What Is a 51% Attack and How Does it Work in Practice?

What Is a 51% Attack?

A 51% attack is when a person, group, or entity gains control of 51% of a blockchain’s hashing power, meaning they have control over certain aspects of the project.

The method in which this is obtained is different for each consensus mechanism.

On a proof-of-work blockchain (such as Bitcoin), this would be done by acquiring control of the network’s mining capabilities.

On the other hand, with a proof-of-stake blockchain (such as Cardano), this would be done by controlling 51% of the staked tokens.

The blockchain is a distributed ledger, meaning it’s decentralized.

However, as soon as an entity has more than half of the hashing power over the network, it is susceptible to a 51% attack.

How Does 51% Happen on a Technical Level?

If a proof-of-work network is presented with two conflicting chains, the network will choose to go with the longest chain.

This is because the more transactions it has successfully completed, the more likely it is that it’s a good actor.

Obtaining 51% of the hashing power means that you can mine faster than the rest of the miners.

This means that 51% of attackers can quickly create the longest chain and then act maliciously. The network has no choice but to choose the attacker’s chain, as it’ll be the longest.

Often, you’ll find that an attacker will not announce their blocks to the blockchain straight away. Instead, they’ll mine privately to create their own blockchain. This is so they can get the longest chain before manipulating the public blockchain.

They will spend their coins on the public network (usually for real-world assets that can’t be revoked) while excluding these transactions from their own version of the blockchain — creating a double spend problem.

After a period of time, the attacker will announce their version of the blockchain to the network, and it’ll have to be accepted due to it being longer than any other chain.

This is how a 51% attack happens on a proof-of-work blockchain. This process may be different when dealing with other consensus mechanisms.

What Could a 51% Attack Result In?

Once an entity has control of 51% of the network, it can do multiple malicious things that will disturb the blockchain for all participants.

Modify Transactions

Once the aggressor has 51% of the hashing power, they could modify transactions that are validated by the network’s nodes. This could be, for example, changing the amount sent or even canceling a payment entirely.

Reverse Transactions

Transactions that occur while the attacker is in power can also be reversed, causing a double spend problem (one of the reasons Bitcoin was created); thus, doubling the attacker’s money.

Mining Monopoly

A mining monopoly could also occur as a result of a 51% attack.

This would happen when the attacker blocks all transactions from a miner (or group of miners) in their own private network before broadcasting their own version to the network. This means that the attacker can essentially censor miners off of the network until they are the only miner left — creating a monopoly.

Unfortunately, this would mean the blockchain is now centralized, in the hands of a bad actor, while the previous miner’s rewards cease to exist.

What Can’t 51% Attackers Do?

They may have a lot of power, but they’re not God. 51% of attackers are limited in some ways.

Transactions Before They Are In Power

Despite being able to modify, prevent, and reverse transactions during their reign, they cannot delete or modify transactions made before they get control.

Prevent Broadcasting to the Blockchain

The attacker cannot prevent someone from broadcasting to the blockchain.

This is because miners, stakers, validators, etc. (which the attacker will control) do not broadcast to the blockchain. Instead, they’re the ones who approve or deny these transactions.