حمله 51 درصدی - کابوس رمزارزها!

A 51% attack is an attack on a blockchain network in which a single entity gains control of more than half (e.g. 51% or more) of the shares or computing power.

This disproportionate control allows them to make radical changes, which contradicts the fundamental decentralization principle of blockchain.

In other words, a 51% attack gives the power to rewrite transaction history, prevent transactions from completing, stop block rewards, and double-spend currency.

It is important to note that a 51% attack is one of the most significant security threats to blockchain,

Especially those that use Proof of Work (POW) and Proof of Stake (POS) consensus algorithms.

One of the alarming consequences of such an attack is double spending, where the same coins are spent more than once, damaging the trust and reliability of the blockchain.

How does a 51% attack work?

While the exact characteristics of an attack can vary depending on a variety of factors,

Here is a simple, general sequence of events that typically characterizes such an attack:

Accumulated power

The first stage involves the attacker gathering more than half (51 percent) of the network's computing or hash power.

This can be done by acquiring significant hardware resources or convincing a large number of miners to join a pool controlled by the attacker.

Partitioning

The attacker, who now holds the majority of the network's hashing power, effectively isolates his group from the main network while still maintaining internal communications.

Despite this separation, the attacker continues mining but refuses to share their progress with the main network or receive updates from it.

As a result, two parallel versions of the blockchain begin to evolve independently.

Fast mining

Due to superior hash power, the attacker group can add blocks to the blockchain version faster than the rest of the network.

Over time, the difference in length between the two versions of the chain becomes statistically proportional to the difference in hash power between the two groups.

Reintegration and dominance

When the hacker group rejoins the network, two competing versions of the blockchain are released across the entire network.

According to the rules of the consensus protocol, nodes keep the longest blockchain and any shorter than that is discarded.

This means that all blocks added by the main network during the split period become so-called orphan blocks and their transactions are returned to the Mempool.

Potential threats of a 51% attack

If successfully executed, a 51% attack could open a Pandora's box of threats that could significantly impact the blockchain network and its participants.

These threats range from financial fraud in the form of double-spending (re-spending of currency previously spent) to complete denial-of-service (DOS) attacks that cripple network performance.

The high cost of a 51% attack

It is worth noting that a 51% attack is not an easy task, requiring significant resources and time.

This heavy financial and technical burden makes it unfeasible for the majority.

The bulk of the costs are related to the mining equipment required.

To control more than half of a network's hashing power, you need high-performance hardware, which costs millions of dollars for prominent blockchains like Bitcoin.

But it's not just about hardware. Mining consumes a lot of energy.

Bitcoin mining uses up to 95.58 terawatt hours annually, which is equivalent to the annual energy consumption of Finland with over 5.5 million people.

Therefore, there are significant electricity and maintenance costs to consider.

Apart from the high costs, timing is very important for a group planning to attack a network.

They need to control more than half of the network and introduce their modified blockchain at the perfect moment.

Furthermore, in a decentralized environment, there is no central authority to enforce the use of a chain at risk.

Validators and clients can agree to restart the chain from a point before the attack occurred, although this is messy and undesirable.

The high costs and risks associated with such an attack act as a strong deterrent, especially for larger networks like Bitcoin or Ethereum.

On the other hand, smaller blockchains do not have much mining power and become more vulnerable.

It is easier to rent mining power for a few hours from a service like Nicehash to hack these smaller networks.

Which significantly reduces attack costs.

The risks and consequences of a 51% attack

A successful attack could have significant consequences for the blockchain network and its users. Here’s what happens:

Double spending

This is the scariest consequence.

The attacker can spend their money twice – first they make a normal transaction and then they alter the blockchain to show that they didn’t use the money at all.

Denial-of-Service (DoS) attack

The hacker blocks miners from mining for a while.

This prevents the good guys – the honest miners – from regaining control of the network. As a result, the attacker’s false chain of transactions can become permanent.

Reverse transaction

The attacker can block payments between some or all users.

This disrupts the normal operation of the network and can lead to significant delays in transaction confirmation, undermining trust in the reliability of the network.

Damage to reputation

Also, this attack can severely damage the credibility of a blockchain.

This can lead to a loss of trust among current and potential users, resulting in a significant decline in

The value of the cryptocurrency becomes tied up and deters new users or investors from joining the network.

Real cases of 51% attacks

Throughout the history of blockchain, there have been several notable cases such as:

Bitcoin Gold (BTG): In May 2018, Bitcoin Gold experienced a 51% attack that allowed an attacker to double its BTG to approximately $18 million. The event caused significant damage to the coin’s reputation and market cap.
Ethereum Classic (ETC): Perhaps the most commonly targeted blockchain, Ethereum Classic was subjected to a massive attack in August 2020, where the attacker managed to double $5.6 million worth of ETC.
Vertcoin (VTC): Vertcoin, although lesser known, experienced a 51% attack in December 2018. The attacker double-spent 603 VTC, equivalent to approximately $100,000.

These attacks reveal significant vulnerabilities and consequences, reinforcing the need for effective security measures.

To read: Blockchain Scalability

Preventing 51% attacks

Reducing these risks can be challenging, but several methods have been suggested:

Change the consensus algorithm

Switching to a different consensus algorithm as a practical approach helps reduce the likelihood of 51% attacks.

Proof of Work (PoW), the primary consensus mechanism used by many blockchains, makes itself susceptible to such attacks due to the risk of mining centralization.

Alternatively, the Proof-of-Stake (PoS) consensus mechanism is less susceptible to such attacks,

Because it requires a hacker to hold the majority of the shares (coins) of the entire blockchain.

Delay in blockchain confirmation

Another inhibiting factor is the delay in blockchain verification.

In this way, the network can detect and potentially prevent a 51% attack.

By increasing transaction confirmation times, attackers must maintain 51% control of the network for a longer period of time, dramatically increasing the cost and difficulty of such an attack.

Penalty system

Establishing a penalty system serves as another viable defensive strategy.

For example, implementing mitigation conditions on PoS blockchains penalizes malicious actors by confiscating some or all of their shareholder tokens,

If it is determined that they are acting against the network rules.

This punitive measure significantly increases the risks for any potential attacker and can act as a strong deterrent.

Blockchain protocol audit

Finally, regular blockchain protocol audits are a critical aspect of any comprehensive security strategy.

These audits carefully examine the protocol to identify vulnerabilities, including potential avenues for a 51% attack.

By proactively identifying and addressing these weaknesses, blockchain developers can significantly strengthen their network defenses.

Closing remarks

While the risk of a 51% attack is a daunting thought, it is important to understand that the costs and complexity of carrying out such an attack make them rare.

However, the potential impact and historical records underscore the importance of preventive measures and continued efforts to make blockchain technology more secure and resilient.