{"id":37276,"date":"2020-01-23T07:00:04","date_gmt":"2020-01-23T05:00:04","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=37276"},"modified":"2025-08-29T14:46:39","modified_gmt":"2025-08-29T11:46:39","slug":"what-is-a-51-attack","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/what-is-a-51-attack\/","title":{"rendered":"What is a 51% attack?"},"content":{"rendered":"<div id=\"cards_wrapper\">\n<div class=\"single_card\">\n<p id=\"card_counter_1\" class=\"card_counter\"><span class=\"card_counter_span\">1<\/span><\/p>\n<p><strong>What is a 51% attack?<\/strong><\/p>\n<div class=\"card_description\">A 51% attack is a vulnerability of PoW blockchains that lets an attacker seize control of transaction confirmation and block production.<\/div>\n<\/div>\n<div class=\"single_card\">\n<p id=\"card_counter_2\" class=\"card_counter\"><span class=\"card_counter_span\">2<\/span><\/p>\n<p><strong>What does controlling 51% of a network\u2019s power enable?<\/strong><\/p>\n<div class=\"card_description\">\n<p>With 51% of the hash rate, attackers can:<\/p>\n<ul>\n<li>prevent other miners (validators) from finding blocks (<strong>selfish mining<\/strong>);<\/li>\n<li>double-spend coins to steal from service providers, exchanges or swap services (<strong>double spend<\/strong>);<\/li>\n<li>fork the main blockchain, splitting the network into two competing chains;<\/li>\n<li>block transactions or entire blocks from being confirmed;<\/li>\n<li>collect all block rewards and transaction fees during the attack.<\/li>\n<\/ul>\n<p>An attack is <strong>more serious<\/strong> if the perpetrators control far more than 51% of the network. Then they can:<\/p>\n<ul>\n<li>steal from deposit-challenge-verify contracts and state channels\/Lightning Network if they are participants;<\/li>\n<li>lower and manipulate network difficulty;<\/li>\n<li>steal coins that are not dated to the genesis block (by rolling back old blocks and re-collecting rewards for those blocks);<\/li>\n<li>delete contracts or transaction history (by rolling back old blocks and editing the list of included transactions).<\/li>\n<\/ul>\n<p>A 51% attack by itself <strong>does not let attackers<\/strong>:<\/p>\n<ul>\n<li>obtain your private key or forge a signature;<\/li>\n<li>obtain coins awarded by a faulty contract;<\/li>\n<li>send, lock into <a href=\"https:\/\/forklog.com\/en\/news\/what-is-delegated-proof-of-stake-and-what-does-staking-have-to-do-with-it-2\">staking<\/a> or burn your coins on your behalf (except via the techniques mentioned above);<\/li>\n<li>control the decisions of full-node operators (validators).<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"single_card\">\n<p id=\"card_counter_3\" class=\"card_counter\"><span class=\"card_counter_span\">3<\/span><\/p>\n<p><strong>How many resources are needed to execute a 51% attack?<\/strong><\/p>\n<div class=\"card_description\">\n<p>A malicious mining pool can rent extra hash rate and attack a chosen cryptocurrency. Using data from the 51crypto service, the authors of the study <a href=\"https:\/\/www.researchgate.net\/publication\/332300090_Exploring_the_Attack_Surface_of_Blockchain_A_Systematic_Overview\" target=\"_blank\" rel=\"noopener noreferrer\">Exploring the Attack Surface of Blockchain: A Systematic Overview<\/a> compiled a table for six cryptocurrencies showing the hourly attack cost.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-89622\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1.png\" alt=\"What is a 51% attack?\" width=\"820\" height=\"371\" srcset=\"https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1.png 2938w, https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1-300x136.png 300w, https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1-1024x464.png 1024w, https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1-768x348.png 768w, https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1-1536x695.png 1536w, https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1-2048x927.png 2048w, https:\/\/forklog.com\/wp-content\/uploads\/51prccost-1-470x213.png 470w\" sizes=\"auto, (max-width: 820px) 100vw, 820px\" \/><\/p>\n<p>The data were gathered in April 2019. As shown, attacking Bitcoin would cost $486,000 per hour. An attack on Dash (market capitalisation $2.3bn) would cost just $15,000 per hour.<\/p>\n<\/div>\n<\/div>\n<div class=\"single_card\">\n<p id=\"card_counter_4\" class=\"card_counter\"><span class=\"card_counter_span\">4<\/span><\/p>\n<p><strong>What is selfish mining?