Demystifying the 51% Consensus Attack in Bitcoin

Florian Hansmann
Jun 1, 2017 · 2 min read

Traditional payment systems depend on centralized trust models that verify and clear transactions. As Bitcoin is a trustless protocol, it does not rely on a central authority providing that trust. Therefore, nodes have to agree on a certain status to confirm or reject blocks. What if mining nodes are dishonest and try to attack the consensus mechanism, e.g. to disrupt the security of the network for a personal benefit?

An attack scenario commonly referred to is the 51% attack. It is bound to occur when a group of individual miners that collectively control the majority of the network’s computing/hashing power decide to collude. This attacking group will gain the ability to cause “forks”, which basically means that differences among competing chains exist. As a consequence, double spending will be possible insofar as the attacking group can render previously confirmed blocks invalid by forking before these blocks and re-converging to a different chain. It is important to highlight that the attacking group can only double spend their own transactions (not someone else’s transactions!) and that such an attack can only affect the most recent 6 or 7 blocks. Older blocks already confirmed on the blockchain will be technically immutable forever. It is because an attacking group would need to redo the proof-of-work e.g. for the 8th block and all blocks after it and then catch up with and surpasses the work of the honest nodes. It is very unlikely for an attacking group to attain the amount of hashing power needed to achieve exactly this.

So when I paid for my new Porsche in Bitcoins last week (I wish), the car dealer waited for 6 more confirmed blocks following the block with my transaction before handing me the keys. If I pay with Bitcoins in a restaurant in Berlin Kreuzberg, however, one confirmed block is usually sufficient as just a small amount is spent. Also, as mentioned above, an attacking group cannot just steal or spend other bitcoins because the attack does not undermine cryptographic security of private keys and the signing algorithm.

Interestingly, a 51% does not require exactly 51% of the hashing power in practice. The 51% is just the level at which such an attack almost certainly occurs. In general, the more hashing power an attacking group has, the more past blocks he can modify or the more future blocks he can control. Statistical models have shown that attacks on the consensus mechanism, under certain circumstances, can occur with as little as 30% of the hashing power.

So mining does actually constitute a real threat to the security Bitcoin and other blockchain protocols using a proof-of-work consensus mechanism. This is one reason why I am really excited to see (hopefully soon) one or more of the major protocols implementing the more promising proof-of-stake consensus mechanism. While it might not solve the problem with potential attacks, validators of transactions can for example be penalized for dishonest behaviour. Let’s see how the move towards more promising consensus mechanisms will evolve.

Florian Hansmann

Written by

Spending my days exploring decentralized internet technologies // Berlin-based