What if we told you that by 2030, over 60% of blockchain networks could be at risk of attacks? According to data from Crypto51, many of today’s blockchain networks face threats like 51% attacks, primarily due to their low mining power.
But this is just one of the many risks blockchain faces. In this article, we’ll dive into one of the most costly threats—51% attacks—exploring how they work and what steps you can take to protect your network.
Related: What’s a Seed Phrase and Why Do You Need One?
Key Takeaway
- A Blockchain is an open-source, digital record book that securely and transparently records transactions and data across a network of computers.
- A 51% attack occurs when a group of attackers or single entities controls most of a blockchain’s hash rate (computational power).
- In this attack, the attackers aim to take significant control (more than 50%) of the blockchain and alter it, thereby allowing them to manipulate transactions on the attacked blockchain and the blockchain itself.
- Carrying out a 51% attack is challenging on a blockchain network with a high participation rate like Bitcoin, but smaller blockchains with lower participation rates like TON are primary targets.
51% Attacks
A blockchain is an open-source, digital record book that securely and transparently records transactions and data across a network of computers.
As an innovative technology first launched in 2009 by Satoshi Nakamoto, one of its distinctive features is decentralization.
Decentralization is a key feature of a blockchain network. It means all participants can contribute to the network and earn rewards as it grows.
Decentralization helps prevent a single person or authority from taking control and deciding what happens on the blockchain while keeping it safe from attacks.
However, this is only so for some blockchains, as most blockchain networks have vulnerabilities that hackers can exploit to harm them.
51% attack is one of the significant attacks they use.
A 51% attack occurs when a group of attackers or a single entity takes over most of a blockchain’s hash rate (computational power).
In this attack, the attackers aim to take major control (more than 50%) of the blockchain and alter it, thereby allowing them to manipulate transactions on the attacked blockchain and the blockchain itself.
Related: Top Crypto Wallet Security Best Practices
Here is a quick example of what we mean:
Imagine a company with board members who have equal equity in the business. Each member has the right to vote on a decision for the company while having a say in the industry.
If a decision needs to be made, a vote is carried out. The option with the most votes is chosen and executed; the one with the fewest votes is sidelined.
It works the same way in a 51% attack. The group or entity that launches this attack has a higher percentage of the network and can execute or alter it.
However, you should know that this blockchain attack is performed on only some blockchain networks. It is mainly performed on smaller networks with low hash rates, less usage, and few security measures.
The bigger and more frequently a blockchain is used (think Bitcoin, Ethereum, Solana), the harder it is to launch an attack. These more prominent blockchains have more computational power and tighter security.
How it all started
The first 51% attack can be traced back to 2014. During this time, the Ghash.io pool (a popular bitcoin mining pool that operated from 2013 to 2016) unintentionally controlled 55% of the Bitcoin network, triggering a 25% drop in Bitcoin’s value.
Although the pool voluntarily reduced its power and pledged to stay within 40%, the incident highlighted the risks of centralized mining power.
In 2016, the cryptocurrencies Krypton and Shift, built on the Ethereum platform, were targeted by a group of hackers called “Team 51”. The attackers successfully double-spent and stole 22,000 coins through Bittrex (a crypto trading platform in the U.S)
The most notable case occurred with Verge cryptocurrency (XVG) in 2018, compromised due to a code error. Verge’s multi-algorithm approach allowed attackers to exploit a bug, sending false timestamped blocks to the network.
This resulted in blocks being generated every second instead of every 30 seconds, allowing hackers to capture 99% of blocks during a three-hour attack. Officially, 250,000 tokens were stolen, but users reported a much higher figure of nearly 4 million.
How it works
A 51% attack on a blockchain can seem attractive to hackers because of the benefits they stand to gain. However, you should know that carrying out this attack is very expensive, energy-consuming, and requires very serious attention to detail.
This is why it is rarely done by anybody or hacker in the blockchain ecosystem.
Carrying out a 51% attack is very difficult on a blockchain network with a high participation rate like Bitcoin.
For this to happen, the hackers must control over 50% of the blockchain. This will mean investing in many hardware mining tools or getting most of the network’s miners to join a pool under the hackers’ control.
The hackers will then have to create an “alternate” blockchain that can be introduced into the attacked blockchain at precisely the right time. The alternate blockchain would need to outhash the leading network to influence it.
However, getting the mining hardware is just one-third of the challenges. The second challenge is energy to run the mining hardware, as mining consumes a lot of energy.
According to Columbia Climate School, mining Bitcoin requires up to 150 Terrawatts per hour of energy yearly. This is higher than the annual energy consumption of Finland and Argentina, which have over 5.5 million and 60 million people, respectively.
Finally, hackers will need to control most of the network and introduce their fake blockchain at the right moment, and this is the biggest challenge because failure to execute this well could result in their losing everything.
What Happens Next: Risks & Consequences
In a scenario where a 51% attack has successfully been carried out, the hackers can carry out their malicious plans, which include:
1. Double-Spending
51% of attackers use this as their major malicious plan. In this scenario, attackers can spend their already transacted funds twice by altering the blockchain to show that the money was never spent so that they can reuse it again.
Example: An attacker spends 10 BTC on a purchase, then uses their control to alter the blockchain, making it seem like the transaction never occurred, allowing them to spend the same 10 BTC again.
2. Denial-of-Service (DoS) Attack
The attacker takes control and blocks honest miners’ addresses, thereby preventing them from regaining network control.
