51% Attack

What Is a 51% Attack?

A 51% attack refers to an attack on a blockchain — most commonly Bitcoin, for which such an attack is still hypothetical — by a group of miners controlling more than 50% of the network's mining hash rate or computing power.

The attackers would be able to prevent new transactions from gaining confirmations, allowing them to halt payments between some or all users. They would also be able to reverse transactions that were completed while they were in control of the network, meaning they could double-spend coins.

They would almost certainly not be able to create new coins or alter old blocks. A 51% attack would probably not destroy Bitcoin or another blockchain-based currency outright, even if it proved highly damaging.

How a 51% Attack Works

Bitcoin and other cryptocurrencies are based on blockchains, a form of a distributed ledger. These digital files record every transaction made on a cryptocurrency's network and are available to all users — and the general public — for review. As a result, no one can spend a coin twice. (So-called "private blockchains" introduce permissions to prevent certain users in the general public from seeing all the data on a blockchain.)

As its name implies, a blockchain is a chain of blocks, which are bundles of data that record all completed transactions during a given period. For bitcoin, a new block is generated approximately every 10 minutes. Once a block is finalized or mined, it cannot be altered since a fraudulent version of the public ledger would quickly be spotted and rejected by the network's users.

However, by controlling the majority of the computing power on the network, an attacker or group of attackers can interfere with the process of recording new blocks. They can prevent other miners from completing blocks, theoretically allowing them to monopolize the mining of new blocks and earn all of the rewards.

Bitcoin

For Bitcoin, the reward is currently 6.5 newly-created bitcoins, though it will eventually drop to zero. They can block other users' transactions, and they can send a transaction and then reverse it, making it appear as though they still had the coin they just spent. This vulnerability, known as double-spending, is the digital equivalent of a perfect counterfeit and the basic cryptographic hurdle the blockchain was built to overcome. So a network that allowed for double-spending would quickly suffer a loss of confidence.

Changing historical blocks — transactions locked in before the start of the attack — would be extremely difficult even in the event of a 51% attack. The further back the transactions are, the more difficult it would be to change them. It would be impossible to change transactions before a checkpoint, past which transactions are hard-coded into Bitcoin's software.

On the other hand, a form of a 51% attack is possible with less than 50% of the network's mining power, but with a lower probability of success.

The mining pool gHash.IO briefly exceeded 50% of the Bitcoin network's computing power in July 2014, leading the pool to voluntarily commit to reducing its share of the network. It said in a statement that it would not reach 40% of the total mining power in the future.

51% Attack Real-World Examples

Krypton and Shift, two blockchains based on Ethereum, suffered 51% attacks in August 2016.

In May of 2018, Bitcoin Gold, at the time the 26th-largest cryptocurrency, suffered a 51% attack. The malicious actor or actors controlled a vast amount of Bitcoin Gold's hash power, such that even with Bitcoin Gold repeatedly attempting to raise the exchange thresholds, the attackers were able to double-spend for several days, eventually stealing more than $18 million worth of Bitcoin Gold. Bitcoin Gold was hit again in 2020.

Recently, the Bitcoin SV (BSV) network suffered an attack in August 2021.

51% Attack vs. 34% Attack

The tangle, a distributed ledger that is fundamentally distinct from a blockchain but designed to accomplish similar goals, could theoretically succumb to an attacker deploying over a third of the network's hash rate, referred to as a 34% attack.