What is a 51% attack and how to detect it?

Despite being underpinned by blockchain technology that promises security, immutability and complete transparency, many cryptocurrencies such as Bitcoin SV (BSV), Litecoin (LTC) and Ethereum Classic (ETC) have suffered 51% attacks several times in the past. While there are many mechanisms by which malicious entities can and have exploited blockchains, a 51% attack, or a majority attack as it is also called, occurs when a group of miners or an entity controls more than 50% of the blockchain’s hash power and then takes control of the.
Arguably the most expensive and tedious method of compromising a blockchain, 51% of attacks have been mostly successful with smaller networks requiring lower hash power to overcome most nodes.
Understand a 51% attack
Before delving into the technique involved in a 51% attack, it is important to understand how blockchains record transactions, validate them, and the various controls built into their architecture to prevent any alteration. Using cryptographic techniques to link successive blocks, which are themselves records of transactions that have taken place on the network, a blockchain employs one of two types of consensus mechanisms to validate each transaction through the network of nodes and record them permanently .
While nodes in a proof-of-work (PoW) blockchain must solve complex mathematical puzzles to verify transactions and add them to the blockchain, a proof-of-stake (PoS) blockchain requires nodes to stake a certain amount of native token to get validator status. However, a 51% attack can be orchestrated by controlling the network’s mining hash rate or commanding more than 50% of the staked tokens in the blockchain.
To understand how a 51% attack works, consider if more than 50% of all nodes performing these validation functions conspire together to introduce a different version of the blockchain or perform a denial of service (DOS) attack. The latter is a type of 51% attack where the remaining nodes are prevented from performing their functions while the attacking nodes add new transactions to the blockchain or delete old ones. In either case, the attackers can potentially reverse transactions and even duplicate the original crypto token, which is akin to creating counterfeit currency.
Needless to say, such a 51% attack can compromise the entire network and indirectly cause huge losses to investors who hold the original token. While creating an altered version of the original blockchain requires a phenomenally large amount of computing power or staked cryptocurrency in the case of large blockchains like Bitcoin or Ethereum, it is not so far-fetched for smaller blockchains.
Even a DOS attack is capable of crippling the functioning of the blockchain and can negatively affect the price of the underlying cryptocurrency. However, it is unlikely that older transactions beyond a certain cut-off can be reversed and thus only the most recent or future transactions made online are at risk.
Is a 51% Attack on Bitcoin Possible?
For a PoW blockchain, the probability of a 51% attack decreases as the hash power or computational power used per second for mining increases. In the case of the Bitcoin (BTC) network, the perpetrators would need to control more than half of the Bitcoin hash rate currently sitting at ~290 exahashes/s of hashing power, which would require them to access at least 1.3 million of the most powerful application-specific integrated circuits (ASIC) miners such as Bitmain’s Antminer S19 Pro which retails for around $3,700 each.
This would mean that attackers would have to buy a total of around $10 billion worth of mining equipment just to have a chance to perform a 51% attack on the Bitcoin network. Then there are other aspects such as power costs and the fact that they would not be entitled to any of the mining rewards that apply to honest nodes.
But for smaller blockchains like Bitcoin SV, the scenario is quite different, as the network’s hash rate is around 590PH/s, making the Bitcoin network almost 500 times more powerful than Bitcoin SV.
However, in the case of a PoS blockchain like Ethereum, malicious entities would need to have more than half of the total Ether tokens (ETH) locked up in stake contracts on the network. This would require billions of dollars just to purchase the necessary computing power to even have some idea of launching a successful 51% attack.
Also, in the event that the attack fails, all the staked tokens may be confiscated or locked, dealing a heavy financial blow to the entities involved in the alleged attack.
How to detect and prevent a 51% attack on a blockchain?
The first check for any blockchain will be to ensure that no single entity, group of miners or even a mining pool controls more than 50% of the network’s mining hashrate or the total number of tokens staked.
This requires blockchains to keep a constant check on the entities involved in the mining or staking process and take remedial action in the event of a breach. Unfortunately, the Bitcoin Gold (BTG) blockchain could not anticipate or prevent this from happening in May 2018, with a similar attack repeating itself in January 2020 that saw almost $70,000 worth of BTG being double-spent by an unknown actor.
In all of these cases, the 51% attack was made possible by a single network attacker gaining control of more than 50% of the hash power and then proceeding to carry out deep rearrangements of the original blockchain that reversed completed transactions.
The repeated attacks on Bitcoin Gold highlight the importance of relying on ASIC miners instead of cheaper GPU-based mining. Since Bitcoin Gold uses the Zhash algorithm that makes mining possible even on consumer graphics cards, attackers can afford to launch a 51% attack on the network without having to invest heavily in the more expensive ASIC miners.
This 51% attack example highlights the superior security controls offered by ASIC miners, as they require a higher investment quantum to obtain them and are built specifically for a particular blockchain, making them useless for mining or attacking other blockchains.
However, in the event that miners of cryptocurrencies such as BTC shift to smaller altcoins, even a small number of them could potentially control more than 50% of the altcoin’s smaller network hashrate.
Also, with service providers like NiceHash allowing people to rent hashing power for speculative crypto mining, the cost of launching a 51% attack can be drastically reduced. This has drawn attention to the need for real-time monitoring of chain organizations on blockchains to flag an ongoing 51% attack.
MIT Media Lab’s Digital Currency Initiative (DCI) is one such initiative that has built a system to actively monitor a number of PoW blockchains and their cryptocurrencies, reporting any suspicious transactions that may have double-spent the original token during a 51% attack.
Cryptocurrencies such as Hanacoin (HANA), Vertcoin (VTC), Verge (XVG), Expanse (EXP) and Litecoin are just a few examples of blockchain platforms that faced a 51% attack as reported by the DCI initiative.
Of them, the July 2019 Litecoin attack is a classic example of a 51% attack on a proof-of-stake blockchain, although the attackers did not mine new blocks and double-spent LTC tokens worth less than $5,000 at the time of the attack .
This highlights the lower risk of 51% attacks on PoS blockchains, deeming them less attractive to network attackers, and is one of many reasons why an increasing number of networks are moving to the PoS consensus mechanism.