A blockchain reorganization happens when a different, longer chain of validated blocks replaces a previously accepted chain, leaving earlier blocks orphaned and their transactions temporarily unsettled. Arvind Narayanan, Princeton University explains this is an intrinsic consequence of the longest-chain rule used by many proof-of-work systems. Exchanges that accept deposits before a transaction reaches sufficient block depth face settlement risk when those confirmations are reversed.
How reorgs occur
Reorganizations arise from ordinary network behavior and from adversarial strategies. Naturally occurring short reorgs follow from simultaneous block discovery by honest miners and typically resolve within one or two blocks. More damaging reorganizations result from strategic mining. Ittay Eyal and Emin Gün Sirer, Cornell University demonstrated in the paper Majority Is Not Enough that selfish mining can create longer private chains that are later published to override public history, producing deeper reorganizations. Network-layer attacks such as eclipse attacks allow an adversary to isolate nodes and manipulate their view of the chain. Ethan Heilman, Boston University has documented how these attacks enable targeted transaction reversals.
Consequences and contextual factors
For exchanges the immediate consequence is potential double-spend loss when an accepted deposit is erased from the canonical ledger. Operationally, reorgs force transaction rollbacks, customer disputes, withdrawal delays, and complex reconciliations that erode trust. Kim Grauer, Chainalysis has reported that such attacks have translated into real monetary losses on smaller networks where attacker cost is low. Geographic and regulatory contexts matter: mining concentration in particular territories amplifies systemic exposure because regional disruptions or coordinated miner behavior can produce larger reorganizations. Garrick Hileman, University of Cambridge highlights that miner distribution and local policy environments shape these risks.
Mitigation blends technical and business measures. Exchanges raise confirmation thresholds, run independent node monitoring to detect irregular reorg patterns, and use risk engines to delay credited balances until sufficiently deep finality is achieved. Some platforms rely on settlement through higher-finality layers or custodial arrangements to limit exposure. The trade-off remains between user convenience and security: higher block-depth requirements reduce settlement risk but lengthen user wait times and operational complexity.