What is a 51% attack?

Introduction

Before we look at the 51% attack, it is crucial to understand mining and blockchain-based systems.

One of the main strengths of Bitcoin and blockchain, its underlying technology is the decentralized nature of creation and its ability to allow anyone to verify the data. Node decentralization ensures that protocol rules are followed and all participants agree on the current state of the blockchain. This means that the majority of nodes must regularly find consensus regarding mining: the version of software used, the validity of transactions, etc.

The Bitcoin consensus algorithm (Proof of Work) ensures that miners can only validate a new block of transactions if network nodes collectively agree that the hash of the block provided by the miner is accurate (the hash of the block proves that the miner has done enough work and found the solution to the block problem).

The blockchain infrastructure, as a large live decentralized and distributed system, prevents any centralized entity from using the network for its own purposes. It is for this very reason that there is no single authority on the Bitcoin network.

Mining (in PoW systems) requires enormous amounts of electricity and computing resources. Indeed, the performance of a miner is based on the amount of computing power it has: the hash rate. There are many mining nodes, located in many locations around the world, competing to be the next to find the hash that makes the next block valid and thus obtain a reward consisting of newly generated Bitcoins.

In such a context, the hash rate is distributed across different nodes in the world: this rate is not controlled by a single entity. At least in theory.

But what happens when the hash rate is no longer distributed as it should be? For example, what would happen if an entity or organization managed to obtain more than 50% of the hash rate? One possible consequence is what we call the 51% attack, or the majority attack.

What is a 51% attack?

A 51% attack is a potential attack on the blockchain, where one entity/organization obtains the majority of the hash rate of the network, leading to disruption of the network. In such a scenario, the attacker would have sufficient hash rate to exclude or modify transactions. He could also cancel transactions that he has already made and thus make a double expenditure.

A successful majority attack would also allow the attacker to prevent all transactions from being validated (denial of services or transactions) or prevent miners from participating in mining, resulting in a monopoly of computing power.

However, a majority attack would not allow the attacker to cancel other users' transactions or prevent transactions from being created and distributed on the network. Changing block rewards, creating coins from scratch, or stealing coins that do not belong to the attacker are also considered impossible.

What is the probability of a 51% attack?

Since a blockchain is maintained by a distributed network of nodes, all participants in effect cooperate in the process of reaching consensus. This is why the level of security is so high on the blockchain. The larger the network, the greater the protection against attacks and data corruption.

When it comes to Proof of Work blockchains, the more computing power a miner has, the greater their chances of finding the solution to the next block. This is true because mining involves a large amount of hashing attempts and more computing power means more attempts per second. Several early miners joined the Bitcoin network to contribute to its growth and security. With the rise in the price of bitcoin as a currency, many new miners have entered the system in order to compete for block rewards (currently set at 6.25 BTC per block). This constant competition is one of the reasons for the security of the Bitcoin network. Miners have no incentive to invest large amounts of resources other than to act honestly and attempt to receive the block reward.

Thus, a 51% attack on Bitcoin is rather unlikely due to the scale of the network. Once a blockchain is large enough, the likelihood that one entity or organization will obtain enough computing power to crush all other participants is very, very low.

Additionally, modifying previously confirmed blocks becomes increasingly difficult as the chain grows, with blocks all linked by cryptographic proofs. For the same reason, the more confirmations a block has, the higher the costs of modifying or canceling transactions. Therefore, a successful attack would likely only modify the transactions of a few recent blocks, for a short period of time.

To take this a step further, let's imagine a scenario in which a malicious entity is not motivated by profit and decides to attack the Bitcoin network only to destroy it, regardless of the cost. Even if the attacker manages to disrupt the network, the Bitcoin software and protocol would quickly be modified and adapted in response to this attack. This would require other nodes in the network to come to a consensus and accept these changes, but this would likely happen very quickly in an emergency situation. Bitcoin is highly resistant to attacks and is considered the safest and most trusted cryptocurrency available.

Although it is quite difficult for an attacker to obtain more computing power than the rest of the Bitcoin network, this is not so difficult to achieve for lower capitalization cryptocurrencies. Compared to bitcoin, altcoins have relatively low hashing power to secure their blockchain, low enough that 51% attacks are possible. Notable examples of cryptocurrencies that have been victims of majority attacks include Monacoin, Bitcoin Gold and ZenCash.