Blockchain Security Series

Popular Blockchain Attacks & Security Vulnerabilities — Part 1

51% Attack on Blockchain

In part 1 of this series, we will be discussing the 51% Attack on Blockchain.

Whenever a transaction is going through the Blockchain, each miner will verify this transaction. They use powerful computers to mine a block. They constantly review the Blockchain to decide whether the sender has enough cryptocurrency he wants to spend and is not trying to fool the system. If the majority of miners verify a transaction, then it will be considered to be a valid transaction and a new block gets added to the blockchain. These miners can also group to form Mining pools to mine more efficiently.

Basically, In a Blockchain a competition is going on among the miners. Whenever two or more miners solve the cryptographic puzzle at the same time, for a while there will be extra chains. But eventually, the longest chain wins over the others and then everyone follows the longest chain.

Wait for a second! — What if someone gets more than 51% of the mining power and tries to manipulate the entire system for his own needs?

51% attack occurs when a miner or group of miners(mining pool) manages to gain more than 51% of the network’s mining power. Then the respective entity will have the power to control the entire network.

If an attacker gets this power, he will be able to:

• Double-spend his money. He can pay with the same cryptocurrency twice or even more.
• Prevent transactions from being confirmed.
• Prevent the generation of new bitcoins.

Image Credit: RLV ZCACHE

Such a situation is considered to be under extreme security breach as all the network participants need to trust a centralized entity. Also, it will significantly drop the price of the cryptocurrency.

How does 51% Attack work?

At first, a single miner or a group of miners acquires more than 51% of the network’s mining power. This situation can well occur on smaller networks rather than on large networks.

Once the attacker gets the power, he starts mining blocks on his private chain that operates concurrently with the public Blockchain where all the other nodes mine the blocks. The legitimate public Blockchain will not be aware of the existing private false chain.

Meanwhile, the attacker transfers some amount of tokens to the legitimate chain and is not acknowledged by the false chain.

Since the attacker has more mining power, he quickly mines the blocks on the private chain. Eventually, the false chain wins over the legitimate chain on length.

Credit: Author

As per the long chain rule, the lengthy version of the Blockchain considers the legitimate version of the Blockchain. So the remaining nodes are forced to accept the false chain as the legitimated chain.

Finally, the attacker can again spend his money as the transactions on the legitimate chain fail to occur.

Real cases of 51% Attack

• GHash.io, a popular Bitcoin mining pool was got neared 51% of the network’s total mining power in January 2014. It created some panic in the Bitcoin community. But it got fixed immediately by the miners who left the pool to balance things out.

One group controls 51 percent of Bitcoin mining, threatening security sanctity

• CoinGeek mining pool controlled over 51% of the Bitcoin SV’s hash rate for a week in November 2015.

One mining pool controls a dangerously dominant share of BitcoinSV's hash rate

• Bitcoin Gold network faced a 51% attack twice on May 2018 as well as January 2020 that caused a loss of $18 million & $70,000 respectively in double spends.

Bitcoin Gold 51% Attacked - Network Loses $70,000 in Double Spends

• Ethereum Classic Blockchain hit a 51% attack thrice on August 2020.

Ethereum Classic Hit by Third 51% Attack in a Month

• Verge, the cryptocurrency network, suffered a 51% attack back to back three times.

Privacy Coin Verge Suffers Third 51% Attack, Analysis Shows 200 Days of XVG Transactions Erased

It is difficult to pull off a 51% attack on large networks like Bitcoin & Ethereum. Having more mining power is a bit costly and is not worth the reward. But smaller networks are more prone to this kind of attack.

One of the best ways to prevent the 51% attack is to change the consensus mechanism. Either upgrade a network to Proof of Stake(PoS) or create a network that uses PoS. Unlike Proof of Work(PoW), PoS doesn’t rely on mining power to achieve consensus. Instead, owners who stake their coins get the right to verify the transactions.

References

1. https://www.theguardian.com/technology/2014/jun/16/bitcoin-currency-destroyed-51-attack-ghash-io
2. https://thenextweb.com/news/calvin-ayre-coingeek-bitcoin-sv-hash-rate-51-percent-double-spend
3. https://news.bitcoin.com/privacy-coin-verge-third-51-attack-200-days-xvg-transactions-erased/
4. https://news.bitcoin.com/bitcoin-gold-51-attacked-network-loses-70000-in-double-spends/
5. https://cryptoandfire.com/ethereum-classic-51-percent-attack/

Thank You:)

New to trading? Try crypto trading bots or copy trading