This move allows the attacker’s malicious transactions to become permanent.
3. Transaction Reversal
The hacker blocks payments between users, disrupting the network’s regular operation, leading to significant delays in transaction confirmations, and undermining confidence in the network’s reliability.
4. Reputational Damage
A 51% attack can severely damage a blockchain’s reputation, and this can lead to a loss of trust among users and investors, a significant drop in cryptocurrency value while preventing new users or investors from joining the network
Examples Of 51% Attacks
Although this attack can be expensive and shake the foundations of a blockchain network, here are some real-life examples.
1. Bitcoin Gold (BTG)
In May 2018, Bitcoin Gold was victim to a 51% attack, resulting in a staggering $18 million double-spend. This attack damaged the coin’s reputation and highlighted its vulnerability due to its relatively small hash rate. Since then, Bitcoin Gold has been a frequent target, with over 40 detected 51% attacks.
2. Ethereum Classic (ETC)
Ethereum Classic has been the most targeted blockchain, suffering a massive attack in August 2020. The attacker double-spended $5.6 million worth of ETC, leaving the community in shock at what happened.
3. Vertcoin (VTC)
In December 2018, Vertcoin experienced a 51% attack, resulting in a double-spend of 603 VTCs, equivalent to approximately $100,000. This attack showcased the vulnerability of smaller cryptocurrencies.
4. Litecoin Cash (LCC)
In July 2019, Litecoin Cash’s PoS system was compromised in a 51% attack, resulting in a minimal double-spend of less than $5,000.
Other notable examples include:
- Feathercoin (FTC)
- Verge (XVG)
Note: These attacks serve as a stark reminder of the vulnerabilities associated with blockchain networks and the importance of implementing strong security measures within a blockchain.
Related: Major Security Concerns in Crypto
How Can Blockchains Be Protected From 51% Attacks?
Protecting blockchains from 51% attacks requires a proactive approach by the developers. Some of these approach include:
1. Switch to a Safer Consensus Algorithm
Some consensus algorithms, like Proof of Work (PoW), are more vulnerable to 51% attacks because they rely on mining power.
Switching to a different algorithm, like Proof of Stake (PoS), can reduce this risk.
In PoS, attackers would need to own most of the network’s tokens, making launching an attack more difficult and expensive.
Example
- Bitcoin’s decentralized network and SHA-256 proof-of-work consensus algorithm make it resistant to 51% attacks.
- Ethereum’s planned transition to PoS (Casper) reduced the risk of 51% attacks.
2. Slow Down Blockchain Confirmations
Delaying confirmations makes it harder for attackers to succeed. If confirmations take longer, attackers need to control the network longer, increasing the attack’s cost and difficulty.
This gives the network more time to detect and respond to potential attacks.
3. Penalize Bad Actors
Implementing a penalty system, like slashing or banning, can deter attacks. Slashing confiscates tokens from malicious actors who try to manipulate the network. This raises the stakes for attackers, making attempting an attack riskier and more costly.
4. Regular Security Checks
Regular audits and security checks help identify vulnerabilities in the blockchain protocol.
Developers can prevent attacks and strengthen the network’s defenses by finding and fixing these weaknesses. This includes checking for potential entry points for 51% attacks and addressing them before they can be exploited.
Note: These measures are guaranteed to help protect against 51% attacks and ensure the security and integrity of the blockchain network. By implementing these approaches and maintaining regular security checks, blockchains can significantly protect themselves from unforeseen vulnerabilities.
Examples of Successful 51% Attacks Prevention
Claymore, a cryptocurrency mining pool, prevented a 51% attack on the Ethereum Classic (ETC) blockchain in 2019 by:
- Monitoring network activity: Claymore detected unusual activity, indicating a potential 51% attack.
- Alerting the community: They warned the ETC community, allowing them to take action.
- Increasing mining difficulty: They adjusted mining difficulty to make the attack more difficult.
- Collaborating with other pools: They worked with other mining pools to increase the network’s overall hash rate.
Another example is the Bitcoin Gold (BTG) network, which prevented several 51% attacks in 2020. The network did this by:
- Implementing a 51% attack detection system: BTG developed a system to detect potential attacks.
- Increasing hash rate: The network encouraged miners to increase the network’s hash rate.
- Collaborating with exchanges: It worked with exchanges to implement additional security measures.
- Regular software updates: It regularly updates node software to patch vulnerabilities.
Related: How Blockchain Sharding Boosts Scalability and Efficiency
Conclusion
Blockchain technology promises to be secure and unchangeable. But like all technology, it’s not perfect and has weaknesses.
51% attacks expose the fragile balance between decentralization and security, highlighting the need for constant vigilance in a blockchain network.
By acknowledging these vulnerabilities and proactively addressing them, Blockchain networks can be fortified, ensuring the integrity of the blockchain ecosystem.
FAQs
A 51% attack occurs when a single entity gains control of more than 50% of a blockchain’s mining or validation power, allowing them to manipulate transactions and potentially double-spend coins.
During a 51% attack, the attacker can reverse transactions, prevent new transactions from confirming, and potentially halt the blockchain temporarily.
While possible on any blockchain, smaller networks with less mining or validation power are more vulnerable due to lower security and decentralization.
Blockchains can mitigate the risk by increasing decentralization, improving consensus mechanisms, and boosting the network’s overall security through higher hashing power or validators.