A 51% attack is a way for attackers to seize control of a blockchain’s block minting process, validate fraudulent blocks, and steal money from the chain’s users, usually by double-spending — falsifying records on-chain to allow spending the same digital currency more than once.
Traditional web apps can be thought of as a bit like company offices. If you can break into the boss’ office without anyone noticing, you can give orders from there and the whole company will obey, at least for a little while. And once you’re inside the building, you can roam around more or less at will.
Blockchains aren’t like that. They’re more like a building full of locked rooms that don’t take orders from each other. Break into one room, and that’s all you get; there’s no vantage point from which you can control the whole blockchain, and no “inside” where you can move freely from room to room. Every account on a blockchain has its own private key; without an account’s private key you can’t access it. This is totally different from a normal web app, where once you’re in, you can access multiple accounts and data caches from inside the system.
As a result of this distinction, it’s relatively tough to take control of a blockchain account; no private key, no access, and no third option. Taking control of an entire blockchain is even tougher, but it can be done. It’s called a 51% attack.
Imagine a tiny Proof-of-Work (PoW) blockchain, with just 100 nodes. Blockchains operate by consensus, with nodes agreeing on a ledger of transactions which then gets minted as a block. In PoW chains, nodes earn the right to validate a block by mining (performing work). It’s all but impossible for bad actors to directly take over accounts, and totally impossible to take over a blockchain from the inside. But if a single entity controlled 51 of the nodes on our imaginary chain, they could conceivably use all those nodes to validate an invalid block. They would take over the blockchain by the back door. That’s how a 51% attack works.
Have 51% attacks ever happened? It’s an important question because PoW blockchains include Bitcoin and Ethereum, meaning the majority of the digital assets economy is theoretically vulnerable to this kind of attack. There’s no structural reason why it can’t happen, and when Bitcoin’s mining pool was concentrated, with just a few mining companies accounting for over 51% of hashes and those owned by the same parent company, concern was real.
However, there are economic reasons why a 51% attack on Ethereum or Bitcoin is unlikely. Miners have sunk huge costs into rigs that are of little use for any commercial application except digital assets mining; if they destroy the legitimacy of digital assets by successfully attacking the most popular blockchains, they get a one-off payday that can easily be traced to them — and ruin the sector that supports them. The sensible way for these companies to maximize profits is to do what they’re doing: mine BTC.
There have been 51% attacks on some blockchains, though. Those examples illustrate the risks — and the potential rewards for bad actors. An attack on the Bitcoin Gold chain, a Bitcoin hard fork, in May 2018, resulted in a double spend that netted the attackers $18 million worth of coins, from a chain with a market cap around $100 million. A successful attack on Bitcoin today, with a trillion-dollar market cap, would net attackers $180,000,000,000. And the 2018 attack destroyed Bitcoin Gold; the chain’s still active but the token trades at around $20, despite having almost the same circulating supply as Bitcoin. If a similar outcome were applied to Bitcoin, it would wipe out billions. Ethereum Classic suffered a successful 51% attack early in 2021, netting attackers $1.1 million; however, the network wasn’t delisted as Bitcoin Gold was.
One thing that stands out about the majority of successful 51% attacks is the timing: they tend to cluster around 2018, when a glut of altcoins was losing out as investment focused on Bitcoin, and technical experimentation largely zeroing in on Ethereum. Coins whose value to miners was crashing offered the opportunity for just one final heist — very much not the situation with Bitcoin and Ethereum.
Long-term, protection against 51% attacks probably depends on ongoing value to miners, robust regulatory, technical and cultural barriers to attacks, and changes to the internal structure of blockchains. Many of the most recently-emerging chains, like Cardano and Polkadot, rely on a different consensus algorithm, usually some form of Proof-of-Stake, which is not vulnerable to the same types of attacks.