What Is A 51% Attack Against The Bitcoin Network?


The Bitcoin network is one of the most secure types of financial technologies the world has ever seen. Without a central point of failure, or a way to hack the system in general, Bitcoin remains safe from harm. But there is always the looming threat of a 51% attack against the network, which could have dire consequences. But what does such can attack entail, and is it something we should actively worry about?

The 51% Attack is A Threat, Albeit Difficult To Pull Off

The 51% attack vector is a threat that is theoretically possible, yet will be quite difficult to achieve. What this means is how one individual or group of individuals controls more than half of the Bitcoin network’s hashrate. Considering how the current network hashrate sits at just below two exohash per second, obtaining 51% is a logistical challenge most people would not even try to undertake.

At the same time, the Bitcoin network is free and accessible to everyone in the world. Nothing is preventing someone from making an incredibly large investment and turning on mining hardware that can take over the Bitcoin network as a whole. But one would also have to wonder if this would be in the best interest of such a person or group.

Even if someone were to be able to successfully complete a 51% attack, they would not be in full control of the Bitcoin network.  Granted, it would be a significant threat, but 51% of the hashrate is not enough to shut down Bitcoin, for example. Hackers could, theoretically, prevent specific transactions from being confirmed on the network. This would have dire consequences for Bitcoin payment processors, as well as general users.

At the same time, assailants would be able to reverse transactions, but only those sent by a wallet they control. If user A and B send transactions, but neither of them is part of the group holding 51% of the network hashrate, their transfers cannot be rolled back. They could go without network confirmations for quite some time, though.  Having the option to reverse one’s own transaction and double-spend funds is the primary incentive for attempting a 51% attack. But assailants will not necessarily remain in control for that long, making the whole endeavor quite inefficient to perform.

To put the 51% attack into perspective, one must know that this type of threat is increasingly difficult to pull off. The Bitcoin network has matured over the past few years and has become far more stable as a result. As more miners join the network, they add more computational power. A 51% attack would require at least 51% of that total computational power to succeed–quite a costly endeavor, to say the least.

However, the 51% attack is a feasible threat, and should not be disregarded by any means. With particular mining pools holding large portions of network hashrate, collusion can become quite appealing. It remains doubtful that this will happen anytime soon, and the benefits do not outweigh the costs and logistical hassle by any means.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

  • There are at least two different approaches to a 51% attack.

    One approach lets the attacker censor transactions, which would give the power to block any and all blocks by competing miners. That can be done by a pool (or cartel of pools) even who together have 51%.

    The second approach is a little more complicated. This approach requires mining of a private Bitcoin blockchain with as much hashing capacity that exists on the public Bitcoin blockchain. This is the attack that gives the attacker to double-spend transactions such as deposit transactions sent to an exchange which are then confirmed. But a pool (or cartel of pools) could not do this attack as once they take their customer’s hashing offline (to mine the private chain) those customers — seeing no revenue, will change pools. So this attack requires that the attacker control the same amount of hashing capacity as all other miners combined. So currently, there’s about $250M USD worth of hashing capacity that exists. An attacker with an additional $250M worth of mining hardware now has 50% of the then combined $500M worth of hardware, and with just a tiny amount over that can then mine a private chain that is guaranteed (over time) to be the chain with the greatest amount of work.

    This second attack allows cheating from the exchanges. Here’s a simplified example. The attacker can deposit 320,500 BTC ($250M worth of Bitcoin) to exchanges, sell those coins and withdraw the resultant $250M of fiat. The attacker then releases the private chain that double spends those 320,500 BTC of deposits. After that private chain is released and becomes the longest public chain, the attacker again still controls the 320,000 bitcoins that the exchange thought they received. This lets the attacker break even on the purchase of $250M of mining hardware acquisition, and the profit from the attack is in the value of the 320,500 BTC still held plus the value of the $250M of specialized SHA-256 ASIC mining hardware.

    The flaw in this approach though is that you can’t sell $250M worth of BTC quickly without significant “slippage” and even if you could you cant withdraw that much fiat from exchanges, quickly. But even if you could, you couldn’t do so anonymously — which should be a requirement to avoid risk of being charged with “money laundering” for the proceeds of the heist. Even if you put all those concerns aside, you still have the initial problem …. where do you buy $250M worth of mining hardware? Nowhere near that much capacity is simply just not available for sale.

    So the fact that Bitcoin is (as well as all proof-of-work (PoW) cryptos are) vulnerable to a 51% attack, there’s simply no economic incentive for an attacker to do so. (At least, not against Bitcoin. Maybe it’s possible for a 51% attack against some other PoW coins can be profitable but that’s because of differences between that cryptocoin and Bitcoin.)

    So while a 51% attack is a legitimate concern about PoW, the market has essentially discouned that risk entirely with Bitcoin — likely rightfully.