What Is a 51% Attack?
A 51% attack is an attack on a cryptocurrency blockchain by an entity or group that controls more than 50% of the network. If a party were to gain this much control of a network, it would have the power to alter the blockchain.
The attackers would be able to prevent new transactions from gaining confirmations, allowing them to halt payments between some or all users. They would also be able to reverse non-confirmed transactions that were completed while they were in control. Reversing transactions could allow them to double-spend coins, one of the issues mechanisms like proof-of-work were created to prevent.
Key Takeaways
- Blockchains are distributed ledgers that record every transaction made on a cryptocurrency's network.
- A 51% attack is an attack on a blockchain by an entity or group that controls more than 50% of the network.
- Attackers with majority network control can interrupt the recording of new blocks by preventing other miners from completing blocks.
- Changing historical blocks is impossible due to the chain of information stored in Bitcoin's blockchain.
- Although a successful attack on Bitcoin or Ethereum is unlikely, smaller networks are frequent targets for 51% attacks.
Understanding a 51% Attack
A blockchain is a distributed ledger—essentially a database—that records transactions and information about them. The blockchain's network reaches a majority consensus about transactions through a validation process. The blocks where the data is stored are sealed. The blocks are linked together via cryptographic techniques where previous block information is recorded in each block. This makes the blocks nearly impossible to alter once they are confirmed enough times.
The 51% attack is an attack on the blockchain, where a group controls more than 50% of the hashing power—the computing that solves the cryptographic puzzle—of the network. This group then introduces an altered blockchain to the network at a very specific point in the blockchain, which is theoretically accepted by the network because the attackers would own most of it.
Changing historical blocks—transactions locked in before the start of the attack—would be extremely difficult even in the event of a 51% attack. The further back the transactions are, the more difficult it is to change them. It would be impossible to change transactions before a checkpoint, where transactions become permanent in Bitcoin's blockchain.
Attacks Are Prohibitively Expensive
A 51% attack is a very difficult and challenging task on a blockchain network with a large participation rate. In most cases, the group of attackers would need to be able to control the necessary 51% and have created an alternate blockchain that can be inserted at exactly the right moment. Then, they would need to out-hash the main network. The cost of doing this is one of the most significant factors that prevent a 51% attack.
For example, one of the most advanced application-specific integrated circuit (ASIC) miners is the WhatsMiner M63S. It costs more than $10,000 (new) and has a hash rate of 406 terahashes per second (TH/s). A single or smaller group of miners would not be able to alter and mine the Bitcoin blockchain with only a few of these machines. It would take thousands of these ASICs to get ahead of the Bitcoin network. Smaller networks could be out-hashed using these mining rigs, but the benefits of doing so wouldn't outweigh the costs of funding the attack and setting it up.
Hashing power rental services provide attackers with lower costs, as they only need to rent as much hashing power as they need for the duration of the attack.
After Ethereum transitioned to proof-of-stake, a 51% attack on the Ethereum blockchain became even more expensive. To conduct this attack, a user or group would need to own 51% of the staked ETH on the network. It is possible for someone to own that much ETH, but it's unlikely.
According to Beaconchain, more than 32.3 million ETH were staked on May 8, 2024. An entity would need to own and stake more than 16.5 million ETH (more than $49 billion as of May 8, 2024) to attempt an attack.
Once the attack started, the consensus mechanism would likely recognize it and immediately slash the staked ETH, costing the attacker an extraordinary amount of money. Additionally, the community can vote to restore the "honest" chain, so an attacker would lose all of their ETH just to see the damage repaired.
Attack Timing
In addition to the costs, a group attempting to attack the network using a 51% attack must not only control 51% of the network but also introduce the altered blockchain at a very precise time. Even if they own 51% of the network hashing rate, they still might not be able to keep up with the block creation rate or get their chain inserted before valid new blocks are created by the 'honest' blockchain network.
