What is a 51% attack and how to detect it?


Despite being backed by blockchain technology that promises security, immutability and complete transparency, many cryptocurrencies such as Bitcoin SV (BSV), Litecoin (LTC) and Ethereum Classic (ETC) have suffered 51% attacks several times in the past. While there are many mechanisms by which malicious entities can and do exploit blockchains, a 51% attack, or cluster attack, occurs when a group of miners or one entity controls more than 50% of the blockchain’s hashing power. then takes control over it.

Arguably the most expensive and tedious way to break a blockchain, 51% of attacks were largely successful with smaller networks requiring lower hashing power to break through the majority of nodes.

Understanding the 51% attack

Before delving into the techniques involved in the 51% attack, it is important to understand how blockchains record transactions, validate them, and the various controls built into their architecture to prevent any tampering. Using cryptographic techniques to link subsequent blocks, which are themselves records of transactions that have taken place on the network, blockchain adopts one of two types of consensus mechanisms to validate each transaction through a network of nodes and record them permanently.

While nodes in a proof-of-work (PoW) blockchain must solve complex mathematical puzzles to verify transactions and add them to the blockchain, in a proof-of-stake (PoS) blockchain, nodes are required to purchase a certain amount of stake. local token to earn validator status. Either way, a 51% attack can be orchestrated by controlling the network’s mining hashrate or commanding more than 50% of the tokens staked on the blockchain.

To understand how a 51% attack works, imagine that more than 50% of all nodes performing these validation functions combined to present a different version of the blockchain or to launch a denial-of-service (DOS) attack. The latter is a type of 51% attack, where the attacking nodes go to add new transactions to the blockchain or delete old ones, while the remaining nodes are prevented from performing their functions. In either case, attackers could potentially reverse transactions and even double-spend the local crypto token, similar to creating counterfeit currency.

Diagrammatic representation of a 51% attack

Needless to say, such a 51% attack could disrupt the entire network and indirectly cause huge losses to investors holding the local token. While creating a modified version of the original blockchain requires quite a large amount of computing power or staked cryptocurrency in the case of large blockchains like Bitcoin or Ethereum, it is not that difficult for smaller blockchains.

Even a DOS attack can paralyze the functioning of the blockchain and negatively affect the underlying price of the cryptocurrency. However, it is unlikely that older transactions outside of a certain slice can be rolled back, thus only putting the most recent or future transactions on the network at risk.

Is a 51% Attack on Bitcoin Possible?

For the PoW blockchain, the probability of a 51% attack decreases as the hash power or computing power used per second for mining increases. In the case of the Bitcoin (BTC) network, criminals would need to control more than half of Bitcoin’s hash rate, which currently stands at ~290 exahashes/s hashing power, requiring them to gain access to at least 1.3 million. powerful application-specific integrated circuit (ASIC) miners like Bitmain’s Antminer S19 Pro, which sells for around $3,700 each.

This means that attackers would need to purchase a total of $10 billion worth of mining equipment to have a 51% chance of carrying out an attack on the Bitcoin network. Then there are other aspects like electricity costs and not having any of the mining rewards that apply to honest nodes.

However, the scenario is completely different for smaller blockchains like Bitcoin SV, as the hash rate of the network is around 590PH/s, making the Bitcoin network almost 500 times stronger than Bitcoin SV.

In the case of a PoS blockchain like Ethereum, malicious entities must own more than half of the total Ether (ETH) tokens locked in stake contracts on the network. This would require billions of dollars in terms of purchasing the necessary computing power just to carry out a 51% successful attack.

Moreover, in the scenario where the attack fails, all staked tokens could be confiscated or locked, which could cause a huge financial blow to the entities involved in the alleged attack.

How to detect and prevent a 51% attack on Blockchain?

The first check for any blockchain would be to ensure that no single entity, group of miners, or even one mining pool controls more than 50% of the network’s mining hashrate, or the total number of tokens staked.

This requires blockchains to constantly audit entities involved in the mining or staking process and take corrective action in the event of a breach. Unfortunately, the Bitcoin Gold (BTG) blockchain was unable to anticipate or prevent this from happening in May 2018, when a similar attack was repeated in January 2020, causing an unknown actor to double spend nearly $70,000 worth of BTG.

In all of these cases, the 51% attack was made possible by a single network attacker taking control of more than 50% of the hashing power and then proceeding with a deep reconstruction of the original blockchain, reversing the completed transactions.

Repeated attacks on Bitcoin Gold show the importance of relying on ASIC miners instead of cheaper GPU-based mining. Because Bitcoin Gold uses the Zhash algorithm, which makes mining possible even on consumer graphics cards, attackers can mount a 51% attack on their network without investing heavily in more expensive ASIC miners.

This 51% attack example highlights the superior security controls offered by ASIC miners, as they require a higher investment to acquire and are built for a specific blockchain, making them unsuitable for attacking or mining other blockchains.

However, if cryptocurrency miners like BTC migrate to smaller altcoins, even a small fraction of them could potentially control more than 50% of the altcoin’s smaller network hashrate.

Moreover, with service providers like NiceHash that allow people to rent hashing power for speculative cryptocurrency mining, the costs of launching a 51% attack can be drastically reduced. This highlighted the need for real-time monitoring of chain reconstructions on blockchains to highlight the ongoing 51% attack.

MIT Media Lab’s Digital Currency Initiative (DCI) is one such initiative, which has set up a system to actively monitor a number of PoW blockchains and their cryptocurrencies, reporting any suspicious transactions that double-spent the local token during a 51% attack.

Cryptocurrencies such as Hanacoin (HANA), Vertcoin (VTC), Verge (XVG), Expanse (EXP), and Litecoin Cash are just a few examples of blockchain platforms that have experienced 51% attacks as reported by the DCI initiative.

Of these, the July 2019 Litecoin Cash attack is a classic example of a 51% attack on a proof-of-stake blockchain, even though the attackers did not mine any new blocks and double-spent Litecoin Cash (LCC) tokens. worth less than $5,000 at the time of the attack.

This highlights the lower risks of 51% attacks on PoS blockchains, making them less attractive to network attackers and one of the many reasons why the number of networks moving to a PoS consensus mechanism is increasing.