Last week, with the hack of “Bitcoin Gold“, it was acknowledged that the dreaded “51% attack” is happening with more frequency recently. It is debatably even getting easier to execute. Just in the last 6 months, 10’s of millions of dollars have been stolen with this attack mechanism.
Bitcoin “Gold” is the latest to suffer this attack, but it is not the first and won’t be the last. The tokens Verge, Monacoin, zencash, litecoin cash, and Electroneum have also been recently attacked in this same way.
A 51% attack is one in which the perpetrator is able to buy (or even rent) computing power to take control of the blockchain ledger. This is more powerful than the other 49% of the blockchain miners. With this extra power, the hackers are able to modify the (hypothetically) “unmodifiable” blockchain in order to insert and/or delete transactions that benefit them.
In general, the safety and veracity of the blockchain depend on the premise that more than half of all the miners that are working on that blockchain are operating with good intent. They use the software developed by the coin creators to do their job, which is to verify valid transactions and insert them into the blockchain to be recorded, unmodified, forever. For this work, they are rewarded with newly generated coins.
The attackers, however, don’t have good intentions and instead they change the blockchain data in their favor. Usually, this attack is performed during a short period of time. The attackers need to finish before they are discovered, and before the cost to maintain the attack exceeds the gain.
Although the 51% attack does not allow the attacker to create new coins, it does allow them to modify recent transactions. For example, the attacker will attempt to “double-spend” their same bitcoins. They can send their coins to an exchange and then buy other types of coins while at the same time they can convert their same coins into fiat currency. They can do this multiple times on various exchanges. They get away with it because, with their 51% power, they can modify the blockchain to erase their tracks of this double spending.
As an added benefit, the attacker can also receive all the new coins mined on the network during the attack. They can use these new coins to partially offset the cost of their attack expenses.
One thing this type of attack does not allow is to completely drain any single coin of all its transactions. “Old” transactions can’t be changed. Only very recent transactions that they own can be double spent.
This is a bigger problem with the less commonly mined tokens since it is easier to execute a 51% attack on them – i.e. the smaller the coin, the less it costs to mount the attack. Conversely, the larger the token’s network the harder it is to perform this attack. But, depending on the value of the token, it could be worth the cost and effort for a rich attacker to do so. Most tokens have so little value that it is not even worth the effort to attack them. The sweet spot for an attacker is a coin which has some significant value and yet does not have a lot of other miners to compete against during the attack.
The tokens with the largest networks, like bitcoin and ether, are relatively safer from these attacks. Due to their network size, and attack against them would be very expensive.
These sorts of attacks can be somewhat prevented based on the decision that the token software developers make regarding who gets to mine their currency and the algorithm used to mine it. Different algorithms can make 51% attacks more difficult and/or more expensive to perform. After an attack is discovered the software developers of the attacked coin can change the software to stop the attack (but this takes time and all double spent coins are lost for good). That is one reason why these attackers need to get in and out relatively quickly. The software can also be changed to require that a transaction has to be “confirmed” more times in order to be considered valid and before it is fully and permanently accepted into the blockchain.