Guellord MbusaA 51% attack represents a threat or intrusion targeting blockchains that are described as “ Proof of work " or " proof of stack » conducted by one or more miners holding more than 50% of the mining hash rate of a blockchain. It is also referred to as the Goldfinger attack.
From the outset, it is important to remember that owning more than half of the nodes in a network theoretically confers the power to modify the blockchain.
Why should we fear and prevent the 51% attack?
A minor owning more than 50% of the nodes of a network could hinder the confirmation of new transactions, thus interrupting payments between some or all users. In addition, he could revoke transactions carried out under its control, which could pave the way for double spending of coins. A flaw that consensus mechanisms such as proof of work aim to prevent.
The 51% attack is very dangerous because it means that the miner or group that controls more than 50% of the power of hash of a blockchain, has the ability to introduce a modified version of the blockchain at a specific point in the network. Theoretically, this modification is accepted by the network, because it minor or group of minors have control over it.
As for old transactions locked before the attack began, they are proving extremely difficult. They are difficult to modify even during a 51% attack. The older a transaction is, the more difficult it becomes to modify. Transactions prior to a certain checkpoint, where they become permanent in the Bitcoin blockchain, remain unalterable.
Is it possible for a minor to lead the 51 attack?
It is a very tricky task to carry out a 51% attack on a popular blockchain with a high participation rate. First, cybercriminals should be able to control more than 51% of the nodes and have previously created an alternative blockchain that can be inserted at the right time. Then they should outperform the mainnet.
The cost of doing this is one of the most important factors preventing a 51% attack. And then, for what interest would a majority investor undermine its own company?
Let's imagine the worst scenario
The enemies of bitcoin are as countless as the stars. They constantly predict a perilous end for the cute baby of Satoshi Nakamoto. Let's imagine that they are on the right track. It will take at least two major mining pools to enter into an alliance to bring the project to fruition. Indeed, to date, there is no miner who owns 51% of Bitcoin nodes.
Last June, the three main mining pools by hash rate were:
- FoundryUSA, with 106,16 exahashes per second (EH/s), representing 29,3% of the total hash rate of the Bitcoin network.
- AntPool, with 90,28 EH/s, covering 24,9% of the total hash rate of the Bitcoin network.
- F2Pool, with 45,98 EH/s, constituting 12,67% of the network's total hash rate.
These three pools accounted for 66,87% of the network's hash rate, or an impressive 242,42 EH/s. To match this hash rate, cybercriminals would need to have more. Fixed costs of around $7,9 billion, in addition to costs related to hosting, maintenance, electricity and cooling. For this reason, major cryptocurrencies, like Bitcoin, are unlikely to fall victim to a 51% attack due to the prohibitive cost of acquiring such hashing power. 51% attacks are generally confined to cryptocurrencies with lower stake and hashing power.
What about Ethereum?
Make no mistake, when it comes to security, Ethereum is just as robust as Bitcoin.
Following his transition to proof of stake, a 51% attack on the Ethereum blockchain has become even more expensive. To carry out this attack, an individual or group would need to hold 51% of the ETH staked on the network. Although someone could potentially own such an amount of ETH, it remains unlikely.
According to Beaconchain, over 19,3 million ETH were staked. So, an entity would have to own over 9,8 million ETH (over $20 billion at the time of writing) to attempt an attack. Also, once the attack is triggered, the consensus mechanism would likely detect it and immediately reduce the staked ETH, imposing considerable expense on the cybercriminal. Although, the community could vote to restore the “honest” chain, resulting in the attacker losing all ETH, as the attacker would have acted in vain.
What are the challenges of such an attack?
The success of a 51% attack goes beyond financial considerations. In addition to a huge investment, a miner or group of miners seeking to compromise a network using a 51% attack must not only gain control of more than half of the network, but also manage to introduce the modified blockchain at a particularly strategic time. Even with a 51% or more majority of the network hash rate, they may find themselves unable to synchronize their own chain with the rate of block creation. And they may be unable to insert it before the production of new valid blocks by the blockchain network considered to be “honest.”
This maneuver is easier on smaller cryptocurrency networks, characterized by less participation and lower hash rates. On the other hand, large networks make it virtually impossible to introduce a tampered blockchain.
Basically, despite its name, it is not imperative to hold 51% of a network's mining power to trigger an attack. However, such an undertaking would have significantly reduced chances of success.
The consequences of a successful attack
If by an unfortunate coincidence, such an attack were to succeed, it must be admitted, the community would receive too cold a shower. First, criminals would have the power to hinder other users' transactions, cancel them, and reuse the same cryptocurrency. This fault, known as the double spending, looks like a perfect digital counterfeit. It constitutes the fundamental cryptographic challenge that blockchain consensus mechanisms strive to address.
Additionally, cybercriminals could implement a denial of service attack (DoS). They can block other miners' addresses during the period of their control over the network. This tactic would prevent "honest" miners from regaining control before the dishonest chain becomes permanently established.
Which nodes and cryptos are at risk of attack?
The choice of mining hardware is also a crucial parameter, as mining networks secured by application-specific integrated circuits (ASIC) are found to be less exposed to vulnerabilities than those exploited using graphics processors (GPU). In addition, their processing speed is significantly higher. Services cloud mining, such as NiceHash, positioning themselves as “hash power brokers,” theoretically offer the ability to launch a 51% attack using exclusively rented hash power. This is particularly concerning for smaller networks that rely exclusively on GPUs.
In the register of probable victims, Bitcoin Gold is among the preferred targets of cybercriminals due to its status as a lower-profile cryptocurrency in terms of hash rate. Since June 2019, the Michigan Institute for Technology's Digital Currency Initiative has seen, observed, or been informed of more than 40 51% attacks, also known as chain reorganizations, on Bitcoin Gold, Litecoin, and other cryptocurrencies less important.
Here's the main thing to remember about the 51% attack
The 51% attack represents an implausible scenario where a miner acquires more than half of a blockchain's hashing power. Although incidents of this type occur in smaller networks, they generally end in failure in larger networks like Bitcoin, due to their high level of security.
This attack materializes when a group of miners takes control of more than 50% of a blockchain's mining hash rate. Attackers with majority control over the network can hinder the creation of new blocks, preventing other miners from finalizing their transactions. It is important to note that modifying historical blocks remains impossible due to the information chain firmly anchored in the Bitcoin blockchain. Only smaller networks are regularly the target of attempted 51% attacks.
