The Anatomy Of A 51% Attack And How You Can Prevent One

Delton Rhodes
Delton Rhodes

The Anatomy Of A 51% Attack And How You Can Prevent One

Over the last few years, a number of successful 51% attacks, including a few on reputable blockchains, have proved that the threat is real and costly.

51% attacks are no longer an abstract concern. Every single blockchain project must put security before all else.

Security always comes first at Komodo. In fact, with Komodo’s delayed Proof of Work (dPoW) security mechanism, every integrated chain receives the same level of security as the Litecoin blockchain itself.

This post will explain exactly how a 51% attack occurs and how Komodo’s Blockchain Security Service can prevent one.

A Brief Introduction To The 51% Attack

Put very simply, a 51% attack occurs when malicious actors gain control of more than 50% of a blockchain's peer to peer network hash rate, hence the name. Since the attackers have at least 51% of the network’s hash rate, they can force the rest of the network to erase blocks that contain their transactions. This means attackers can maliciously use their majority power to spend coins or tokens more than once.

Attacks of this nature are also called “double-spend attacks” because the attackers are able to spend their coins or tokens twice and then sell the counterfeit currency for profit.

It’s worth noting that only blockchains using a Proof of Work consensus mechanism are susceptible to 51% attacks. This is true because cryptocurrency mining is open to everyone and attackers can join a PoW blockchain's network with a massive amount of hash rate to gain control of the network and thus the ledger.

Blockchains that use a Proof of Stake consensus mechanism are vulnerable to a similar variety attack, called a Nothing-At-Stake attack. However, Nothing-At-Stake attacks are distinct from 51% attacks.

The most popular blockchains, like Bitcoin and Ethereum, are also not at risk to 51% attacks, despite both being Proof of Work blockchains. This is true because gaining more than 50% of either network’s hash rate is not feasible. Even the largest mining pools are not close to attaining majority power of these networks.

Blockchains with smaller networks, however, are extremely vulnerable. An attacker wouldn’t even need to invest the money into purchasing the hardware necessary to overpower a small network. Instead, the bad actor could simply rent the hash power necessary to launch an attack from a site like NiceHash.

One blockchain enthusiast even created this website to show how vulnerable many blockchains are. There are dozens of blockchains that can be successfully 51% attacked for less than $500 USD an hour. All you would need to do is rent the hash rate and fire away.

Of course, Komodo does not advocate for attacking blockchain projects. The point is that many, if not most, Proof-of-Work blockchains are vulnerable to attack.

Successful 51% Attacks In 2018 & 2019

There were a number of successful 51% attacks in 2018 and the trend is continuing in 2019. Here is a list of 51% attacks that have occurred over the years, along with the amount of funds lost in each hack.

That's 15 successful 51% attacks over the last seven years, adding up to more than $23 Million in losses. That's an average loss of over $1.5 Million per attack. And, as you can see, the problem of 51% attacks seems to have gotten worse over time. There were 11 attacks in 2018 alone.

It's important to note that these are only the 51% attacks that were revealed publicly. It's quite likely that many more attacks occurred away from the public eye and were never publicized.

It's also important to note that all of the figures quoted above are estimates and, in some cases, disputed. It can be difficult to determine the true losses and various sources report different information.

In any case, the losses listed above include only the amount of money spent twice. There are a number of additional losses not included in the above estimates, including:

  • a surge of negative press coverage
  • reduced trust in the blockchain
  • being delisted from crypto exchanges
  • a substantial reduction in the price of the currency
  • decreased likelihood of future investment in the project

All of these consequences make a 51% attack a catastrophic event for any blockchain project.

The Anatomy Of A 51% Attack

Before learning how Komodo’s security service mitigates the risk of a successful 51% attack, it’s helpful to understand exactly how an attack of this nature unfolds. There are six steps.

First, an attacker gains control of a simple majority of a blockchain’s peer to peer network. As noted above, this is not as difficult or costly as you might imagine.

Second, the attacker begins to secretly mine blocks on an alternate blockchain. This second chain runs parallel to the chain on which the rest of the network’s nodes are mining. When the attacker mines new blocks, he does not announce it to the other 49% (or less) of the network. Thus, they do not know that the alternate version of the blockchain exists.

