum PoW network’s Chain ID used by a contract caused the issue, security firm BlockSec said in a tweet. A Chain ID is a set of numbers used by the browser-based crypto wallet MetaMask to sign transactions for the network. An incorrect Chain ID causes transactions to fail because users aren't connected to the correct network, rendering a network unusable.

BlockSec warned that the issue might eventually cause the balance of the chain contract deployed on the PoW chain to “be drained.”

Meanwhile, EthereumPOW developers said in a Sunday post that the attack exploited the contract vulnerability of the bridge, and not their blockchain itself.

"We have contacted the bridge in every way and informed them of the risks," it said. "Bridges need to correctly verify the actual ChainID of the cross-chain messages," the developers wrote.

As such, the network saw glitches on its first day with users stating they weren't able to access the blockchain's servers using public information provided by Ethereum PoW. CoinDesk verified the claims and wasn't able to access EthereumPOW’s web servers using those links provided, as reported.

ETHW tokens tumbled in the past 24 hours following the exploit, falling some 37%, and extending weekly losses to over 80%, CoinGecko data shows.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Shaurya Malwa

Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.

Read more about