Most people have at least some basic understanding of cryptocurrencies like Bitcoin working on blockchain technology, but one threat that often flies under the radar is the 51% attack.

As cryptocurrencies have grown in value and adoption over the years, so too have the incentives and capabilities for malicious actors to attempt these attacks. In this guide, we'll explain what a 51% attack entails, provide examples of past attacks, and discuss solutions for preventing them.

A 51% attack is possible when a single entity or group gains control over more than half of a blockchain network's crypto mining power or hashrate. You can check the details of hashrate with our blockchain glossary.

By amassing such a majority stake, they can manipulate transaction validation and even reverse transactions. As we'll explore, doing so requires significant financial resources, but the risks are real.

Understanding the mechanics and defenses against 51% attacks is an important part of participating in cryptocurrency networks safely. Let’s start understanding how the 51 attack works!

How does a 51 attack work?

Blockchain technology relies on distributed consensus mechanisms to validate transactions. In proof-of-work networks like Bitcoin, miners compete to validate blocks and are rewarded with new coins or transaction fees.

Whoever controls over 50% of the total hashing power can override the network; they have greater ability to choose which transactions to include in new blocks.

With a majority, attackers can potentially reverse transactions that were sent to others by replacing portions of the blockchain with their own version. They may also prevent some transactions from gaining any confirmations at all.

While the attacker's version needs to be the longest chain for their changes to be permanent, during the period of majority control, double spends or censorship of transactions are possible. This is mainly how the 51 attack works.

What is a 51% attack example?

Some notable past 51% attack examples include:

• Bitcoin Gold: In May 2018, a 51 attack that was most likely planned by a state-sponsored group in China resulted in the theft of over $18 million in BTG. Transactions were reversed while the attackers maintained control.
• Ethereum Classic: In January and July 2019, double spends occurred on the ETC network through prolonged 51% attacks. Over $1.1 million was stolen in the two incidents.
• Verge: The privacy-focused XVG coin was attacked in April 2018. While no funds were reportedly stolen, the double spending demonstrated the risk of a 51% attack on even mid-sized cryptocurrencies.
• Bitcoin Cash: A short self-mining attack on the BCH network in May 2018 highlighted the technical feasibility of disrupting transactions, though again no funds were reported stolen directly.

These examples show that chains with lower overall hashing power and market caps are most vulnerable to financially motivated 51% attacks. As crypto mining becomes more centralized in a few pools or geographies, it also becomes easier for state or corporate actors to potentially orchestrate attacks.

What is 51% double spending?

When an attacker gains majority control of a blockchain's hashing power, they can potentially "double spend" or double-deposit coins. That means spending the same funds on multiple conflicting transactions.

For example, imagine that an attacker purchases some goods for $100 worth of a cryptocurrency from a merchant, but then uses their hashing power to submit an alternate blockchain history where that $100 transaction never occurred. They could keep the goods but refund the coins back to their own wallets.

Reversing transactions in this way violates the core property of cryptocurrencies: only being spendable once. It undermines the integrity and trust in that blockchain if double spends can be forcibly inserted into its history.

Can a 51% attack reverse transactions?

In the period that a 51% attacker has majority control over block creation, they have the technical ability to reverse legitimate outgoing transactions by overwriting recent blocks. However, there are some constraints:

• Before honest blockchain nodes mine more blocks on top, only transactions in the most recent few blocks are reversible.
• Reversing settled transactions that occurred further back would require rewriting a lengthy portion of the main blockchain, which rapidly grows more difficult as more blocks are added.
• Honest nodes may refuse to switch to an alternate blockchain history if it diverges too drastically from their view of the "true" chain.

So while double spending or censorship of the latest transactions is possible, completely rolling back extensive transaction histories would be impractical due to the resources required. Still, ordinary users lack protections against double spending or temporary reversals during an attack.

What is the effect of the 51% attack?

Beyond just double-spending on individual transactions, the broader consequences of a damaging and protracted 51% attack include:

• Loss of trust in the integrity and security of the targeted blockchain. This can cause its value and user adoption to decline substantially over time.
• Increased miner centralization pressures as average users will prefer networks with fewer exploit risks. However, this paradoxically makes 51% attacks easier for sophisticated attackers.
• Higher costs for cryptocurrency exchanges and merchants to adequately secure themselves against reversals. Some may blacklist or freeze activity on certain chains judged to be too vulnerable.
• Greater regulatory scrutiny of cryptocurrencies, which demonstratively lack robust protection against bad actors sabotaging transaction histories or selectively censoring them.

