51% Attack

51% Attack


What Is a 51% Attack?

51% attack (or majority attack) refers to a potential threat to the integrity of a blockchain system in which a single malicious actor or organization manages to control more than half of the total hashing power of the network, potentially causing network disruption.
If a single bad user, or group of bad users acting together, control more than 50% of the total network hashing rate for a blockchain, they’ll be able to override the consensus mechanism of the network and commit malicious acts such as double-spending.
A 51% attack happens when an attacker has enough mining power to intentionally modify the ordering of transactions, preventing some or all transactions from being confirmed. This is also referred to as transaction denial of service. The attacker would also be able to prevent some or all other miners from mining, leading to the so-called mining monopoly.

51% Attack: Example

If a malicious actor was to take over 51% of the hashing power of the Bitcoin network, they could make an offline OTC trade by sending a few bitcoins to a cryptocurrency wallet in exchange for USD. Considering the implied immutability of the blockchain, as soon as the transaction is confirmed by the network nodes, the buyer would hand over the USD to the scammer.

The malicious actor could then go back in the blockchain to the block before the BTC transfer was confirmed and mine an alternate chain, in which the BTC transfer is not included. The majority share of the networking power would ensure that alternate is forced on the rest of the network.

The Limitations of 51% Attacks

While an attacker can cause a great deal of damage when conducting a 51% attack, a majority attack does not allow the malicious actor to prevent transactions from being broadcast, nor does it enable them to reverse transactions from other users. Changing the block’s reward, creating coins out of thin air, or stealing coins that never belonged to the attacker are also very improbable scenarios.

The further back a transaction is, the harder it would be to subvert it, as the number of new blocks to be mined to bring the network up to the current block height becomes further and further away. This is the reason why Bitcoin transactions usually require a threshold of 6 confirmations before clearing.

Is a 51% Attack on Bitcoin Possible?

A 51% attack on the Bitcoin blockchain is very unlikely because of the magnitude of the network. As the network grows, the possibility of a single person or entity obtaining enough computing power to overwhelm all the other participants gets increasingly unrealistic.

Therefore, 51% attacks are highly unlikely to happen on big networks, especially on the Bitcoin blockchain, which is considered the most secure cryptocurrency network. While many of the large blockchains have not yet suffered an attack of this kind, several attacks have been observed on smaller chains. For instance, the altcoin Bitcoin Gold — which is a fork from the main Bitcoin chain — suffered a 51% attack in May 2018, leading to the theft of $18 million worth of BTG at the time.

How to Prevent a 51% Attack on a Blockchain

Blockchains prevent a 51% attack using a combination of techniques. One way is by encouraging more participants to join the network and run their own nodes to support the network. The larger the number of participants contributing their resources, the more difficult it becomes for a single entity to dominate the network.

Consensus mechanisms, such as Proof-of-Work (PoW) and Proof-of-Stake (PoS), also play a crucial role in preventing 51% attacks. These mechanisms require nodes to agree on the validity of transactions before adding them to the blockchain. They make it economically and computationally expensive for an attacker to manipulate the network, as they would need to control a majority of the network's resources.

Promoting decentralization is another preventive measure. Distributing nodes across different locations and involving various participants means no single entity gains excessive control.