Ever since the first decentralized blockchain-based cryptocurrency (Bitcoin), there have been attempts at a network takeover, termed a “51% attack.” These occur when an individual or group of miners controls more than 50% of the networks hashing power, enabling them to create a fork of the blockchain that is constructed faster than the original. By doing this, the attacker is able to perform a double spend attack, whereby they send coins in the original blockchain until they are confirmed, and presumably, they’ve received their product or service. Once achieved, the attacker could then split the blockchain at a point prior to the transaction, essentially reversing and erasing it.
Other than revising the transaction history, such an attacker would also be able to prevent any transactions or new blocks from confirming, thus almost completely interrupting the network. They will not be able to generate coins out of thin air, change the block reward or gain access to other people’s coins, however, a 51% attack has limited utility, and is likely to be prohibitively expensive to carry out.
Due to the massive amounts of computing power required to successfully execute an attack on a well-established blockchain, these types of attacks are usually limited to smaller coins with a limited number of miners comprising its hashing network. Often, one or more test attacks are found that precede the main event, it is thought that the assailing party will launch an attack against a similar crypto, or testnet, before redirecting their efforts to their main target.
One of the earliest examples of a successful majority attack was executed against CoiledCoin, a shameless bitcoin clone with a few additional features. They were attacked by Luke-Jr using the Eligius mining pool. In his response to critics, Luke-Jr reports that his attack was aimed to shut down potential pyramid schemes that tarnish the reputation of Bitcoin, whilst indicating that future scams would be subject to the same fate.
Besides CoiledCoin, projects like Terracoin, Feathercoin, and many others have fallen victim to a majority attack. One of the standout examples was executed against the Krypton network, which was subjected to a less common attack that used a new dual-pronged approach, combining majority hashing power with a distributed denial of service (DDoS) to existing nodes to artificially increase the relative hashing power of the attacking party. During this attack, around 21,000 KR was stolen from the Krypton blockchain, which was sent to Bittrex and exchanged for Bitcoin, after which the attackers reversed the transactions by rolling back the blockchain, before making off with the Bitcoin. Following this event, Krypton suggested that all exchanges raise the minimum confirmation amount to 1000, to increase the difficulty in reverting the blockchain to an earlier state. Many believe that the Krypton attack was, in fact, a dry-run for a future attack on Ethereum, something that has still yet to occur.
Is Bitcoin vulnerable to such an attack?
So far, you’ve learned that executing a successful 51% attack on a large blockchain requires massive amounts of hashing power. You might think that such an attack would, therefore, be almost impossible for Bitcoin, the largest blockchain with a total hash rate of almost 27 Exahashes (that’s 27 million trillion hashes per second). You’re wrong. In fact, many mining pools have approached the power necessary to successfully initiate a 51% attack, for example, in July 2014, GHash.io, then one of the most popular bitcoin mining pools, managed to exceed 51% of the total hashing power of the bitcoin network. This lead many to believe that a majority attack on the bitcoin network was imminent. However, in response to this controversy, GHash.io released a voluntary statement promising not to exceed 39.99% of the total hashing power in future and asked other mining pools to commit to a <40% hash rate limit to protect the long-term safety of the blockchain.
Although most majority attacks are expected to be perpetrated by an unknown agent for financial gain, there have also been examples where two blockchains attack one another in an apparent takeover attempt. One example of this occurred in 2016, where Ethereum Classic users rallied to launch a majority attack on Ethereum in an attempt to kill it off. Though this attack was never launched, it shows that tensions between rival cryptocurrencies may eventually culminate in such attacks.
Nowadays, there is a much larger selection of mining pools, ensuring that the hashing power is more widely distributed. Currently, the largest Bitcoin pool is BTC.com which encompasses 25.9% of the network, whereas AntPool is a close second at 16.9%. Although they are both controlled by Bitmain, even the combined number is certainly too low to even consider an attack. The outlook is similar with Ethereum, where Ethermine, the current largest pool accounts for around a quarter of the number of blocks mined. It should be noted that with less than 50%, an attack can still be mounted, but is unlikely to succeed, it is estimated that somebody with just 40% of the hashing power has around a 50/50 chance to reverse a transaction 6 confirmations deep. Furthermore, certain cryptocurrency implementations based on proof-of-work principles or tangle are subject to attacks if only 34% of the network hashing power is attained, the IOTA team, for example, recognized this risk and implemented mitigation measures early in its development.
All in all, 51% attacks are of little threat to well-established cryptocurrencies and will likely continue to fade into obscurity as decentralization increases. However, these attacks still pose a significant threat to new coins, particularly if the attack is being maintained for a significant period of time, at which point the changes may become irreversible. Moving forwards, rig operators should refrain from joining the largest pools, despite the obvious benefits, whilst remaining vigilant.
Images via Pexels.