51% Attack - How to take over the blockchain

The past few years, certain cryptocurrencies have suffered a so-called 51% attack. During such a majority attack, a currency’s blockchain is targeted. The purpose? To change the rules and get away with it (but probably just to steal money). But what does a 51% attack actually mean and how often does it happen? In today’s article we are going to take a look at the definition of a 51% attack and some famous examples that happened throughout the years.

Blockchain basics

Before we dive into the specifics, we are going to look at some blockchain basics. Blockchains are known for their decentralized nature, meaning that no third party or entity has control over the network. All transaction verifications are evenly distributed over the entire network and all nodes verify each other. These nodes and users all follow the same set of rules. In a Proof-of-Work consensus algorithm (Bitcoin), miners are rewarded for ‘mining’ the next block. Simply put, they invest electricity and computing power (referred to as hash rate) and get a reward (currency) in return.

A 51% attack is when one single entity (person or organization) has control over 51% of a blockchain’s hash rate (computing powers). Because this single entity has the majority of the mining power, the immutable factor is immediately compromised. Suddenly, the majority can change certain rules and can change how nodes verify each other. This entity would be able to do one of the following things:

• Stop transactions from being confirmed;
• Prevent others from mining (therefore creating a monopoly);
• Modify or exclude the order of transactions;
• Reverse transactions (causing them to be double-spend).

Although such an attack has an extreme effect on the blockchain, certain rules can’t be altered. For example, the attackers are not able to reverse other people’s transactions nor prevent them from being created. They can’t alter block rewards nor can they create new coins.

51% attacks throughout the years

But how is a 51% attack orchestrated? Theoretically, it is possible for one person to control 51% of a currency’s hashing power, but it would have to be a pretty small network. For bigger blockchains, multiple miners could collaborate and seize control of the network. Another possibility is via certain mining pools. A mining pool, is when multiple resources ‘pool’ their mining capabilities together and share the rewards evenly. Throughout the years, certain mining pools have gotten so big that their influence on the network became enormous.

51% attack on BTC is really hard. Not only do you have to get 51% of the hash power in terms of mining equipment, but you also have to get access to enough electricity to feed those machines. Over time, this is going to be the much harder thing to obtain.

— Jimmy Song (송재준) (@jimmysong) January 9, 2019

Let’s take a look at some famous examples 51% attacks (or threats) throughout the cryptocurrency history:

1. Bitcoin, June 2014: Mining pool Gash.io was nearing 51% of all computing powers, unleashing a discussion in the crypto community. Eventually, influential Gash.io miners left the pool and initiated a hard cap of 40%
2. Vertcoin, December 2018: Within a short period of time, Vertcoin had to endure four attacks on its mining network. Resulting in the theft of approximately $100.000. The negative publicity had an enormous effect on Vertcoin.
3. Ethereum Classic, January 2019: It was Coinbase that identified a double spent transaction on the ETC blockchain, resulting in a short transaction pause. Exchange Gate.IO also concluded that seven double spends had occurred on the ETC blockchain.
4. Bitcoin Cash, May 2019: Due to a BCH hard fork a certain bug was found, giving miners the opportunity to split and empty blocks. To prevent a catastrophe, BTC.com and BTC.top (two big mining pools) decided to ‘pool’ their resources together and stop miner’s trying to take advantage. Interestingly, this 51% attack was initiated to prevent harm on the network instead of the other way around.

Ghash.IO official statement on the 51% threat can be found here: https://t.co/5ZnKQ2NP47

— CEX.IO (@cex_io) January 9, 2014

In light of recent network attacks, it's recommended that all exchanges, mining pools, and other ETC service providers significantly raise confirmation times on all deposits and incoming transactions. @okex @binance @HuobiGlobal @hitbtc @coinbase @digifinex @etherchain_org

— Ethereum Classic (@eth_classic) August 6, 2020

How can a 51% attack be prevented?

We can conclude that the bigger a currency becomes, the harder it is for a 51% attack to occur. For example, the Bitcoin blockchain has become so huge that an orchestrated 51% attack on the network would cost approximately 14 billion euro in terms of collective hashing powers. Smaller blockchains have a bigger risk and could be targeted by mining pools or mining farms with ill intentions. A way to prevent majority attacks is via a Proof-of-Stake (PoS) consensus algorithm instead of Proof-of-Work. With PoS, miners are rewarded by staking (holding) their coins. The reward is paralleled to the amount of currency that you are staking. A 51% attack is technically possible, but the attacker would have to own 51% of the currency. These last few years, other solutions have risen to the surface such as Delegated Proof-of-Stake algorithms or Ethereum Classic’s Modified Exponential Subjective Scoring (MESS). In the next article, we are going to take a closer look at these prevention tactics keeping the blockchain industry safe and sound.