Even with a market cap of well over $1 trillion, cryptocurrency security is an extremely serious consideration for anyone that’s trusting their life’s wealth to the asset class. That’s because transactions cannot be refunded or reversed in cryptocurrencies.
To that end, it’s worth knowing about the most popular type of security attacks against the technology and how it may (or may not) affect you in the long run.
Blockchain Consensus: How Are Cryptocurrencies Decentralized?
Cryptocurrencies such as Bitcoin and Ethereum are built on top of a technology known as blockchain. Being decentralized, blockchains do not have a single authority in charge of processing transactions and maintaining the rules of the network. Instead, the concept of trust is completely removed from it and most cryptocurrencies.
Rather than a trusted entity like central banks, blockchains use consensus mechanisms to ensure that every participant has an equal opportunity to secure the network. After all, since every user has a vested stake in keeping their own funds safe, they are much more likely to enforce the rules of the network.
This is referred to as “trustlessness” in the cryptocurrency industry.
Consensus algorithms or mechanisms are named as such because they are designed to side with the majority’s decisions. The concept is not too dissimilar from voting in a democracy; just that this process repeats every few minutes.
How blockchain networks determine this consensus, however, is dependent on each individual cryptocurrency.
The vast majority of digital currencies today, including Bitcoin, use an algorithm known as Proof of Work (PoW) to achieve consensus.
In this process, users on the network contribute computational power to solve complex mathematical problems. The first to find the solution wins a reward, and the entire process repeats all over again. Since individuals are incentivized to compete with each other for a single reward, the network stays decentralized.
A cryptocurrency’s security is measured by its hash rate, which represents the amount of computational power individuals have dedicated to the network. Ideally, the total hash rate is split among many different users to ensure the system is decentralized and fair.
So What Is a 51 Percent Attack?
A 51 percent attack describes an event where the majority of hash rate in a network is controlled by a sole entity. This would theoretically give that individual complete control over the network’s consensus mechanism.
From that point, the attacker could create fraudulent transactions with the intention of benefiting themselves or robbing a target’s wallet.
It’s worth noting that, while this may seem like a gaping hole in blockchain technology, 51 percent attacks are actually extremely rare in practice. In Bitcoin, for instance, the total hash rate is so high that even entire data centers will be outmatched by the combined output of the other participants.
That being said, there have been instances where smaller and lesser-known cryptocurrencies have been successful targets of a 51 percent attack.
Ethereum Classic (ETC), not to be confused with Ethereum (ETH), suffered from as many as three separate attacks in a single year. Since the total hash rate of the ETC network was extremely low at certain times, attacking it was likely not too expensive.
However, much like how a democracy does not collapse immediately without an opposition, a 51 percent attack does not guarantee fraudulent transactions right off the bat. A malicious individual with just over 50 percent of the hash power would not be able to execute a successful attack immediately.
However, the time required to pull off an attack reduces significantly when the hash rate contribution reaches higher percentages.
What this means is that, even if an attacker somehow manages to rent enough computational power to launch an attack against Bitcoin, they will likely spend more money than earn back.
Furthermore, even if they do manage to siphon tokens into their own wallets, a record of these transactions will be recorded for everyone to see. Such an event could trigger a mass sell-off as it initially did with Ethereum Classic, making the attack essentially worthless.
Is Proof of Stake a Potential Solution?
Now it’s clear that 51 percent attacks are inevitable in smaller cryptocurrencies, the obvious question is: how are digital currencies safeguarding themselves from them?
Ethereum’s founder Vitalik Buterin, along with the cryptocurrency’s user base, believe that the best course of action is to simply switch away from Proof of Work. In 2017, ETH began the still-ongoing process of converting the underlying network from a proof of work-based system to a Proof of Stake (PoS) one.
PoS does away with using large amounts of computational power to keep the network secure. Instead, it randomly picks volunteer stakeholders within the network to directly vote on the legitimacy of new transactions. These individuals must deposit a certain amount of ETH in order to receive voting rights.
We need to get past the myth that it’s *fatal* if one entity gets enough to 51% attack PoS. The reality is they could attack *once*, and then they either get slashed or (if censorship attack) soft-forked away and inactivity-leaked, and they lose their coins so can’t attack again. https://t.co/utash1hUDU
— vitalik.eth (@VitalikButerin) September 2, 2020
In a PoS system, an attacker would need to control over 51 percent of staked (deposited) coins in order to vote on fraudulent transactions instead of 51 percent of the hash rate. And even in that case, they may be penalized and have their entire deposited amount confiscated by the network.
In other words, they need much more capital, and the stakes are much higher if the attacker were to make an error.
There are still many lingering questions over the efficacy of PoS-based systems, but it’s entirely possible that Ethereum may be at the forefront of both blockchain security and scalability within the next few years.
Worried About 51 Percent Attacks?
Until a solution to 51 percent attacks is devised, it’s worth researching the cryptocurrencies you plan to invest in. If the underlying network’s hash rate is extremely low relative to that of Ethereum and other major cryptocurrencies, know that the chances of a 51 percent attack are present—if not high.
Developers of Ethereum Classic, a cryptocurrency that has been targeted on various occasions, have supposedly found a solution to this problem. Its effectiveness, however, remains to be seen.
Image Credit: Aaron Olson/Pixabay