Topic: Almost no one understands the 51% Attack - page 3. (Read 794 times)

Still I don't think a 51% will actually happen.  literally everyone including miners are all out to make profit and with that much hash rate to carry out a 51% attack I think mining pools would be smart enough to use that enormous hash rate themselves to collect more mining rewards rather than trying to re-org particular blocks on the network. Take for example as of recent, September 2024, the total Bitcoin network hash rate is around 300-400 Exahashes per second (EH/s) when I last checked. To launch a 51% attack, an attacker would need to control at least 51% of this total hash rate.

Let's assume a total network hash rate of 350 EH/s (say a rough estimate). To calculate the required hash rate for a 51% attack:

51% of 350 EH/s = 0.51 × 350 EH/s ≈ 178.5 EH/s

So, an attacker would need to control at least approximately 178.5 EH/s to launch a 51% attack on the Bitcoin network.
Almost no one would want to waste such hash rate on an attack since there is a possibility that it would be aborted before it's success.

I merited the OP because I think indeed there should be more knowledge about more subtle 51% attacks in the community.

However, I'm far less pessimistic than the OP here. Censoring a miner or mining pool for example would be quite obvious, detectable for everybody who knows the addresses of these mining pools - e.g. the pools themselves.

One of the interesting cases for example is an attack of a coalition of miners to censor not a miner, but an address (OFAC sanctioned for example). In theory they could simply wait if some other miner includes a transaction from or to that address into his blocks, and reorg only these blocks selectively.

However, this is also quite difficult that it would go unnoticed. With a bit of chain analysis you can find common characteristics of the censored blocks. And in addition: if the fee of the transactions to/from the "sanctioned" address is high enough, then all non-censoring miners would include the transaction in their blocks. So the coalition would have to censor every block not coming from themselves, and that would mean basically it's the same scenario than "censoring a miner" or "censoring a pool".

What is also not possible realistically is this scenario:

You can't simply "edit the chain" and "add your own blocks". That would simply be invalidated by all full nodes, as it's against the protocol. The blocks you add must follow protocol rules, i.e. match a certain difficulty, and thus it requires "real" mining to produce them.

So even in this scenario, you have only the "normal" 51% attack options: double spending (easy to detect), censoring miners (easy to detect too) and censoring transactions/addresses (like I wrote above, requires a little chain analysis but should be detected very fastly by the chain analysis firms, and in the case the fee is high this is also easy to detect by normal miners). There's nothing subtle in this attack.

Yes, GHash.io had more than 51% briefly back in 2014 I think.  Then they agreed to stay below 40% and then a few years later shut down.  I am not sure if it was DDOS related, or just people leaving them due to having been close to 51%, but they've been gone for a while.

The risk about the 51% attack es the fact that someone can sell a big amount of coins and then recover those coins, let's say someone sell 100btc and after cashing out from the exchange he make the 51% attack, with that he can recover the 100 btc that he deposited in the exchange, that way he keep the money from the sell and the 100 btc.

that's the main risk behind this kind of attack.

Russia could hack the top three mining companies using their existing infrastructure, making the cost of the attack essentially free for them.

Nobody doing this is going to go to Newegg and buy a zillion dollars in new servers. That's not how this would work.

And again, this is the concept that so many people cannot grasp: there are no human beings governing Bitcoin. Hence there is no scenario where "the community rejects XYZ". There is no "community". There are only algorithms and code. Every form of argument that starts with, "but then people will..." is a false one. There are no people involved here.

Yeah any attack is definitely not easy at all, would require an immense power behind it and a ton of machinery and a lot of energy consumption, all of which would cost insane amount of money and also time as well. They wouldn't need to start on the genesis block, but they would definitely not look like they know what they are doing, so it would make more sense if they could just avoid any of this, it wouldn't really be beneficial for the attacker.

Think about it, you would have to spend so much money and time on doing something like this that has no guarantee that you will achieve it, and in the end you are talking about something that would not give you that much profit to get it since people would just move away to something else instead. This is why I think it is never really attempted at BTC, because we have seen ETC for example, which is ethereum classic, to have it and nothing big happened and it wasn't worth it for the people who tried it, which is a reason why nobody does it on BTC neither.

That's the point. That all these theoretical posters simply want to ignore. An attack is not the issue, a SUCCESSFUL (profitable) attack is virtually impossible. Financial aspect alone is not possible, and they also don't like to discuss reputational cost.

Look at all the forked Bitcoins, all those who supported it looked stupid and continue to look stupid, nobody will trust them to run a chain that is globally honored.

So yes, these guys can talk about how easy it is, but go ahead and do it.

In theory, the attacker can start at any block because they will eventually surpass the other miners as long as they maintain a majority. They would not necessarily have to start with the genesis block. It depends on their goal.



It is naive to believe that a miner (or pool) cannot reach 51% as it has already happened once.

