A 51% attack is a malicious action where an individual or group gains control of more than 50% of a blockchain network’s total computing power, known as its hash rate.
This majority control allows the attacker to compromise the integrity of the blockchain’s ledger, enabling them to prevent new transactions from being confirmed and — most critically — to reverse their own recent transactions in what is known as a double-spend.
Below, we’ll explain the mechanics behind a 51% attack and detail what an attacker can and cannot achieve with this level of control.
If you’ve lost access to your crypto due to a lost password, damaged storage device, or for another reason, we’re here to help. Call 1-800-237-4200 for a free evaluation or set up a ticket online.
How a 51% Attack Works
To understand a 51% attack, we need to understand how a Proof-of-Work (PoW) blockchain like Bitcoin maintains its integrity.
You probably know the basics: In PoW networks, miners compete to solve complex mathematical problems. The first miner to find the solution gets to add the next “block” of transactions to the chain and is rewarded with a certain amount of cryptocurrency.
This process creates an official, public ledger of transactions. The fundamental rule of a PoW blockchain is that the longest chain is always considered the valid and true one.
Why? Creating the longest chain requires the most cumulative computational work, so it effectively proves that it has the majority of the network’s consensus behind it.
A 51% attack exploits this “longest chain” rule. Here is the typical sequence of a double-spend attack:
- The Spend: The attacker sends cryptocurrency to a merchant or an exchange in exchange for goods or another currency (e.g., U.S. dollars). This transaction is broadcast to the network and included in a block on the public blockchain.
- The Secret Chain: Simultaneously, the attacker uses their majority hashing power to secretly mine a private version of the blockchain. In their private version, they create an alternate block that omits the transaction from step 1 (effectively keeping the coins in their own wallet).
- The Race: Because the attacker controls more than 50% of the network’s power, they can solve the mathematical problems and add blocks to their secret chain faster than the rest of the network can add to the public chain.
- The Reorganization: Once their secret chain becomes longer than the public chain, the attacker broadcasts it to the entire network.
Following the “longest chain” rule, all nodes on the network will discard the original, shorter public chain and adopt the attacker’s longer chain as the true history of transactions. The original transaction is now erased, and the attacker has both the goods or currency they received and their original cryptocurrency back.
This type of exploit isn’t easy to pull off, but historically, it’s been a possibility on PoW networks.
What an Attacker Can and Cannot Do
Control over 51% of the hash rate grants an attacker significant power, but it’s not unlimited.
An attacker with majority control can:
- Reverse their own recent transactions, allowing them to double-spend coins.
- Prevent specific new transactions from being validated and included in the blockchain.
- Block other miners from creating valid blocks, effectively monopolizing the mining rewards for the duration of the attack.
However, an attacker cannot:
- Steal cryptocurrency from another person’s wallet. This would require access to that user’s private keys, which are not stored on the blockchain itself.
- Create new coins out of thin air or change the block reward rules.
- Change or reverse transactions that are very old. The further back a transaction is in the blockchain’s history, the more computationally intensive and expensive it becomes to rewrite.
Which Blockchains Are Most Vulnerable?
The vulnerability of a Proof-of-Work blockchain to a 51% attack is directly related to its total network hash rate. The lower the total hash rate, the less computational power an attacker needs to acquire to achieve a 51% majority.
This means that smaller cryptocurrencies are significantly more vulnerable than established ones.
For instance, the global hash rate of the Bitcoin network is so immense that acquiring enough hardware and electricity to launch a 51% attack would cost billions of dollars — it’s prohibitively expensive and logistically infeasible. Even if someone managed to amass the tech necessary to attack Bitcoin, they’d be more likely to crater the crypto’s value than to actually walk away with usable currency.
In contrast, smaller networks can be attacked by renting mining power from large “hash marketplaces” for a relatively low cost.
Several prominent Proof-of-Work cryptocurrencies have been successfully targeted by 51% attacks:
- Ethereum Classic (ETC): In August 2020, Ethereum Classic (not to be confused with the better known Ethereum blockchain) was the victim of a series of separate 51% attacks over the course of a single month. The attackers repeatedly rented hashing power to reorganize the blockchain, allowing them to double-spend millions of dollars worth of ETC.
- Bitcoin Gold (BTG): In May 2018, the Bitcoin Gold network suffered a 51% attack where malicious actors successfully double-spent BTG with an estimated value of around $18 million.
- Verge (XVG): Verge, billed as a “privacy coin,” experienced a damaging series of attacks in April and May of 2018. By exploiting a vulnerability in the mining algorithm, an attacker was able to briefly control the network, reorganize recent blocks, and double-spend millions of XVG coins.
It’s important to note that blockchains that use a Proof-of-Stake (PoS) consensus mechanism are not vulnerable to 51% attacks in the same way. In a PoS system, an attacker would need to acquire 51% of the total staked cryptocurrency.
PoS cryptos include Ethereum (ETH), Cardano (ADA), NEAR Protocol (NEAR), and Algorand (ALGO), among many, many others.
51% Attacks: A Serious Threat for Smaller PoW Blockchains, But a Minor Concern for Most Traders
A 51% attack represents a fundamental threat to the trust and reliability of a Proof-of-Work blockchain. While the largest networks like Bitcoin remain highly secure due to their massive scale, users and investors in smaller cryptocurrencies should be aware of the risks.
The best practice when receiving a transaction on any PoW network is to wait for multiple confirmations (i.e., for several more blocks to be added after the block containing your transaction) before considering it final. Each new confirmation makes a reversal exponentially more difficult for an attacker.
The principles of data integrity and security are central to both blockchain technology and our work in data recovery. If you have concerns about digital asset security or have experienced data loss from a crypto wallet, contact our experts at 1-800-237-4200 for a consultation.
