One of the hallmarks of the cryptocurrency space is decentralization. The idea is to give all participants a voice in a crypto network, to provide them with the ability to earn rewards from a network’s growth, and to prevent any single player or authority from taking control and making decisions that benefit them more than other stakeholders.
However, decentralization is more than just a democratic feature to woo developers and investors. Decentralization is also a design to keep crypto safe from cyberattacks. But what happens when most of the network’s mining power is being run by a single group of miners — that’s when the scheme is called a 51% Attack.
Bitcoin SV, Verge and Ethereum Classic are all examples of projects that have suffered 51% attacks. But what is it, how does it work, and what damage can it do?
Defining the 51% attack
A blockchain is a distributed ledger — essentially a database — that records transactions and information about them and then encrypts the data. The blockchain’s network reaches a majority consensus about transactions through a validation process, and the blocks where the information is stored are sealed. The blocks are linked together via cryptographic techniques where previous block information is recorded in each block. This makes the blocks nearly impossible to alter once they are confirmed enough times.
A 51% attack (or majority attack) refers to an attack on the blockchain system in which a single malicious user or group manages to take over more than half of the total hashing power of the network — the computing that solves the cryptographic puzzle in blockchains that turns into cryptocurrency as a reward — potentially causing network disruption. This group introduces an altered blockchain to the network at a very specific point in the blockchain, which is theoretically accepted by the network because the attackers would own most of it.
Changing historical blocks — transactions locked in before the start of the attack — would be extremely difficult even in the event of a 51% attack. The further back the transactions are, the more difficult it is to change them. It would be impossible to change transactions before a checkpoint, where transactions become permanent in Bitcoin’s blockchain.
How does a 51% attack work?
When a cryptocurrency transaction occurs, newly mined blocks must be validated by a consensus of nodes or computers attached to the network. Once this validation occurs, the block can be added to the chain.
The blockchain contains a record of all transactions that anyone can view at any time. This record keeping system is decentralized, meaning no single person or entity has control over it. Different nodes or computer systems work together to mine, so the hashrate for a particular network is also decentralized.
However, when one or more miners control a majority of the hashrate, the cryptocurrency network is disrupted. This disruption is a 51% attack. Those responsible for a 51% attack would then be able to:
- Exclude new transactions from being recorded
- Modify the ordering of transactions
- Prevent transactions from being validated or confirmed
- Block other miners from mining coins or tokens within the network
- Reverse transactions to double-spend coins
These side effects of a block attack can be problematic for cryptocurrency investors and those who accept digital currencies as payment.
For example, a double-spend scenario would allow someone to pay for something using cryptocurrency, then reverse the transaction after the fact. The malicious actor would effectively be able to keep whatever they purchased along with the cryptocurrency used in the transaction, bilking the seller.
51% attacks
Smaller and new blockchain networks are more prone to malicious tampering than large and established ones like Ethereum and Bitcoin. This is because new blockchains still have a short recorded transaction history (blocks) that can easily be altered or tampered with, unlike the present Ethereum and Bitcoin which already has significant transaction history, and it keeps on adding every second. But this does not mean that Ethereum and Bitcoin are already safe from 51% attacks.
A hacker could use more powerful computing equipment, such as ASICs (application-specific integrated circuits) on a network, primarily using off-the-shelf purchased GPUs (graphics processing units) to carry out a 51% attack. Although even more unlikely, a proof-of-stake system could also be attacked by accumulating more than half of the value of crypto tokens on a network.
Although unlikely, a 51% attack is possible — and has occurred in some instances.
One example is Bitcoin Gold (BTG), a hard fork from Bitcoin, that suffered a 51% attack in 2018. More than $18 million of Bitcoin Gold was stolen. Another attempted attack came in 2020 but was quickly thwarted.
In 2021, another Bitcoin hard fork called Bitcoin SV (BSV) suffered a series of 51% attacks. The hackers were able to delete or alter the newest blocks after it took control of the network.
Ethereum Classic (ETC), which was also created by a hard fork from Ethereum in 2016, got hit by a 51% attack in 2020. Several million dollars were reportedly stolen.
In all three cases, developers were able to implement new protocols to help prevent further malicious tampering. However, all three cryptos deteriorated in value in the months immediately following these events.
What does 51% attack mean for investors?
Individual investors don’t have to worry too much about 51% attacks if they primarily invest in well-established cryptocurrencies, which generally have the most secure blockchains. For the cryptocurrencies with the largest market values and greatest adoption rates, the cost and resources required are simply far too great to make 51% attacks feasible. Only state-sponsored hacking groups could even contemplate a 51% attack on a major cryptocurrency.
You can lower your risk of dealing with a 51% attack by limiting your exposure to less-established cryptocurrencies that seem risky. Knowing about 51% attacks is a great first step toward minimizing the likelihood of your cryptocurrency ever experiencing one.
Keep in mind that the larger a blockchain grows, the more difficult it becomes for rogue miners to attack it. On the other hand, smaller networks may be more vulnerable to a block attack.
How to avoid a 51% attack?
Like any other cybercrimes, there are ways for you to be safe from 51% attacks. Here are three (3) effective methods you must consider.
- 50% Limit on a single miner. The blockchain should ensure that no single miner or group of miners controls more than 50% of the hashing power. It would be impossible for a single miner or a group to attack the network by outbuilding the longest validated blockchain. To achieve the attack, it would mean that the attacker has to own powerful hardware and requires tremendous energy. Also, an attacker may need luck since the mining process would be random.
- The use of Proof-of-Stake. A single miner can become the majority player in a small blockchain network. All the blockchain networks that use PoW have a policy that the miners have to upgrade their equipment regularly. Failure to do so, may lead to them not receiving the block rewards, and they will fall behind other miners in the network.
To avoid the risk of a 51% attack, the blockchain can use Proof of Stake (PoS), which is a more secure consensus than PoW. In most cases, the PoS incentives are controlled by most affluent users unlikely to perform the attack. However, blockchains have moved from this structure, and they prefer more decentralized alternatives such as Delegated-Proof-of-Stake (DPoS). - Strong network community. When using the PoS or DPoS, a user with a minimal stake level in a network is voted a block validator. The validators are voted in by the community. In case of collusion to compromise the network, they are thrown out of the network by the community.
This approach prevents the occurrence of a 51% attack. It is also effective in avoiding double-spending as the rules for the malicious validators are coded into the blockchain.
Final Thoughts
Cryptocurrency investing may appeal to investors if they’re comfortable taking more risks to pursue higher returns. If an investor is new to cryptocurrency trading, the prospect of a 51% attack might seem intimidating. Understanding how they work and the likelihood of one occurring can help them feel more confident.
All computing systems are going to be subject to attempted attack from bad actors. This is a risk that digital currencies in general face, and it’s a factor investors should consider before buying a cryptocurrency or participating in a blockchain network’s activity. However, more traditional money has its issues, too, such as forgery.
While 51% attacks are rare, there are other risks with the blockchain and cryptocurrency industry. This is a new technology, and it’s still developing and rapidly evolving. Additionally, many disagree on how to properly value cryptocurrencies and digital assets, so cryptocurrency prices are highly volatile. If you decide to invest in this space at all, remember to make it part of a well-diversified portfolio that features other asset classes.
