51% Attack Explained – a Beginner’s Guide

By: Ofir Beigel | Last updated: 5/4/20

A 51% attack is perhaps the most discussed threat to any public Blockchain asset. In this post, I’ll explain what a 51% attack is and what can be done to prevent it.

51% Attack Summary

A 51% attack describes a situation where a certain miner or mining pool, that owns more than 50% of all the network’s hashing power, acts maliciously to disturb the network’s operation.

That’s a 51% attack in a nutshell. If you want a more detailed explanation keep on reading, here’s what I’ll cover:

1. What is a 51% Attack?

A 51% attack describes a situation where a certain miner or mining pool, that owns more than 50% of all the network’s hashing power, acts maliciously to disturb the network’s operation.

A miner employing a 51% attack will be able to:

Double spend his coins. Prevent transactions from being confirmed.

A miner employing a 51% attack can NOT:

Reverse confirmed transactions. Create false transactions (that never occurred). Steal funds from a certain address. Create new coins.

Double Spending

Here’s how a 51% attack can be used for double spending:

The attacker sends coins to person ‘A’, while sending the same coins to person ‘B’. While the coins sent to A are publicly displayed on the blockchain, the attacker, who has massive hashing power, secretly mines blocks for the double spend transaction to B, without exposing it to the rest of the network.

After a few confirmations on the public blockchain where transaction A is valid, the attacker presents to the network his hidden mined blocks, where transaction B is valid. Since he has so much mining power, he can probably create a longer blockchain than the original one and validate his blocks.

In this case, the transaction sent to A will be canceled, since it does not appear on this new, longer blockchain.

The result: A ends up with no money, and the attacker may have already gotten the service he paid for.

Blocking Transactions

Anyone who controls the majority of the hashing power can decide which transactions to include in the next block. Due to that, an attacker can even decide to build a completely empty block, with no transactions.

Currency Risks

The general assumption is that a 51% would effectively kill the attacked digital currency, as the public’s trust in the network will erode and the price will plummet as people start dumping their holdings.

Having 51% of all mining power means having inordinate control and influence over the blockchain. Such problem even Satoshi could not have foreseen, without anticipating the rise of ASICs and huge mining pools.

2. How to Prevent a 51% Attack?

The main thing that helps prevent a 51% attack is the decentralization of miners. As long as no single entity has control of over 50% of the mining power, the network is safe.

Additionally, robust blockchains such as Bitcoin, are already considered inherently safe, as it would take an unreasonable amount of money to gain 51% of the Bitcoin network’s mining power.

One of the things to keep in mind is that someone with so much mining power would probably make more money using this power to mine legitimately, than by actually blocking transactions or double spending. This reduces the risk for such an attack substantially.

3. Experts’ Opinion on a 51% Attack

Andreas Antonopoulos

Andreas Antonopoulos – A distributed systems expert and a worldwide evangelist for Bitcoin has the following to say about a 51% attack:

Gavin Andresen

Gavin Andresen – Former chief scientist at the Bitcoin Foundation and lead developer of the core Bitcoin code wrote back in 2012 that miners on the network would “quickly figure out a rule or rules to reject” a 51% attack.

According to Andresen, a simple line of code could be added to Bitcoin that would stop a 51% attack in its tracks:

Ignore a longer chain orphaning the current best chain if the sum(priorities of transactions included in new chain) is much less than sum(priorities of transactions in the part of the current best chain that would be orphaned)

This would require the 51% attacker to not only have a majority of mining power, but also a majority of high-priority transactions happening on the network.

Such transactions can be faked by the attacker, but only for a limited time. Andresen’s hypothetical code would serve to reject the fraudulent blockchain being built by the attacker, and return the Bitcoin network to working order within a couple hours.

However, changing the rules for how the correct blockchain is chosen can have its own repercussions. Andresen expands on this point in his blog:

The devil is in the details, of course, and the risk of introducing a new chain-acceptance rule (high) has to be weighed against the chances that somebody rich and irrational will try to pull off the attack (low, in my opinion, but maybe I’m not sufficiently paranoid about Big Banks or Big Government using Dirty Tricks to shut down Bitcoin). Maybe I’ll code it up and keep it as a ‘Not To Be Used Except In Case of Emergency’ branch.

It’s clear that he doesn’t consider the 51% attack a real threat to Bitcoin, and it can easily be combated by a simple change to the code.

4. Historical 51% Attack Cases

Bitcoin Cash (May 2019)

Two Bitcoin Cash mining pools, BTC.com and BTC.top, carried a 51% attack on the Bitcoin Cash blockchain in order to stop an unknown miner from taking coins that he wasn’t supposed to have access to, while the network forked.

Even though some would argue the 51% attack was done to help the network, it still demonstrates the power these two mining pools have over the network.

Ethereum Classic (January 2019)

Coinbase identified a “deep chain reorganization” of the Ethereum Classic (ETC) blockchain which included a double spend on Saturday, Jan. 5 2019. Subsequently, Coinbase halted all ETC transactions.

Another exchange, Gate.io also confirmed that it had picked up at least seven double spend transactions after conducting its own investigation into the attack.

Vertcoin (December 2018)

4 different attacks on the Vertcoin network (a relatively anonymous coin ranking below #200 in the cryptocurrency charts) concluded in the theft of around $100,000.

Bitcoin Gold (May 2018)

More than $18 million were stolen through double spending in a Bitcoin Gold 51% attack conducted by an unknown malicious actor. Exchanges tried to fight off the attack by waiting for a longer amount of confirmations before approving transactions, but that did not seem to help a lot.

Bitcoin (January 2014) – potential threat averted

In January of 2014, a mining pool called Gash.io got so big that it neared 51% of the total mining power. This, of course, created some panic in the Bitcoin community but was fixed shortly after by miners who left the pool in order to balance things out. Additionally, the pool committed to a 40% limit for its future operations.

Feathercoin (June 2013)

16,000 coins were double spent in an attack on a Litecoin clone known as Feathercoin. Back in the day, this coin ranked relatively high in the cryptocurrency charts.

5. Conclusion

A 51% attack is an actual risk to any young blockchain without substantial diversification to its hashing power. More mature networks, like Bitcoin and Ethereum, are less prone to these types of attacks, but smaller altcoins should be aware of this risk.

What are your thoughts of a 51% attack? Is it an actual risk for Bitcoin or Ethereum? Let me know in the comments section below.