Cybersecurity, Vaults, and Background of a 51% Attack
Before we dive into the specifics of a 51% attack, we need to look a bit at the larger concept of security. It is important to understand that in the world of networked technologies nothing is ever totally secure. The greatest cybersecurity experts in the world will be the first to insist that all systems have vulnerabilities. Different systems implement different security architectures based on the needs and resources of a given operation. While the digital era has ushered in a whole new paradigm of information security (and cyber threats, like DDOS or 51% attacks), the problem of how to keep something of a value safe is not new.
Historically, for example, banks kept gold stored in giant vaults. Today, vaults are still used by banks to store cash, protected now by biometric locking mechanisms and highly sensitive sensory alarm systems. In many ways, this physical infrastructure of a vault was abstracted into a digital form at the onset of the “Information Age.” Where physical valuables are stored in a vault, financial data is stored on a giant server. Just as the vault is secured by ever more complex locking systems, the server employs ever more layers of encryption protocols and malware scanners. And yet, the servers of large financial institutions like banks still get breached by attackers on an almost daily basis.
From the perspective of an attacker, centralised systems often promise a tempting payload. One big central server will be challenging to penetrate, sure, but if you succeed you will potentially have access to everything inside. Attacks of this kind – for example the 2017 Equifax hack – can result in a devastating loss of sensitive information. Centralisation, as the adage goes, “puts all of your eggs in one basket”. This creates a broad attack surface.
One of the foundational aspects of Bitcoin is that it was designed to avoid centralisation. While there may be ideological implications here as well, Bitcoin’s blockchain architecture is revolutionary from a security perspective alone. Rather than storing one copy of sensitive data in one central location, thousands of identical copies are stored on different machines all over the world.
Bitcoin’s implementation of incentivized mining gives users a reason to participate in the network and maintain the blockchain. Using a consensus model, the majority of nodes on the network, meaning at least 51% of them, ultimately decides on which new blocks get added to the blockchain. In theory, the more individual nodes on the network, the more distributed the data becomes, and thus the more secure.
What is a 51% Attack?
For any one actor to manipulate the blockchain, they would have to change the data on a majority of individual nodes on the network at any given time, simultaneously. This is known as a 51% attack. Of course, Satoshi Nakamoto knew of the theoretical potential for an attack like this to occur, but the computational required to carry one out would be so enormous as to be unrealistic for a single actor, even for advanced nation states. Bitcoin is theoretically vulnerable to a 51% attack, but the likelihood of it actually happening has always seemed infinitesimally small thanks to the decentralised and distributed nature of the blockchain.
Bitcoin’s decentralised architecture has paved the way for a groundswell of innovative blockchain projects over the past decade, and will no doubt have ramifications far into the future. However, with the evolution of Bitcoin mining from a humble background novelty running on any basic personal computer to a booming international industry, the question of distribution is worth revisiting. As the difficulty factor in mining went up, it became harder for a single individual to solve a block. This led to the formation of “mining pools,” where individual miners combined resources and shared profits.
Today, the vast majority of blocks are solved by miners participating pools. Some of these mining pools have grown so large, in fact, that three of them alone make up more than 50% of the estimated hashrate distribution, with the largest pool being responsible for approximately 25% of the total. In theory, if a single pool grew large enough (or a few large pools joined forces) to dominate 51% of the network’s hashrate, that group would be able to control which new blocks were added to the blockchain.
Bitcoin relies on distributed consensus to maintain its integrity, and centralisation of power in mining pools does pose a potential threat. The good news is that even in the event of a 51% attack, the colluding group would likely not be able to alter the history of the blockchain very far back, as that would require redoing the proof-of-work required for each block, which becomes exponentially more difficult the further one goes. Nor would they be able to tamper with transactions other than their own, since they would not control the private keys associated with those transactions. What they could do, in theory, is spend their Bitcoin more than once, or “double spend.” The group performing the 51% attack could invalidate previously confirmed blocks by forking before those blocks and converging with a different chain.
For example, a person could buy a Lamborghini from a dealership and wait for the transaction to be added to the blockchain. Then, they could go back and start mining from the previous transaction. This would create two competing versions of the blockchain- one that includes their transaction and one that doesn’t. With their 51% of the processing power, they can ensure that their preferred version of the blockchain is the one that is ultimately perpetuated. At that point, they can go back into the dealership and buy another Lamborghini with the same Bitcoin they used to buy the first one.
Yes, It’s Possible, but it’s Extremely Unlikely
While a 51% attack is a legitimate threat, there is good reason to imagine that it remains a fairly unlikely scenario. Even if a group did have the power to execute such an attack, the impact would almost certainly destroy the value of Bitcoin since this would constitute a failure of the network’s security. What would be the point of spending the same Bitcoin twice if they were worth nothing? Part of the brilliance of Bitcoin’s design is that playing by the rules is a much more lucrative approach than trying to break them.