Abstract: The upcoming SegWit2x hardfork lacks replay protection. In this piece we look at what you can do to protect yourself, by analyzing various ways you could split your coins.
Overview
SegWit2x (B2X) is a proposal to double Bitcoin’s capacity limit. This is an increase in the maximum block weight to 8MB from 4MB.
The upgrade is an incompatible with Bitcoin’s current consensus rules (known as a hardfork), which means it is likely to result in a new coin, such that Bitcoin holders prior to the fork will receive both original Bitcoin (BTC) and SegWit2x coin (B2X) after the fork. In many ways this is similar to the recent Bitcoin Cash hardfork (also an increase in the blocksize limit to 8MB). A key difference is that unlike Bitcoin Cash, B2X does not include strong transaction replay protection. Therefore many users could lose funds, on the other hand, those that do successfully protect their funds could make positive investment returns.
The hardfork is expected to occur on around Saturday 18th November 2017. (Block number 494,784)
Why bother splitting?
The SegWit2x split will result in two coins, the existing Bitcoin (BTC) and a new “spin-off” coin SegWit2x (B2X). This is likely to lead to significant price volatility, which may present investment opportunities. Due to the lack of replay protection, whatever your view on the situation or your investment strategy, it is sensible to split your coins as soon as possible, to ensure as much flexibility as possible and also to protect your coins. Many users are likely to intend to send only one of the two coins in a transaction, but accidentally send both, which may result in an irrecoverable loss of funds. If you do not split, you could be one of these users incurring losses.
Unfortunately the lack of strong replay protection may also present an opportunity for scammers/attackers. For example scammers could repeatedly deposit and withdraw from exchanges, hoping to find any weaknesses. If any exchange has not implemented replay protection, attackers are likely to exploit this quickly, which could make the exchange insolvent. In addition to this, individual users could be targeted by scammers. Scammers could sell the victim Bitcoin, knowing their wallet is following the wrong chain or scammers could acquire Bitcoin from a victim who is expected to replay coins on both chains to the buyer.
These kind of losses and attacks could damage the reputation of the ecosystem, therefore a contentious hardfork without strong replay protection is a high risk event with potentially significant negative consequences. However, there are actions you can take to protect yourself.
Splitting your coins
When the hardfork occurs, your Bitcoin will exist separately on both chains BTC & B2X, in the same output. Since the B2X hardfork does not contain transaction replay protection enabled by default, when spending your coins, in either chain, the transaction could be replayed on the other chain. Therefore the prudent thing to do is split your coins, so that your BTC and B2X exist on different outputs on each chain, which means that your transactions can no longer be replayed.
Unfortunately this is not a simple process and many people are unlikely to be able to achieve this. You cannot split your coins prior to the hardfork, however a prudent strategy may be to prepare how you plan to split beforehand, for example moving your coins to a different wallet before the fork occurs. For many users this is not likely to be easy, however if you act fast, there could be investment rewards, if you are able to sell the spin-off coin before others have a chance to do so.
Which wallets to use
In order to split your coins, you would either need to manually construct your own transactions or use two wallets, one for BTC and one for B2X, since most wallets will not allow you to broadcast two conflicting transactions. You will then need two separate wallets, to receive the coins on each side of the split.
Unfortunately two full node wallets are likely to be necessary to protect your coins, for example Bitcoin Core for BTC and BTC1 for B2X. A full node wallet means it verifies all the consensus rules on the entire blockchain. Two fully verifying nodes may be needed because:
- On the BTC side you may need a wallet that enforces the 4 million unit weight limit (which B2X plans to breach), and;
- On the B2X side you need a wallet that enforces the coin wipeout protection rule, which requires non witness data in the first B2X block to be greater than 1MB.
You need to ensure each respective wallet enforces each of these rules, to make sure your wallets do not follow a different chain to the one on which your coins are located on. Otherwise your coins could disappear from your wallet.
In order to prudently prepare for the hardfork, it might be a good idea to run full nodes of each client on a separate computer. The syncing process can take several days, therefore perhaps you could start to run the nodes before the fork, as you may want to be ready to split your coins and spend them as soon as possible.
The splitting methods
Method 1: The trial and error approach
The most basic way of splitting is to run a BTC client and a B2X client, import your private keys, and then try to send your coins to yourself, to two different outputs on each chain. Either both transactions confirm, in which case you succeeded, or the same transaction occurs on both chains, and you simply try again.