<\/strong><\/p>\n<div class=\"card_description\">\n<p>A strategy that lets miners increase profits by withholding blocks from the public network. Instead of broadcasting each newly found block, they keep mining atop their own privately found blocks. While competitors mine on older public blocks, the selfish miner gains an edge.<\/p>\n<p>This creates a quiet race between the public chain of \u201chonest miners\u201d and a private chain of \u201cselfish miners\u201d. Attackers must have enough compute to make their secret chain longer than the public one.<\/p>\n<p>Once the private blockchain becomes longer than the public chain, the attackers release it to claim block rewards and user fees. If the private network\u2019s power is as low as 25% of the total, selfish miners can keep winning the race until displaced by another selfish miner or an aggrieved minority.<\/p>\n<p>In Proof-of-Work blockchains, what matters is not the longest chain by block count but the one with the most accumulated work.<\/p>\n<p>The longest chain represents the majority of hash power only if there is no monopolist (a holder of 51% or more). If there is, the longest chain may not reflect the will of most miners.<\/p>\n<\/div>\n<\/div>\n<div class=\"single_card\">\n<p id=\"card_counter_5\" class=\"card_counter\"><span class=\"card_counter_span\">5<\/span><\/p>\n<p><strong>How does a double spend work?<\/strong><\/p>\n<div class=\"card_description\">\n<p>Assume the attacker controls significant compute power. He pays a merchant; the merchant accepts a large crypto payment and the deal is nearly done. The transaction is sent to the main blockchain and, after three confirmations, the parties part ways.<\/p>\n<p>Once confident the victim cannot reach him, the attacker \u201creturns\u201d the coins to himself by rolling the blockchain back to an earlier state after sending the payment.<\/p>\n<p>A more covert variant mirrors selfish mining: the attacker mines a parallel chain. Instead of the honest transaction, that chain includes a double-spend that sends the same coins to another address controlled by the fraudster. He then \u201cfeeds\u201d the valid chain an alternative batch of blocks (with correct PoW), hoping the network will accept them.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-89598 aligncenter\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/ataka-dvojnoj-traty.gif\" alt=\"What is a 51% attack?\" width=\"402\" height=\"227\"><\/p>\n<p>Thus the network \u201cexcises\u201d the valid transaction from history. The merchant opens the wallet to find the coins gone and no proof of the deal. He did not even take wallet screenshots or copy the transaction ID when the coins arrived.<\/p>\n<p>In theory, once a transaction has one or more confirmations, a double spend is excluded. Many users do not know what to do when a transaction \u201cdisappears\u201d from a bitcoin wallet.<\/p>\n<p>Thanks to such schemes, coins keep reappearing in the attacker\u2019s wallet and can be spent twice, three times, and so on. Frequent double spends may prompt exchanges hit by them to delist the affected cryptocurrency. Attacked coins also lose market capitalisation afterwards. For example, Verge was attacked in May 2018 and has since lost over 95% of its value.<\/p>\n<\/div>\n<\/div>\n<div class=\"single_card\">\n<p id=\"card_counter_6\" class=\"card_counter\"><span class=\"card_counter_span\">6<\/span><\/p>\n<p><strong>A hard fork after a 51% attack as a way to create a new asset<\/strong><\/p>\n<div class=\"card_description\">\n<p>A 51% attack can be used to create a new cryptocurrency. PoW consensus was designed to prove the integrity of a chain, not to prevent forks.<\/p>\n<p>Suppose attackers secretly mine several blocks and then \u201cdrop\u201d them onto the main network. Without community support, the honest minority of the remaining 49% will reject that chain. But a few secretly mined blocks let the attacker split off and keep mining his own chain while other miners continue the original one. Two assets emerge: one familiar, the other new.<\/p>\n<p>As long as there are enough miners for the blockchain to function, even new blockchains born of a hard fork will not cause material harm.<\/p>\n<\/div>\n<\/div>\n<div class=\"single_card\">\n<p id=\"card_counter_7\" class=\"card_counter\"><span class=\"card_counter_span\">7<\/span><\/p>\n<p><strong>Is a 51% attack possible without 51% of hash rate?