Despite the enormous amount of resources required to create them, small-cap cryptocurrencies are still vulnerable to 51% attacks.
Despite the fact that blockchain technology promises security, immutability, and complete transparency, many cryptocurrencies, including Bitcoin SV, Litecoin, and Ethereum Classic, have been subject to 51% attacks in the past. While there are numerous ways for malicious entities to exploit blockchains, a 51% attack, also known as a majority attack, occurs when a group of miners or an entity controls more than 50% of the blockchain’s hashing power and then takes control of it.
Despite being the most expensive and time-consuming method of compromising a blockchain, 51% of attacks have been mostly successful with smaller networks that require less hashing power to overcome the majority of nodes.
Understanding a 51% attack
Before delving into the technique used in a 51% attack, it’s important to understand how blockchains record transactions, validate them, and the various controls built into their architecture to prevent tampering. A blockchain uses cryptographic techniques to connect subsequent blocks, which are records of transactions that have occurred on the network, and one of two types of consensus mechanisms to validate and record every transaction through its network of nodes.
While nodes in a proof-of-work (PoW) blockchain must solve complex mathematical puzzles to verify and add transactions to the blockchain, nodes in a proof-of-stake (PoS) blockchain must stake a certain amount of the native token to earn validator status. A 51% attack can be carried out in either case by controlling the network’s mining hash rate or commanding more than 50% of the staked tokens in the blockchain.
To understand how a 51% attack works, imagine that more than 50% of all validating nodes conspire to introduce a different version of the blockchain or to launch a denial-of-service (DOS) attack. The latter is a type of 51% attack in which the remaining nodes are prevented from performing their functions while the attacking nodes add new transactions or erase old ones from the blockchain. In either case, the attackers may be able to reverse transactions and even double-spend the native crypto token, effectively creating counterfeit currency.
Needless to say, a 51% attack can compromise the entire network, resulting in significant losses for investors who hold the native token. Even though creating a modified version of the original blockchain requires a massive amount of computing power or staked cryptocurrency in the case of large blockchains such as Bitcoin or Ethereum, it isn’t as difficult for smaller blockchains.
Even a denial-of-service attack can halt the blockchain’s operation and have a negative impact on the price of the underlying cryptocurrency. However, it is unlikely that older transactions beyond a certain cut-off can be reversed, putting only the most recent or future network transactions at risk.4
Is a 51% attack on Bitcoin possible?
The probability of a 51% attack on a PoW blockchain decreases as hashing power or computational power used per second for mining increases. In the case of the Bitcoin network, perpetrators would need to control more than half of the Bitcoin hash rate, which currently stands at 290 exahashes/s hashing power, which would necessitate gaining access to at least 1.3 million of the most powerful application-specific integrated circuit (ASIC) miners, such as Bitmain’s Antminer S19 Pro, which costs around $3,700 each.
This means that attackers would need to spend around $10 billion on mining equipment in order to launch a 51% attack on the Bitcoin network. Other considerations include the cost of electricity and the fact that they would not be eligible for any of the mining rewards available to honest nodes.
However, the situation is quite different for smaller blockchains such as Bitcoin SV, as the network’s hash rate is around 590PH/s, making the Bitcoin network nearly 500 times more powerful than Bitcoin SV.
In the case of a PoS blockchain, such as Ethereum, malicious entities would need to control more than half of all Ethertokens locked up in staking contracts on the network. This would cost billions of dollars just to buy the necessary computing power to even have a chance of launching a successful 51% attack.
Furthermore, if the attack fails, all staked tokens could be confiscated or locked, dealing a significant financial blow to the entities involved in the alleged attack.
How to detect and prevent a 51% attack on a blockchain?
The first rule of thumb for any blockchain is that no single entity, group of miners, or even a mining pool controls more than 50% of the network’s mining hashrate or total number of staked tokens.
This necessitates blockchains constantly monitoring the entities involved in the mining or staking process and taking corrective action in the event of a breach. Unfortunately, the Bitcoin Gold (BTG) blockchain was unable to predict or prevent this from occurring in May 2018, with a similar attack repeating in January 2020, resulting in nearly $70,000 worth of BTG being double-spent by an unknown actor.
The 51% attack was made possible in all of these cases by a single network attacker gaining control of more than 50% of the hashing power and then conducting deep reorganizations of the original blockchain that reversed completed transactions.
The repeated attacks on Bitcoin Gold highlight the importance of using ASIC miners rather than cheaper GPU-based mining. Because Bitcoin Gold employs the Zhash algorithm, which allows mining on consumer graphics cards, attackers can launch a 51% attack on its network without investing heavily in more expensive ASIC miners.
This 51% attack illustrates the superior security controls provided by ASIC miners, which require a higher level of investment and are built specifically for a specific blockchain, rendering them useless for mining or attacking other blockchains.
However, if cryptocurrency miners such as BTC shift to smaller altcoins, a small number of them could potentially control more than 50% of the altcoin’s smaller network hashrate.
Furthermore, because service providers like NiceHash allow people to rent hashing power for speculative crypto mining, the costs of launching a 51% attack can be drastically reduced. This has heightened awareness of the need for real-time monitoring of chain reorganizations on blockchains in order to detect an ongoing 51% attack.
The MIT Media Lab’s Digital Currency Initiative (DCI) is one such initiative, with a system in place to actively monitor a number of PoW blockchains and their cryptocurrencies, reporting any suspicious transactions that may have double-spent the native token during a 51% attack.
Hanacoin (HANA), Vertcoin (VTC), Verge (XVG), Expanse (EXP), and Litecoin are just a few examples of blockchain platforms that experienced a 51% attack, according to the DCI initiative.
The July 2019 Litecoin attack is a classic example of a 51% attack on a proof-of-stake blockchain, despite the fact that the attackers did not mine any new blocks and double-spent LTC tokens worth less than $5,000 at the time of the attack.
This highlights the lower risks of 51% attacks on PoS blockchains, making them less appealing to network attackers, and is one of many reasons why an increasing number of networks are switching to the PoS consensus mechanism.