1. asics do not have a full node software in them.. in simple terms an asic receives a basic hash and some blockheader data via a different communication method(its called stratum) than the normal node relay network, and re-hash it trillions of times until it makes a difficult hash and send the difficult hash back (hash in -hash out) via the stratum connection..  asics are not full nodes and have a separate communication path to the pools compared to the bitcoin peer network of nodes

2. asic owners have a asic that (simple terms hash in-hash out) and separately have a computer that has a full node to watch the blockchain for other purposes including risks and if they get paid

3. asic owners can jump their asics activity over to other pools if the owners notice a pool is doing some funky stuff
so if a pools node is infected.. asic owners (remotely) can just change pools. via each asic owner looking at their own separate node for instances of malicious/funky stuff

---

im starting to think that you make posts with some silly assumptions to poke and trigger people to correct you so that you learn by being spoonfed info rather than actually spending the time to learn things properly by actually researching aspects of bitcoin(its starting to become a common occurrence with certain people.. play dump to prompt people to correct you on purpose as a lazy way to learn)

its like those preppy kids that hire a tutor to just give them the answers by acting ignorant to the subject rather than actually reading about things and learning via looking for information

---

try to learn about all the mitigating factors that actually make a potentially malicious pool not profit and instead want to operate honourably to profit. (hint there are many factors at play)

Hundreds of thousands of nodes running... one copy of the software. Hackers would presumably hack the software, not the individual ASICs.

a pool is not a single miner

pools are a collective of hundreds of thousands of miners, a 51% attack would require atleast one million asics working collectively
and if a pool was to be doing any shenanigans that cause financial risk to all those asic owners, they would jump away to another pool

for instance if a pool manager had a community of 1million asic owners and their pool started winning every block but the pool manager was not paying out rewards to those asic owners. the asic owners would jump to another pool.
if the pool manager was to start doing empty blocks of zero transactions so that those with coin cant move their coin, again asic owners would jump pools because they too cant spend coins they have or will get if they stay

by a pool manager denying transactions, even services will start to want to reject blocks with zero tx. (and yes they can because behind every algo filled node is a human at the computer that has a keyboard, commanding the node(bitcoin is not AI))

what you find is that the bitcoin economics work great because those that try to cheat it lose out in the end and those that operate honestly end up winning.
there are many mitigating factors that are in place and also extra scripts that services have and people operating nodes as extra precautions

even the most simple thing of block rewards cannot be spent for 100 blocks means that a malicious pool has to win constantly for 16 hours before it can even spend its first malicious block reward. thus even at the 15th hour of being malicious the honest part of the network and services that want an honest network can decide to re-org a crap tonne of empty blocks and accept honestly filled blocks or other factors of preference

thus even a malicious actor ends up gong straight to remain relevant.. and thats even when asics can jump to any other pool in under 20 seconds but have hours of time to see the malicious actors failures before the malicious actor can even profit from its maliciousness, so again a malicious actor wont want to be malicious if they are not making profit. and if they cant make profit per block for 16 hours delay per block, then the likely hood of them being malicious at all is negligible due to the risk of losing all of their efforts before the 16th hour delay between creation and spendability

Perhaps another related discussion here is: what if all three of the mining companies who currently comprise >51% of the Bitcoin hashrate were taken over by clandestine means, and the hackers subtlety changed the data store to (say) edit the chain and add their own blocks?

In terms of cost, this would be perhaps 3x more expensive than the average hack of a single company, which for a sophisticated player e.g. Russia or Iran or PRK, this would not really cost anything per se since they do this all of the time.

Any attacker here wouldn't be stupid and simply do something that would be immediately detected--they would quietly insert their own blocks (etc.), trade with them, and essentially infect the whole network. After a few hours/days/weeks of this happening, it wouldn't matter if the hacks were discovered since the integrity of the entire chain would be utterly incinerated since nobody could know which transactions were made by the attackers and which were made by normal users.

Understand that there is, for instance, no way to simply "turn off" Bitcoin while some central authority figures out what went wrong. The network would keep going and going in realtime (and in a situation where the network integrity was in question there would be a massive "run on the bank" situation with basically every single holder trying to trade their Bitcoin for USD).

And while I will be the first to say that such an attack is "unlikely", that is not the same as saying it is "impossible". My savings account is probably stored in a not-internet-connected mainframe at a Big Bank, and it's backed up to WORM storage in (probably) multiple geographical locations. It is "unlikely" that may savings account at Big Bank will be lost, and this is definitely not something that is very common (in fact I've never heard of this happening to a prominent bank ever). I don't lose sleep worrying that my savings account will be hacked just as I don't worry about every airplane I board crashing--because it's very unlikely.

The question is, in terms of systemic risk, which is safer: your Big Bank savings account, or Bitcoin? I would argue the former, based on everything we know right now. This is based on a security assessment that takes into account track record, system complexity (banks use braindead non-internet-connected mainframes that have stood the test of decades of time), and system governance (same deal: banking regulations and industry-standard practices around access, personnel, etc. that have been hardened over the decades for banks, whereas all of this is brand new for Bitcoin).