<\/strong><\/p>\n<div class=\"card_description\">\n<p>The well-known \u201cbitcoin guru\u201d Andreas Antonopoulos believes the Bitcoin network is no longer at risk of a 51% attack because of the resources miners spend to maintain it. Andreas says that in 2019 attacking Bitcoin no longer makes sense; it would be too costly even for governments. Less powerful altcoins can be attacked, he adds.<\/p>\n<p>To attack a blockchain, an adversary does not always need 51% or more of the compute power. The probability of success depends on the attack duration and available hash rate.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-89597 aligncenter\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/veroyatnost_uspeha-e1579706181947.png\" alt=\"What is a 51% attack?\" width=\"820\" height=\"613\"><\/p>\n<p>Even with 40% of the network, an attacker can attempt a two-block attack with a 40% chance of success.<\/p>\n<p>But miners are only a small part of blockchains\u2019 security model. Ten years on, real-world incidents suggest the threat was greatly exaggerated.<\/p>\n<\/div>\n<\/div>\n<div class=\"single_card\">\n<p id=\"card_counter_8\" class=\"card_counter\"><span class=\"card_counter_span\">8<\/span><\/p>\n<p><strong>Historical examples of 51% attacks<\/strong><\/p>\n<div class=\"card_description\">\n<p>A 51% attack is not impossible. In July 2014 the Ghash.io mining pool controlled more than 50% of Bitcoin\u2019s hash rate for a short period. The pool then voluntarily sought to reduce its share, stating it would not exceed 40% of total mining in future.<\/p>\n<p>In August 2016 the \u201c51 crew\u201d hacked the Krypton and Shift blockchains. Using a series of double spends, they stole roughly 20,000 Krypton tokens.<\/p>\n<p>In May 2018 a group of malicious hackers gained control of 51% of the Bitcoin Gold network, allowing them to steal $18m in cryptocurrency from Bittrex, Binance, Bitinka, Bithumb and Bitfinex. Bittrex accused the developers of negligence and demanded compensation, threatening to delist BTG. The developers replied that this is a known threat type. Bittrex had not taken precautions and was itself to blame, they said.<\/p>\n<p>In June 2018 Monacoin, Zencash, Verge and Litecoin Cash were hit by 51% attacks, causing multimillion-dollar losses. Some exchanges lost about $90,000 in Monacoin, $500,000 in ZenCash and $1.7m in Verge.<\/p>\n<p>In November 2018, after a 51% attack on Aurum Coin, more than $500,000 was stolen from the Cryptopia exchange.<\/p>\n<p>In May 2019 two large mining pools carried out a 51% attack on Bitcoin Cash. They said they prevented the theft of unprotected SegWit coins that sat at addresses from which anyone could take them. These coins remained after the 2017 split from Bitcoin but had been locked by developers\u2014until they were accidentally unlocked by a May 2019 hard fork.<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>1 What is a 51% attack? A 51% attack is a vulnerability of PoW blockchains that lets an attacker control transaction confirmation and block production. 2 What does controlling 51% of a network\u2019s power enable? Attackers can hinder block discovery (selfish mining), perform double spends against service providers and exchanges, fork the main chain, block confirmations, and collect all rewards and fees during the attack.<\/p>\n","protected":false},"author":1,"featured_media":37277,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"2","_short_excerpt_text":"","creation_source":"human_written","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[2113],"tags":[2116,2114,2115,1395],"class_list":["post-37276","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptorium","tag-101-bitcoin","tag-101-decentralization","tag-101-technical-foundations","tag-51-percent-attack"],"aioseo_notices":[],"amp_enabled":true,"views":"48","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/37276","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=37276"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/37276\/revisions"}],"predecessor-version":[{"id":37278,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/37276\/revisions\/37278"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/37277"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=37276"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=37276"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=37276"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}