The trouble with this method is that it could be expensive, in terms of both time and money. Many people may try this approach and therefore network congestion could be high, and the more failed attempts occur the more one needs to pay in fees. In addition to this, at least one of the two chains is guaranteed have minority hashpower, which could increase the block interval in the short term, resulting in more transaction congestion and you would need to wait for your transaction to confirm on both sides of the split to ensure you are protected.
Unfortunately, the trouble with B2X, is not only did this fork not implement strong replay protection, so that BTC transactions are valid on B2X and vica versa, but B2X also uses the same network magic as BTC. Therefore, by default your B2X wallet will broadcast its transactions to the BTC network, making transaction replay likely.
Method 2: Locktime
Locktime is a transaction field, which ensures a transaction is only valid after a certain block height. By default some wallets, including Bitcoin Core, add the current block height to the locktime field for their transactions. There are several motivations for this transaction type, one of which is to reduce the incentive for miners to orphan the current leading block, in order to get more fee income, by scooping up the fees from transactions already confirmed in the last block and the transactions in the memory pool. This is expected to be a potential problem in the future when the block reward is low.
One could try to use this feature to split BTC and B2X coins. For example, if the BTC chain has a 5 block lead over the B2X chain, you could send a BTC transaction with the current block height as the locktime, therefore this transaction will be invalid on B2X for the next 5 blocks. If the transaction confirms on BTC, you could then send another different transaction spending the same output on the B2X network, before the 5 block period is over. This could also work the other way around if B2X has the block height lead.
This method sounds complicated, and involves monitoring both chains. However, using the Bitcoin Core wallet this may happen by default and can be combined with the trial and error method described above. In theory, all you need to do is see which chain is in the lead, with respect to block height, and then send your transaction on that chain first.
Method 3: The “official” opt in replay protection
The B2X chain is considering adding opt in replay protection. This essentially means B2X client defines a subset of existing valid transactions and then prohibits these transactions on the B2X chain. Therefore you could send a transaction in this format on the BTC network and it would be invalid on B2X, resulting in a successful split.
However, this could be technically challenging to do, as it is not clear if any BTC wallets will support this feature and there may not be enough time for wallets to implement this for ordinary users. In addition to this, it is not known what type of opt in replay protection B2X will use or if this feature will be enabled at all. The official B2X client appears to have gone through the following iterations:
- Initially there was no opt in transaction replay protection
- A method of replay protection using OP_Return was merged into the codebase
- A new replay protection method, banning transactions with an output to a particular P2SH address was merged
- Problems were found with the latest method, which could apparently result in the loss of funds. Therefore a few days ago this opt in replay protection was removed from the B2X client
Therefore it is not clear what the opt in replay protection for B2X will be and it’s possible there could be no option here at all.
Method 4: Taint the coins with already split coins
Somebody else may have successfully been able to split their coins. They could then send you an output from their split coins. You could then use this output as an input for your new transaction. Since this input only exists on one chain, your transaction would be invalid on the other chain. Ideally this could be the coinbase reward from a block mined after the split, that way you can be sure your transaction can only occur on one side of the split, regardless of any potential re-orgs.
This process seems easier than the above methods, although you must ensure you get your coin control in your wallet arranged correctly to ensure you spend the desired transaction input. This method requires waiting for somebody else, therefore it could be slow, which may be a problem if you want to split as soon as possible.
Method 5: Let an exchange do it
You could send your coins to an exchange which supports both BTC and B2X, the exchange could then handle the split for you. You need to check if the policy of the exchange is to split your coins before the split or to also split coins sent to them after the split.
A disadvantage of this policy is that your need to take counterparty risk, which you may not want to do with your long term savings. Taking such a risk could be particularly problematic during a high risk, high volume period such as a chain split without strong replay protection, which may present operational challenges for the exchanges. This method also goes against a common narrative or mantra in the Bitcoin community, which is you should always control your private keys, especially during a hardfork.
Although an advantage of sending your coins to the exchange before the fork, is that you may be able to trade the two coins very quickly, perhaps even faster than those doing the above split methods. This could provide you better investment opportunities.
Conclusion
Perhaps the best strategy is to combine the above methods. After reviewing the policy of the exchanges, you could send some of your coins to an exchange of your choice before the fork and then attempt to split the remainder of your coins using method 2 explained above.
However, despite all this advice, it’s probably likely that the overwhelming majority of Bitcoin holders will take no preparatory action for the split. Therefore if you do any above, you are probably well ahead of the majority, which could hopefully lead to some financial rewards or at least help you avoid losses.