Third, the attacker transfers a sum of coins or tokens native to the blockchain he is attacking. Most often, attackers send funds to a centralized exchange, where they can be traded for other assets and liquidated. Note that this transaction only takes place on the ‘true’ version of the chain. The fraudulent chain (the one being mined privately by the attacker) does not acknowledge this transaction at all.

Fourth, the attacker continues to mine blocks on the private chain as fast as possible. Again, this is done without announcing any of the blocks to the rest of the network. And with more hash rate than the rest of the network combined, the attacker is able to mine blocks at a faster rate than the other 49% of the network. The fraudulent chain continues to grow and eventually becomes longer than the ‘true’ chain.

Fifth, the attacker announces the fraudulent chain to the rest of the nodes on the network. Because of the longest chain rule, a rule that assumes the longest version of a blockchain to be the ‘true’ version of the chain, the rest of the network is forced to accept the attacker’s fraudulent blocks. The honest nodes implicitly assume that their version of the chain is incorrect and convert to the attacker’s chain.

Finally, since the attacker forced the network to accept the chain on which his transaction from step three never took place, he is free to spend those funds again. It’s as if they never left the original wallet, despite the fact that they also arrived in the address to which they were sent.

The attacker sends the funds a second time, swaps for other coins, and then washes and/or liquidates them. The rest of the network is left scratching their heads. That's how a 51% attack takes place.

Komodo’s Blockchain Security Service

Komodo Platform’s delayed Proof of Work (dPoW) security mechanism protects chains with the power of the Litecoin hash rate. To put it simply, the dPoW mechanism stores backups of your blockchain onto the Litecoin ledger. Here’s how the process works.

First, the dPoW mechanism takes a block hash of every chain employing Komodo’s Blockchain Security Service. Then Komodo's Notary Node network saves these block hashes are notarized onto the Komodo blockchain.

Next, the dPoW mechanism takes a block hash from the KMD chain, which already contains all of the block hashes from all the other chains using dPoW security, and saves it onto the Litecoin blockchain. Just as before, this is made possible with a notarization transaction performed by Komodo's Notary Node network.

After the notarization transaction is officially mined into a block on the Litecoin blockchain, Komodo's Notary Node network informs both the Komodo network and network of every dPoW-protected chain that the notarization was successful. At that point, according to the blockchain consensus rules written into the dPoW security mechanism, no blocks or transactions that occurred prior to a notarization can be re-orged or changed. This makes the blockchain completely immutable.

Finally, the process repeats itself. This entire dPoW process occurs every ten minutes and once it takes place, a hacker would need to overpower the Litecoin network before altering or destroying the backups.

In essence, the dPoW mechanism provides a form of insurance for your blockchain. Your chain's decentralized peer to peer network still comes to consensus and decides which blocks and transactions are valid. Adding dPoW simply makes your network's true version of events immutable. An attacker would need to take down both the BTC and KMD networks before they could alter, disrupt, or destroy the backups of your blockchain.

Moreover, as this process occurs every ten minutes, the window of opportunity for an attack to take place is impractically small. There simply isn’t enough time between notarizations to launch a successful 51% attack.

It may also be helpful to think of the dPoW mechanism as a form of two-factor authentication (2FA). It’s simply an added layer of security to deter potential attackers from targeting your blockchain. If you were a malicious actor, would you choose to attack a blockchain that was being notarized onto the BTC ledger every ten minutes? Probably not. It’s just not sensible, especially when there are so many easy targets available.

If you’d like to integrate Komodo’s dPoW security mechanism to your chain, kindly fill out the form on our business page to contact us. Komodo’s Blockchain Security Service is available to any UTXO-based blockchain.

📧Komodo Newsletter

If you'd like to learn more about blockchain technology and keep up with Komodo's progress, subscribe to our newsletter. Begin your blockchain journey with Komodo today.

Great! Next, complete checkout for full access to Komodo Platform Blog | En
Welcome back! You've successfully signed in
You've successfully subscribed to Komodo Platform Blog | En
Success! Your account is fully activated, you now have access to all content
Success! Your billing info has been updated
Your billing was not updated