Again, this is possible on smaller cryptocurrency networks because there is less participation and lower hash rates. Large networks make it nearly impossible to introduce an altered blockchain.
Despite the name, it is not necessary to have 51% of a network's mining power to launch an attack. However, such an attack would have a much lower chance of success.
Outcome of a Successful Attack
In the event of a successful attack, the attackers could block other users' transactions or reverse them and spend the same cryptocurrency again. This vulnerability, known as double-spending, is the digital equivalent of a perfect counterfeit. It is also the basic cryptographic hurdle blockchain consensus mechanisms were designed to overcome.
Successful 51% attackers may also implement a Denial-of-Service (DoS) attack, where they block the addresses of other miners for the period they control the network. This keeps the "honest" miners from reacquiring control of the network before the dishonest chain becomes permanent.
Who Is at Risk of 51% Attack?
The type of mining equipment is also a factor, as ASIC-secured mining networks are less vulnerable than those that can be mined with GPUs; they are much faster. Cloud services such as NiceHash—which considers itself a "hash-power broker"—theoretically make it possible to launch a 51% attack using only rented hash power, especially against smaller, GPU-only networks.
Bitcoin Gold has been a common target for attackers because it is a smaller cryptocurrency by hashrate. Since June 2019, the Michigan Institute for Technology's Digital Currency Initiative has detected, observed, or been notified of more than 40 51% attacks—also called chain reorganizations, or reorgs—on Bitcoin Gold, Litecoin, and other smaller cryptocurrencies.
Are the Odds of a Bitcoin 51% Attack Growing?
On May 8, 2024, the Bitcoin network's total hashrate was 569.29 exahashes per second (EH/s). The top three mining pools by three-day hashrate were:
- FoundryUSA, at 175.76 EH/s; 30.9% of the total Bitcoin network hashrate
- AntPool, at 161.77 EH/s; 28.4% of the total Bitcoin network hashrate
- ViaBTC, at 73.11 EH/s; 12.8% of the total network hashrate
Combined, these three pools made up 72.1% of the network hashrate, a whopping 486.9 EH/s (486.9 million TH/s—the CPU in your computer might be able to hash at about 15 kilo hashes per second). If Foundry and ViaBTC were to collude, they could take over 51% of the hashrate (248 EH/s).
Foundry and Antpool combined could control 69.3% of the network. Because these pools use platforms to connect pool members and manage workloads, if the managers decided to take control they could issue work orders to their pools to work on the altered chain. The pool's miners would have no idea which chain they were working on since their mining rigs automatically work on whatever task they are given.
Even more concerning is that these three pools also monopolize the majority of the network hash rates for Bitcoin Cash, Litecoin, and Bitcoin SV.
These pools have been operating for several years without issue, but the fact remains that they already control most hashing power of the minable and profitable cryptocurrencies.
What Does a 51% Attack Do?
A 51% attack alters blocks that are being added to the blockchain, giving the attackers the ability to create or alter transactions for the period they are in control.
Has a 51% Attack Ever Happened?
Yes. Several blockchains have been attacked using this method, but they had small networks, were new, or had other vulnerabilities that made it possible.
How Much Would a 51% Attack on BTC Cost?
If a large mining pool was directed by its managers to conduct an attack, it wouldn't cost the managers much at the time of the attack. However, it would likely lose its honest miners once they found out about it. For a single person or group to conduct a 51% attack, they would need more than 304 EH/s of computing power. This is an enormous cost considering the fastest miner hashes 406 TH/s and costs more than $10,000 per unit (about 84,000 units).
The Bottom Line
A 51% attack is the unlikely event that a group will acquire more than 50% of the hashing power of a cryptocurrency network. These attacks happen on smaller crypto networks, but tend to fail on larger ones like Bitcoin because they are more secure.
The comments, opinions, and analyses expressed on Investopedia are for informational purposes online. Read ourwarranty and liability disclaimerfor more info.
