Like any other system, Bitcoin is not perfect. In the context of possible risks, there is often talk of a so-called 51% attack. This tutorial will explain what such an attack is, what it can do and how to prevent it.
Be your own bank is one of the most famous slogans of the Bitcoin community. But such a claim is neglected that a possible decentralisation of the banking system is accompanied by a massive decentralisation of responsibility. Accordingly, decentralization requires enlightened and critical users who are aware of the dangers of possible attacks on the blockchain. One of the most frequently discussed dangers is often a so-called 51% attack.
How does a 51% attack work?
The Bitcoin infrastructure consists of the users (more precisely their wallets), different user interfaces, the miners and the nodes. The nodes are responsible for maintaining the Bitcoin network and managing transaction traffic. Nodes guarantee that all transactions comply with the rules. The task of the Miner is to combine transactions into blocks and append them to the block chain.
In the notorious 51% attack, the following scenario occurs: an attacker succeeds in setting over 50% of the miners. If you take a look at blockchain.info, you can see that three of the large mining pools (Antpool, F2Pool and Btcc Pool) currently have more than 50% of the hashrate – so the concern is not purely hypothetical, but quite real. Other altcoins have had such attacks in the past.
So what could happen if an attacker puts over 50% of the miners? To clarify this, a look at Satoshi Nakamoto’s white paper: in section 11 he looks at the problem of an attacker who wants to feed wrong blocks into the system. Finally, you can calculate how likely it is that an attacker enforces his blockchain.
The figures above show the probability of success, on the left depending on the relative hash rate of the attacker (assuming six confirmations of a transaction) and on the right depending on the number of transactions (assuming a relative hash rate of 26% on the attacker’s side).
It is easy to see that if the attacker’s hashrate is greater than or equal to that of the opponent, the probability of changing things is one. This means that someone with more than 50% of the hashrate on his side would have incredible power. The above formula would then always be decided in his favour. You should also keep in mind: even if the attack is called 51% attack and suggests that you need more than fifty percent of the hashrate for the attack, you can see from the formula of Nakamoto that with less control the probability for the success of an attack is smaller, but success is also not excluded. Accordingly, such an attack may also be successful with significantly less than 51% of the hashrate.
Possibilities of the 51% attack – what an attacker could do
As long as the attacker has control, he could perform double-spending transactions. This means that it could reverse transactions and transfer them elsewhere, messing up the bitcoin ecosystem completely. It could prevent any number of transactions or not assure them of confirmations. The attacker could, for example, specifically block certain payments and thus switch off individual participants. It could prevent any number of miners from mining any valid blocks and instead collect the rewards themselves. The examples show: the potential damage that such an attack can do is immense. Accordingly, the danger of such an attack should be taken very seriously.
What can we do about it?
The advantage of the blockchain is that everything is transparent and can be observed by everyone. On Blockchain.info you can see which mining pools have found which blocks. This is not an antidote, of course, but it can help to see if there are any mining pools that significantly often contribute a block of blockchain.
Apart from that, however, in the case of Bitcoin it is difficult to do something about such an attack as an individual. However, if such an attack occurs, it is advisable for each user to increase the confirmations of a transaction to prevent duplicate transactions. If an attacker really had 50% or more of the hashrate, this would not change the fact that the blockchain version of the attacker would always prevail, but it would take important time. Time that is valuable because it is incredibly expensive at Bitcoin to maintain 51% of the hashrate.
From Gavin Andersen’s point of view, who coined the bon mot “That would be bad” with a view to a 51% attack, it is relatively easy to defend against such an attack from the developer’s point of view. One idea would be that the attacker would have to have not only a lot of hashrates but also a lot of bitcoins from the time before the attack (see here). Overall, this would not only make the 51% attack quite expensive, but also ensure that the attacker bleeds out quickly.
In summary, a 51% attack on bitcoin is a serious matter, but one that can be uncovered. Especially in the field of prevention, Bitcoin users have an important task: it is up to them to keep an eye on the entire network at all times.