• Blog
  • News
  • The 51% Attack – The Comprehensive Review
News

The 51% Attack – The Comprehensive Review

Everything You Should Know About a 51% Attack

A 51% attack is a vulnerability in PoW blockchains with the help of which an attacker takes control of transaction confirmation and block generation.

When someone wants to take control over the system and be the only one miner – they choose a special strategy (selfish mining). Such a strategy that allows miners to increase their profits by hiding blocks from the public network. Miners do not send a block to the network every time after generation but continue to mine new blocks on top of any independently found blocks. While competitors mine on top of older blocks, the selfish miner takes advantage.

There is an unspoken race between the public chain of honest miners and the private chain of selfish miners. Attackers must have enough computing power to make the secret chain longer than the public one.

As soon as a private blockchain becomes more extended than a public one, attackers release it on the network to receive rewards for finding blocks and user commissions. If the capacity of a private network is from 25% of the capacity of the entire network, selfish miners will continue to win the chain race until they are replaced by another selfish miner or a disadvantaged minority.

In the blockchains working on the Proof-of-Work (PoW) algorithm, it is not the longest chain that matters, but the most “reinforced” one.

The longest chain represents the majority of computing power only if there is no monopolist in the network (the owner of 51% or more power). If it is, then the longest chain may not represent the will of most miners.

The Benefits for Miners Once They Get 51%

The attack is more serious if the attackers control more than 51% of the network significantly. In this case, they are allowed to perform the following actions:

That sounds very bad, and even worse it may turn out when the attackers achieve the 51% capacity. For example, they:

However, even professional hackers are limited to options when they perform the attacks. The 51% attack does not allow attackers to carry out the following processes:

It is Possible to Launch the 51% Attack Nowadays?

A malicious mining pool can hire additional resources and launch an attack on the selected cryptocurrency. Based on the data from 51crypto service, the authors of the study “Studying the types of attacks on the blockchain” compiled a table of six cryptocurrencies and indicated the attack price per hour (cost).

According to this data, you can understand that attacking Bitcoin is not the best solution as it may cost cyber criminals millions of dollars. The famous “bitcoin guru” Andreas Antonopoulos believes that the bitcoin network is no longer at risk of a 51% attack due to the resources that miners spend on maintaining the network. Andreas says that there is no point in attacking Bitcoin in 2019, it will be too costly even for governments. But you can attack less powerful altcoins, says Andreas.

In order to carry out an attack on the blockchain, an attacker does not always need to have 51% or more computing power. The probability of success is calculated based on the attack time and the amount of computing power. Even if the attacker controls 40% of the network, he will be able to carry out the attack for two blocks with a 40% success rate. But miners are only a small part of the blockchain security model. After ten years, we saw real examples of attacks, and it turned out that the threat was greatly exaggerated.

51% Attack Examples

An attack of 51% is feasible. The mining pool Ghash.io for a short time in July 2014 possessed more than 50% of the processing power of Bitcoin. This led to the fact that the pool voluntarily tried to reduce its share in the network. The statement said that in the future it would not reach 40% of total production.

In May 2018, a group of malicious hackers gained control over 51% of the Bitcoin Gold altcoin network, which allowed them to steal $ 18 million in cryptocurrency from Bittrex, Binance, Bithumb, and Bitfinex. Bittrex accused the developers of negligence and demanded compensation from them. Otherwise, the exchange promised to close trading in BTG. The developers replied that this is a known type of threat. The Bittrex exchange did not take care of the precautions and is to blame for what happened.

In May 2019, two large mining pools carried out a 51% attack on the Bitcoin Cash network. According to them, they prevented the theft of unsecured SegWit coins, which were stored at addresses from where anyone could pick them up. These coins remained online after being separated from Bitcoin in 2017 but were blocked by developers until they turned out to be accidentally unlocked by a hard fork in May 2019.