51% Attack description
51% attack is a hackers’ assault on the blockchain network, where one person or a group of miners, for example, one mining pool can control much of the hashing speed. It can lead to disruption of the network processes as the attacker will have enough hashing power to exclude or change a specific transaction or the order of transactions. Attackers can undo the transactions they have made, which leads to the problem of double-spending.
Cryptocurrencies are using the idea of distributed ledgers to make the system reliable and to prevent the central authority from controlling the network. A 51% attack is the ability of someone who controls most of the network’s hashing speed to edit the transaction history and prevent validation of new transactions. As a result of such an attack, the idea of a decentralized network would collapse. Miners would be able to confirm forged blocks containing fraudulent transactions, leading to unimaginable losses of funds. Such a situation is dangerous for miners and ordinary users - they can lose their money.
What are the benefits of owning 51%?
- The attackers do not allow other miners (validators) to find new blocks. It is so-called selfish mining;
- It gives them the opportunity of double-spending;
- They can fork the main blockchain, i.e, break the network into two competing chains;
- They do not allow the confirmation of transactions or blocks.
- The hackers will collect all rewards and fees, during the attack
When the hackers control significantly more than 51% of the network, the attack becomes more serious. They can steal from any smart-contracts and channels, such as Lightning Network; reduce and manipulate mining complexity; steal coins that are not dated by the genesis block (by rolling back the old blocks and retaking the rewards for it); delete smart-contracts or transaction history (by rolling back old blocks and editing the list of included transactions).
At the same time, an attack of 51% on its own does not allow attackers to:
- Get your private key or fake a signature;
- Get the coins received as a result of the smart-contract malfunctioning;
- Send, freeze or burn your coins in staking instead of you;
- Manage the decisions of complete nodes (validators).
What is selfish mining?
It is a strategy that allows miners to increase their income by hiding blocks from the public network. These miners do not send a block to the network after generation, but they continue to mine new blocks on top of found blocks. While honest miners are producing new blocks on top of older blocks, a selfish miner takes an advantage. Thus, there is a race between the public chain of honest miners and the private chain of selfish miners. Attackers must have enough computing power to make a private chain longer than a public one. As soon as the private blockchain becomes longer, the attackers send it to the network to collect rewards for all the blocks generated.
How does double-spending work?
Imagine that the offender has significant hashing power (51% or more) and he pays with a supplier for a product or service. The sender accepts a large number of cryptocurrencies, the transaction is almost complete, sent to the common blockchain, and after several confirmations, the parties say goodbye to each other.
Owning 51% of the hashing power and staying anonymous, the hacker “returns” the coins to himself, because after sending the funds, he rolls back the blockchain to an earlier state: He makes two transactions, first sends coins to the seller (the supplier), but a few moments later he sends the same sum of coins to the other address. If the provider has not waited for confirmation of the transaction on the network, the miner will verify and validate the second transaction, and the network will “exclude” the first transaction from the blockchain history and it remains unfulfilled. At first, the supplier can see the receipt of money in the wallet, but later, the transaction will be canceled as unconfirmed. Due to such schemes, coins are returned to the attacker’s wallet and can be spent twice or more. Theoretically, if a transaction has 1 or 2 confirmations, double-spend is excluded, but it’s better to wait for 6 or more confirmations on the network.
Cryptocurrencies based on PoS (Proof-of-Stake) consensus algorithm are unlikely to be attacked. In order to carry out a 51% attack, hackers need to buy a large number of coins - it is more expensive than taking control of hashing power on PoW (Proof-of-Work)-based currency.
This type of attack is being conducted on new cryptocurrencies since there is no need for high computing power. To execute a 51% attack on the Bitcoin or Ethereum blockchains, the attacker requires too many resources which renders such an attack unprofitable.
Hardfork after 51% attack.
With a 51% attack, the hacker can create a new cryptocurrency. The PoW consensus algorithm was designed to prove the integrity of the chain but does not protect against branching (forks). Suppose, that the attacker stealthily mines a few new blocks, and then “throw” them into the main network. If there is no community support, an honest minority of 49% will reject such a chain, but the blocks founded by the attacker will allow them to separate from the network and continue to mine their own chain.
51% cryptocurrency attack examples
One of the most famous examples was the situation with Ethereum and Ethereum Classic.
The hackers attacked the DAO platform that was operating on the Ethereum smart-contracts. They withdrew $50 million in ETH equivalent from the platform accounts and one month later, the Ethereum network was rolled back to the “before hacking” stage. A big part of the crypto community refused to accept an update and continued to work in the old chain now known as the Ethereum Classic.
The Ghash.io mining pool had more than 50 percent of Bitcoin’s processing power in 2014. The pool then voluntarily reduced its share of the network.
A group of 51 crew hackers hacked the Krypton and Shift blockchain projects in 2016.
A group of hackers gained control of 51% of the Bitcoin Gold network, allowing them to steal $18 million in cryptocurrency from Bittrex, Binance, Bithumb, and Bitfinex in May 2018.
Monacoin, Zencash, Verge, and Litecoin Cash were hacked, which resulted in millions of losses in June 2018.
As a result of a 51% attack on Aurum Coin, more than $500,000 was stolen from the Cryptopia Exchange in November 2018.
Two large mining pools carried out a 51% attack on the Bitcoin Cash network In May 2019.