The point is, anybody who tells you it is "impossible" that Bitcoin is hacked and the value of your holdings could never go to zero are... wrong. Unlikely maybe, but not impossible.

Because you need only 51% to attack it that way and 50.1% probably wasn't catchy!
But yes he is right about it, a guy with 51% of the hashrate will be able to mine all the blocks and people noticing that won't matter, it would be like realizing a guy is beating you and you lie down on the floor with no power, what is realization going to do?
Also, miners won't all suddenly see that large operations maybe, smaller ones, no way, it would take even days in some cases before some realize they are getting trashed.


It's the opposite, legit miners will see their blocks getting reorg with nothing to do so they will quit, the hashrate will go lower and the attacker will never fewer and fewer resources.


And? What are they really going to do? Fork the chain? What good will that do, the attacker will attack the new chain!


And then they will move to your new chain and attack this one, and then again, and again...imagine the price after two such events.

The thing about such an attack is simple:
- yes, it's possible
- it's all about $
- is it worth it? not really!

As already explained, but 51% is two things, not easy, and not cheap. By not cheap, currently I doubt there is a single entity on this planet that will gladly spend Billions (with B) for this kind of attack which is not even sure to succeed.

It does matter, because if users will stop using a given coin, then it will lose its value. Guess what: some people tried to fork Bitcoin, and they reached 51% for a short period of time. What happened next? Well, people simply sold their ALTs for BTCs, and moved on. And the same thing can happen again: you get 51%, you reorg some valid blocks, mined by other miners, and then everyone will abandon your chain, so you will be left with a lot of worthless coins.

It is never the case. Miners are long-term investors. They will rather mine an altcoin, than stop mining. Which means, that if some transactions will be censored, then miners will form just another altcoin, and users will join them, because then, they will have at least some confirmations, instead of constantly seeing zero confirmations in the attacker's chain.

Currently, there are some altcoins, which have something around 1% of double SHA-256 hashrate. And guess what: they are still maintained, there are still some users, and even though the value of their coins decreased, their altcoin is still actively used. And when they were attacked more heavily, they introduced more rules, like "max 10 blocks chain reorganization", and other consensus changes, which allowed them to keep running their chain, no matter how hard they are attacked.

So, to sum up: a silent attack has much more chances to succeed. For example: the latest testnet4 soft-fork was silent, and many blocks were produced, before people noticed, what happened, and triggered a huge chain reorg, to fix it. But eventually, everything went back to normal, and timewarp rules were enforced properly. Because Bitcoin is not ruled by miners. And I know, that it is true, because it is not the first time, when I can see, that users can enforce their rules, and force miners to mine the blocks they want. Because miners are like entrepreneurs, making blocks, and selling them to users. And if you have 51%, and you use it for attacking, then nobody will buy your blocks, and they will lose their value immediately.

We have been hearing about a 51% attack for years now, it's never happened.

There are 2 possibilities of it happening.
1) By a private entity
2) By a government.

If it's #1, it would have to be the size of Apple or Amazon or similar with a ton of data centers and and insane amount of electricity and staff to run it. It would cost a fortune and there would be a shareholder revolt.

If it's #2 then it does not matter, it would have to be a larger country, with once again enough money to buy the miners and available electricity to run them. At which point it's just easier to ban all businesses that deal with BTC and start putting in very harsh penalties if caught dealing with it.

There are also much easier and cheaper ways of doing a 51% attack that don't involve buying miners just you have to run a pool:


-Dave

51% attack or 80% attack, miners will separate to longest and smaller chains. If assume the attacked longest chain is refused by Bitcoin community as an original chain, they will use the smaller chain as Bitcoin. The longest chain will become a chain of shit coin like many Bitcoin forks created, and died with time.

The good one will stay with us, and a bad one will rot and die with time. A longest chain done by attacks will not be able to last for so long.

How many Bitcoin forks are there?

fortunately engaging in such is quite expensive
Except the individual goal is nothing but destroying the trust of individuals in the Blockchain no matter the cost.

No they don't have to build a new chain from the Genesis block
They can start from the latest block or go further back if they plan on reversing a specific transaction
But the goal is that their private chain have to grow to the extent it becomes longer than the honest chain by continuously mining Blocks faster than other miners.
With 51% hash power  
Once their chain gets longer than the honest they can then broadcast it and the nodes would take the longest chain as the Valid
There by making double spending possible

But The cost in starting and maintaining it is astronomical, not to mention difficulty adjustment that's makes sure mining becomes more competitive.
It's theoretically possible but implementing it is hard and should be considered irrational.

So, literally the attacker has to start building a new chain from the genesis block? or would they be a way to maneuver the honest chain and advance from there? Nevertheless, it's quite unrealistic to possess a hash rate that supersedes that of all other miners combined.

It's not that people don't know about other types of attacks that can be done with having 51% (and some of this attacks can be done with less than that), it's that double spending would make the most damage to the trust in Bitcoin.

Other types of attacks like reorgs, censorship, stiffing mining competition have less impact on the trust.