A 51% attack is perhaps the most discussed threat to any public Blockchain. Since Ethereum had another 51% attack (the second within a week of the first), It is probably timely to write about these sad things.
What is a 51% Attack?
If more than half the computer power on a network is run by a single person or a single group of people, then a 51% attack is in operation. This means this entity has full control of the network and can negatively affect a cryptocurrency by halting mining, stopping, or changing transactions, and reusing coins. (thank you goes to free-crypto.net)
A miner utilizing a 51% attack can:
- Double spend coins.
- Thwart transactions from being confirmed.
- create the longest chain to show the most proof of work
A miner utilizing a 51% attack cannot:
- Reverse confirmed transactions.
- Create false transactions.
- Steal funds from individual addresses.
- Create any new coins.
Here’s how a 51% attack utilizes double spending:
To carry out his fraudulent attack, this “perp” first sends cryptos to person ‘A.’ At the same time, the “perp” sends those same cryptos to person “B.” The cryptos sent to person “A” show on the blockchain. The “Perp,” who has massive *hashing power, covertly mines blocks for the **double-spend transaction to B, and hiding it from the network.
*Hashing Power = rate of speed blocks are created
**double-spend = a potential flaw in cryptocurrency systems referring to the risk that digital currency can be spent twice.
The “perp” will get a few confirmations on the public blockchain for person “A” then, before they get paid, will present After a few confirmations on the public blockchain where transaction A is valid, the attacker presents to the network his hidden mined blocks, where transaction B is valid. Since he has so much mining power, he can create longer blocks than the original and can validate his blocks.
What happens then? The funds the “perp” sent to person “A” canceled because it does not appear on this new, longer blockchain. The “Perp” likely has the service he paid for from person “A,” and they have a big fat 0 for their trouble!
The result: A ends up with no money, and the attacker may have already gotten the service for which he paid.
Those who control the most hashing power can control which transactions to include in the next blocks. Therefore, a “Perp” can decide to create empty blocks, with no transactions!
A 51% attack could effectively destroy the cryptocurrency that it attacks. WHY? The public would lose trust in the network, and a significant sell-off would plummet the value as owners started to dump their holdings.
Satoshi would never have seen the problem of the 51% issue and someone having the ability to control and influence the blockchain probably because Satoshi didn’t anticipate the rise of ASIC’s and huge mining pools.
How do you Prevent a 51% Attack?
The decentralization of miners helps prevent a 51% attack. The network is safe as long as no one single entity has control of the mining hash power.
The Bitcoin blockchain being very robust, is considered inherently safe because it would take a vast amount of money to gain 51% of the network’s mining power.
It is reassuring to remember that a miner with so much mining power would most likely make more money using this power to mine legitimately than to take the time to block transactions and do double-spending. This fact dramatically reduces the risk of a 51% attack substantially.
Experts’ Opinion on a 51% Attack
Andreas Antonopoulos – is a distributed systems expert and a worldwide evangelist for Bitcoin. Watch his video on Youtube.com to see what he has to say about these 51% attacks. I am sure you will enjoy it!
Gavin speaks about the 51% attack and some aspects of dealing with it on his blog (gaventech on Blogspot.com) The lead developer of the core Bitcoin and Former chief scientist, Gavin Newsome, wrote back in 2012 and predicted that miners on a network would quickly figure out a way to stop the 51% attacks.
According to Gavin Andresen, just adding a simple line of coding could be added to Bitcoin, which would quickly stop a 51% attack.
Gavin’s Thinking is as follows:
“…Ignore a longer chain orphaning the current best chain if the sum (priorities of transactions included in the new chain) is much less than sum (priorities of transactions in the part of the current best chain that would be orphaned) would mean a 51% attacker would have to have both lots of hashing power AND lots of old, high-priority bitcoins to keep up a transaction-denial-of-service attack. And they’d pretty quickly run out of old, high-priority bitcoins…”
An attacker could fake the transactions but only for a limited time. Andresen’s hypothetical code would reject the fraudulent blockchain built by the attacker. The Bitcoin network would return to the working order within a couple of hours.
As Andersen explains on his blog (gaventech on Blogspot.com), changing rules can also be detrimental and have its own repercussions:
“The devil is in the details, of course, and the risk of introducing a new chain-acceptance rule (high) has to be weighed against the chances that somebody rich and irrational will try to pull off the attack (low, in my opinion, but maybe I’m not sufficiently paranoid about Big Banks or Big Government using Dirty Tricks to shut down Bitcoin). Maybe I’ll code it up and keep it as a ‘Not To Be Used Except In Case of Emergency’ branch. “
It is evident that Andersen doesn’t see a 51% attack to be a severe threat to the Bitcoin Blockchain, and believes the simple addition of coding can easily combat it.
Historical 51% Attack Cases
In an attempt to stop an unknown attacker from stealing coins while the Bitcoin Cash network forked, two Bitcoin Cash mining pools (BTC.com and BTC.top) attacked the Bitcoin Cash Blockchain. Even though it could be said the 51% attack carried out to help the Bitcoin Cash network, it still exposes the power these two mining pools have on the system.
Ethereum Classic (January 2019)
Coinbase halted all ETC transactions when they found a “deep chain reorganization” of the Ethereum Classic (ETC) blockchain and a double spend on January 5th of 2019. Another exchange, Gate.io, also confirmed that it had picked up at least seven double spend transactions when it conducted its investigation of the attack.
Vertcoin (December 2018)
There were four different attacks on the Vertcoin network (a relatively small network which ranks below #200 in the cryptocurrency charts.) Still, the theft of around $100,000 is not insignificant at all.
Bitcoin Gold (May 2018)
More than $18 million stolen through double spending in a Bitcoin Gold 51% attack conducted by an unknown malicious actor. Exchanges tried to fight off the attack by waiting for a more extended confirmation time before approving transactions, but that did not seem to help a lot.
Bitcoin (January 2014)
In January of 2014, Gash.io, a mining company, got so large that it neared 51% of the total mining power, sending panic through the community. Any issues were avoided, however when a few miners left the pool to balance things out. Also, the pool limited its operations to no more than 40% to prevent future problems.
Feathercoin (June 2013)
A Litecoin clone known as Feathercoin had a 51% attack where 16,000 coins were double-spent. This coin ranked reasonably high on the Cryptocurrency charts back then.
A 51% attack could pose a risk perhaps but most especially to a young blockchain if they don’t have diversification to their hashing power. This is reason enough that altcoins should take heed to protect themselves. It gives great comfort to know that the “big” guys always watch for any signs of trouble.