"ETHPoW is the proof-of work blockchain that was forked from Ethereum that went live shortly after Ethereum’s transition to proof-of-stake (PoS) last week, has fallen victim to a replay exploit that resulted in an extra 200 ETHW tokens being siphoned by the attacker. BlockSec, a security company that uses blockchain technology, announced the incident on Sunday. They said that the attackers used the Omni Bridge on Gnosis’s chain to attack [Gulf Crypto News. Ethereum Fork ETHPoW Suffers Bridge Replay Exploit, Token Tanks 37%. (Accessed September 19, 2022)].
According to BlockSec:
On September 16th, 2022, we detected that some attackers successfully harvested lots of ETHW by replaying the message (i.e., the calldata) of the PoS chain on EthereumPoW (aka the PoW chain). The root cause of the exploitation is that the Omni bridge on the PoW chain uses the old chainId and doesn’t correctly verify the actual chainId of the cross-chain message. We immediately contacted the official team of EthereumPoW. The team was actively willing to take actions, and they also tried to communicate with the Omni Bridge.
[BlockSec. Reveal the “Message’’ Replay Attacks on EthereumPoW. (Accessed September 19, 2022)].
BlockSec further found: "the attacker (0x82fae) first transferred 200 WETH through the omni bridge of the Gnosis chain, and then replayed the same message on the PoW chain and got extra 200 ETHW. By doing so, the balance of the bridge contract deployed on the PoW chain could be drained" [Id].
The root cause of this is that "the Omni cross-chain bridge on the ETHW chain used old chainID and was not correctly verifying the correct chainID of the cross-chain message" [Jenkinson, G. ETHW confirms contract vulnerability exploit, dismisses replay attack claims. (Accessed September 19, 2022)].
Ethereum’s Mainnet and test networks use two identifiers for different uses, namely, a network ID and a chain ID (chainID). Peer-to-peer messages between nodes make use of network ID, while transaction signatures make use of chainID. EIP-155 introduced chainID as a means to prevent replay attacks between the ETH and Ethereum Classic (ETC) blockchains" [Id].
This was confirmed by BlockSec: "After anaylzing the source code of the Omni bridge, we find that there DOES exist the logic to verify the chainId [...] Unfortunately, the verfied chainId used in this contract comes from the value stored in the storage named unitStorage [...] It is NOT the actual chainId fetched through the CHAINID opcode, which was proposed in EIP-1344. This is probably due to the fact that the code is quite old (using Solidity 0.4.24). The code works fine all the time until the fork of the PoW chain. In short, the root cause of the exploitation is that the Omni bridge on the PoW chain uses the old chainId and doesn’t correctly verify the actual chainId of the cross-chain message [BlockSec, supra].
"BlockSec was the first analytics service to flag the replay attack and notified ETHW, which in turn quickly rebuffed initial claims that a replay attack had been carried out on-chain. ETHW made attempts to notify Omni Bridge of the exploit at the contract level" [Jenkinson, supra].
Since launching on Sept. 15. Ethereum PoW has not gathered much adoption from the crypto community. Leading exchanges like FTX, OKX, and Bybit rallied around to see that spot trading opened for the ETHW token on Sept. 16. As a result, ETHW price reached an all-time high of $60.68. However, with the general market decline and low excitement post-merge, ETHW has fallen below $5, shedding off over 90% of its all-time high gain [...] Grayscale investment hinted at plans to sell off its 3.1 million ETHPoW airdrop tokens. The firm said it will sell the tokens and redistribute the proceeds to shareholders.
[Nwobodo, C. Ethereum PoW loses 200 WETH to Omni bridge vulnerability exploit. (Accessed September 19, 2022)