51 attacks pose ongoing risks of financial losses through coercion as well as long-term reputational damage to the security and decentralization principles that blockchains ideally uphold. Preventing such attacks remains an important technical challenge.

How do you detect a 51% attack?

Several signals can indicate that a 51% attack on blockchain may be underway:

• Sudden changes in which miners or mining pools are validating the most recent blocks A new majority controller would become immediately evident.
• Hashing power graphs show one entity surpassing the 50% threshold needed to potentially disrupt the network.
• Double spends or transactions being spent twice show an attacker is overriding the legitimacy of the main chain.
• Significant delays or inconsistent transaction inclusions as the attacker selectively censors or reorders them for their benefit.
• There are abrupt changes in the blockchain version full nodes are using as some reject a reorganization a potential majority miner has imposed.

Monitoring hashrates, transaction histories, and alerting when inconsistencies emerge allows the community to identify attack efforts early. However, smaller attacks may go unnoticed for longer.

What are the solutions to a 51% attack?

While no magic bullet exists, various technical approaches can make 51% attacks costlier or minimize their impact.

• Larger networks with high hashrate distributions spread across many miners make assembling a majority vastly more expensive. Bitcoin's scale makes attacks unrealistic.
• Improving cryptocurrency exchange security through multi-signature crypto wallets and watch-only addresses protects against double spends being confirmed.
• Checkpoints that ignore large reorganizations protect against deep blockchain rewrites.
• Emerging proof-of-stake and types of proof-of-stake mechanisms in coins like Ethereum 2.0 make attack resources scale with a currency's value, not just computing power.
• Crypto service providers like Cryptobunq offer institutional-grade crypto custody, transaction processing, and fraud detection to shield customers from attacks on smaller or riskier networks.

Cryptobunq's multi-party computation protocol makes transactions require approval from multiple private keys that are never online simultaneously. This adds a crucial layer of security against potential 51% double spends or transaction censorship that users hold in Cryptobunq accounts.

How do I prevent 51 attacks on the blockchain?

As mentioned earlier, as Cryptobunq, we offer various 51 attack preventions for our users:

• Crypto assets held with Cryptobunq are stored using their patent-pending Secure Multi-Party Computation protocol, which requires authorization from multiple private keys to validate transactions.
• No private keys are ever online simultaneously, making them immune to hacking or majority control attacks.
• Cryptobunq blockchain monitoring runs 24/7 and has successfully detected and halted 51% of attacks before funds could be stolen from user accounts. Our security team actively analyzes chains for signs of congestion or transaction censorship that could indicate attacks.
• Auditing and insuring customer funds provides further defenses. If an extremely unlikely attack did manage to bypass other safeties, customer balances would still be made whole.
• Advanced key setups encourage decentralization by splitting signing authority among geographically dispersed users. Even if an individual account key were compromised, transactions still require authorization from others.

For crypto businesses or individual users concerned about network-level exploits, partnering with a security-focused one-stop-shop crypto service provider like Cryptobunq offers strong protection against the risks of 51% attacks and transaction reversals across many blockchains with a single account.

The bottom line: 51% of attacks are demystified

51 attacks pose ongoing threats to cryptocurrencies by allowing bad actors to potentially reverse transactions or even selectively censor them. While large and mature networks like Bitcoin are well defended, smaller chains remain at risk.

Techniques like multi-signature crypto wallets, blockchain monitoring, and partnering with robust custodians like CBQ to spread key authority and ensure funds go a long way towards negating the underlying issues that enable 51% of exploits in the first place.

Cryptobunq uniquely provides institutional-grade security defenses, addressing all aspects of crypto custody and transaction processing to effectively shield users and businesses. For those serious about safely participating in crypto, our platform continues to set a standard well worth exploring.

Benefit from our expert and secure services, including batch payments, checkout and invoicing, custody and wallet, tokenization, node as a service, exchange API, and more.

CBQ can protect you and your business from risks such as %51 attacks and secure your crypto assets. Contact us today for secure solutions!