Before diving into the 51% attack, it is crucial to have a good understanding of mining and blockchain-based systems.
One of the key strengths of Bitcoin and its underlying blockchain technology is the distributed nature of data construction and verification. The decentralized work of the nodes ensures that the protocol rules are followed and that all network participants agree with the current state of the blockchain. This means that the majority of nodes must reach a regular consensus regarding the mining process, the version of the software being used, the validity of the transactions, etc.
Bitcoin's consensus algorithm (Proof of Work) is what ensures that miners can only validate a new block of transactions if the nodes in the network collectively agree that the block hash provided by the miner is accurate (i.e. the block hash demonstrates that the miner did work on it enough and found a valid solution to the problem of that block).
Blockchain infrastructure, such as a decentralized ledger and distributed system, prevents any centralized entity from co-opting the network for its own purposes, so there is no single authority on the Bitcoin network.
Since the mining process (in PoW-based systems) involves the investment of enormous amounts of electricity and computing resources, the performance of a miner is based on the amount of computing power it has, and this is generally referred to as mining power. hash or hash rate. There are many mining nodes in various locations and they compete to be the next to find a valid block hash and be rewarded with the newly generated Bitcoins.
In such a context, the mining power is distributed across different nodes around the world, meaning that the hash rate is not in the hands of a single entity. At least it's not supposed to be.
But what happens when the hash rate is no longer distributed well enough? What happens if, for example, a single entity or organization can obtain more than 50% of the hashing power? A possible consequence of this is what we call a 51% attack, also known as a majority attack.
What is a 51% attack?
A 51% attack is a potential attack on Bitcoin (or another blockchain network), whereby a single entity or organization can control the majority of the hash rate, which could cause a network outage. In other words, the 51% attacker would have enough mining power to intentionally exclude or modify the order of transactions.
Such an attack would allow the malicious entity to attempt to reverse transactions it made while in control, likely leading to a double-spending issue. A successful majority attack would also allow the attacker to prevent some or all transactions from being confirmed (also known as per-transaction denial of service) or prevent some or all other miners from mining, leading to a so-called mining monopoly.
On the other hand, a majority attack would not allow the attacker to roll back other people's transactions or prevent transactions from being transmitted to the network. Changing the block reward, creating coins out of thin air, or stealing coins that never belonged to the attacker are also very unlikely scenarios.
How likely is a 51% attack?
Since a blockchain network is maintained by a distributed network of nodes, all participants cooperate in the process of reaching a consensus. This is one of the main reasons why blockchain networks tend to be secure. Larger networks have greater protection against attacks and data corruption.
When it comes to Proof of Work Blockchains, the more hash rate a miner has, the better the chances of finding a valid solution for the next block. This is true because mining involves a large number of hashing attempts and more computing power means more trials per second. Many early miners joined the Bitcoin network to contribute to the growth and security of the networks. With the rise in the price of Bitcoin as a currency, numerous new miners have joined the network with the aim of competing for block rewards (currently set at 12.5 BTC per block). Such a competitive scene is one of the reasons why the Bitcoin network is secure. Miners have no reason to invest large amounts of resources if not to act honestly and strive to receive the overall reward.
Therefore, a 51% attack on Bitcoin is quite unlikely due to the magnitude of the network. Once a blockchain grows large enough, the possibility of a single person or group gaining enough computing power to overwhelm all other participants quickly grows to unattainable levels.
Additionally, changing previously confirmed blocks becomes increasingly difficult as the chain grows, because all blocks are linked through cryptographic proofs. For the same reason, the more confirmations a block has, the greater the costs of altering or reversing transactions in that block. Therefore, a successful attack could probably only disrupt the transactions of a few recent blocks, for a short period of time.
Going further, let's imagine a scenario where a malicious entity is not motivated by profit and decides to attack the Bitcoin network just to destroy it, regardless of the costs. Even if the attacker manages to disrupt the network, the Bitcoin software and protocol will be quickly modified and adapted in response to that attack. This would require the other nodes on the network to come to a consensus and agree to these changes, but that would likely happen very quickly during an emergency situation. Bitcoin is highly resistant to attacks and is considered the most secure and trusted cryptocurrency out there.
Although it is quite difficult for an attacker to obtain more computing power than the rest of the Bitcoin network, that is not so difficult to achieve in smaller cryptocurrencies. When compared to Bitcoin, altcoins have a relatively low amount of hash power securing their blockchain. Low enough to make it possible for 51% attacks to actually occur. Some notable examples of cryptocurrencies that fell victim to mainstream attacks include Monacoin, Bitcoin Gold, and ZenCash.
