What is a 51% attack?

Introduction

Before we dive into the details of a 51% attack, it’s necessary to take a closer look at mining and blockchain-based systems.

One of the main advantages of Bitcoin and its underlying blockchain technology is the distributed nature of building and verifying data. The decentralized work of nodes ensures that the rules of the protocol are followed and that all network participants agree on the current state of the blockchain. This means that the majority of nodes need to regularly reach consensus on the mining process, the software version used, the validity of transactions, etc.

Bitcoin’s consensus algorithm (proof of work) ensures that miners can only verify new transaction blocks if network nodes unanimously agree that the block hash value they provide is accurate (that is, the block hash value proves that the miner has done enough work and found a valid solution to the problem of the block).

As a decentralized ledger and distributed system, the blockchain infrastructure prevents any centralized entity from using the network for their own purposes, which is why there is no single authority on the Bitcoin network.

Since the mining process (in a PoW-based system) involves investing a lot of electricity and computing resources, the performance of a miner depends on the computing power it has, which is usually called hash power or hash rate. There are many nodes participating in the mining activity, and they are distributed in different locations. These nodes will compete with each other because they all want to be the next node to find a valid block hash value and get rewarded with newly generated Bitcoins.

As a result, mining power is distributed across different nodes around the world, which means that the hash rate is not controlled by a single entity. At least, it shouldn’t be.

But what happens if the hash rate is poorly distributed? For example, what if a single entity or organization is able to gain more than 50% of the hash power? One of the possible consequences is what we call a 51% attack, also known as a majority attack.

What is a 51% attack?

A 51% attack is a potential attack on a blockchain network where a single entity or organization is able to control a majority of the hash rate, potentially disrupting the network. At this point, the attacker would have enough mining power to intentionally exclude or modify the order of transactions. They could also reverse transactions that have already been made while controlling the network, leading to the double-spending problem.

A successful majority attack could also allow the attacker to prevent some or all transactions from being confirmed (transaction denial of service), or prevent some or all other miners from mining, leading to a so-called mining monopoly.

On the other hand, most attacks do not allow the attacker to reverse other users’ transactions, nor do they allow the attacker to prevent others from creating transactions and broadcasting them to the network. It is also not possible to change the block reward, create tokens out of thin air, or steal tokens that do not belong to the attacker.

How likely is a 51% attack?

Since blockchain is maintained by a distributed network of nodes, all participants cooperate in the process of reaching consensus. This is one of the reasons why blockchain is generally more secure. The larger the network, the stronger the ability to defend against attacks and data corruption.

With regard to proof-of-work blockchains, the more hashrate a miner has, the better the chances of finding a valid solution for the next block. This is true because mining involves countless hash attempts, and more computing power means more attempts can be made per second. Some early miners joined the Bitcoin network and contributed to its development and security. As the price of Bitcoin as a currency continued to rise, many new miners entered the system with the intention of competing for the block reward (currently set at 12.5 Bitcoins per block). The existence of this competition is one of the reasons why Bitcoin is secure. If it weren't for the desire to act honestly and work hard to get the block reward, miners would have no incentive to invest so much resources.

Therefore, due to the large size of the Bitcoin network, a 51% attack is unlikely to occur. Once the blockchain becomes large enough, the likelihood of a single person or group gaining enough computing power to overwhelm all other participants quickly drops to extremely low levels.

Furthermore, as the chain grows, it becomes increasingly difficult to change previously confirmed blocks, since the blocks are linked together through cryptographic proofs. By the same token, the more confirmations a block has, the more expensive it is to change or reverse the transactions in it. Therefore, a successful attack might only be able to modify transactions in the most recent few blocks for a short period of time.

Next, imagine if a malicious entity attacked the Bitcoin network not for profit, but simply to destroy it, regardless of the cost. Even if the attacker successfully compromised the network, the Bitcoin software and protocol would respond to their attack by quickly making modifications and adjustments. This would require consensus from other network nodes to agree on these changes, but if the situation is urgent, the process could be completed quickly. Bitcoin is highly resilient to attacks and is considered the most secure and reliable cryptocurrency in existence.

While gaining more computing power than the rest of the Bitcoin network is difficult for an attacker, it is much less challenging for smaller cryptocurrencies. Compared to Bitcoin, altcoins have relatively low hashrate securing their blockchains. Low enough to make a 51% attack feasible. Some notable examples of cryptocurrencies that have been subject to majority attacks are Monacoin, Bitcoin Gold, and ZenCash.