What is Double-Spending
The problem of double-spending and its possible solution in the context of a peer-to-peer electronic monetary system was first discussed in the Bitcoin White Paper by Satoshi Nakamoto, the anonymous developer (or group of developers) of the first cryptocurrency.
Actually, the solution to the problem of double spending by means of keeping a public register in the form of a blockchain and a common consensus algorithm, including the issue of validation of transactions through mining, made it possible to create bitcoin.
Simply put, the author had the following task - to create, on the one hand, a decentralized electronic monetary system, and on the other hand - a system devoid of vulnerability in the form of the threat of "double spending". What is this threat? Let's look at the following example:
Let's say Bob has 1 BTC. Bob transfers 1 BTC to another person, Ellis, as payment, and in return receives some item from her, such as a cup of coffee. Ellis must be sure that this transfer is irreversible and that Bob cannot cancel the transaction and spend the money again. Otherwise, Bob will be able to spend the same amount of money again. For example, to buy goods from another seller. In this case, Ellis will be left both without money and without his goods.
The problem of double spending may seem counterintuitive at first glance, especially for a person who is not used to working with cryptocurrency and transfers money through a bank. It's all about the fact that when we transfer money through a banking app, the bank acts as an intermediary between the sender and the recipient.
That is, it guarantees the validity of the transaction. If Bob transfers $1 to Ellis to pay for a cup of coffee, Ellis knows that the transfer is not reversible, and she got the money for the product because the transfer is certified by the bank.
So the problem is solved by the fact that the transaction system is centralized. But what if we want to use a decentralized system? Nakamoto proposed a general consensus algorithm (proof-of-work, PoW) and transaction validation through mining. Now Ellis can verify the validity of a transaction if it has been written to the blockchain. The longer the chain of blocks following the block containing her transaction, the less likely the transfer is "reversible".
What is a "51% Attack"
Now, using the problem of double-spending and Bitcoin as an example, let's ask one important question - is the Bitcoin system absolutely secure, does it remain possible for an attacker to conduct a double-spending attack?
Yes, hypothetically, it does. To do so, an attacker would need to become something like a "master validator" - a participant who would single-handedly process transactions in a decentralized network. If the network's consensus algorithm is proof-of-work (as in Bitcoin), then the attacker needs to take possession of the vast majority of the computing power involved in mining for sole control. Like a shareholder wanting a controlling interest in a company.
If the attacker takes possession of 51% of the computing power, he or she is more likely to succeed in forming blocks in the blockchain. What are the risks?
Consequences of the "51% Attack"
Double-spending - this is not the only scenario for using the attack. Of course, an attacker can form a longer chain on the blockchain and thereby spend the same money "re-spend"- canceling out alternate spends.
But beyond that, an attacker can, for example, ignore a particular transaction and not include it in the blockchain. He can also prevent other participants from mining (selfish mining - intentionally hiding found blocks and publishing them later), collect all transaction rewards and commissions, and even hypothetically split the network with a fork.
Risks of attack for Bitcoin
Today, a random attacker who would want to conduct a 51% attack on the Bitcoin network would need to have enormous computing power, which makes such an attack simply unprofitable. That is, the costs could exceed the potential benefits. For many scenarios, the attacker will not have sufficient economic incentives, as discussed, for example, in a Bank of Canada study.
This does not mean, however, that the attack itself is impossible. On the contrary, in the past, when the cumulative hash rate of the Bitcoin network was not as high as it is now, the blockchain was quite vulnerable.
It was the creator of Bitcoin who avoided problems early on. Nakamoto was probably personally involved in early "honest mining" and keeping the network consistently processing data correctly. There is a phenomenon also known as the Patoshi pattern, named after a miner of the same name (who probably could have been Satoshi himself) who processed a lot of the first blocks and was rewarded by the network with about 1 million BTC.
A number of experts say that Bitcoin is not in danger of a 51% attack these days. In particular, so accounts entrepreneur and crypto-enthusiast Andreas Antonopoulos.
Attack risks for altcoins
Some networks don't have enough computing power to prevent an attack. A prime example is the Bitcoin gold network (a Bitcoin fork), which subverted "Attack 51%" in 2020. Back then, the attackers managed to rent capacity, make two double-spends and take possession of first 1,900 BTG and then 5,267 BTG. Against the backdrop of this incident, the world's largest crypto exchange Binance increased the requirements for withdrawing BTG from 12 to 20 confirmations immediately after the attack.
In 2019, the developers of Ethereum Classic confirmed the fact of "Attack 51%" on their network, as a result of which the attackers managed to make a double spend. The situation was repeated in 2020 as well - it is known that a similar incident in Ethereum Classic occurred three times in one month.
An attempted attack with a variant of selfish mining was carried out by attackers in September 2021 on Ethereum's core network. Unknown published their own chain of 550 blocks, but most nodes identified it as a failure. Thus, the consequences of the attack were avoided.
"51% Attack" and PoS
Theoretically, an attack could be carried out in a system with a consensus algorithm other than PoW. For example, in a PoS system, the success of such an attack is possible with a high proportion of validators (higher proportion of steak) on the attacker's side.
That is, technically, the attacker should not possess a sufficient amount of computing power, as in the case of mining, but a sufficient number of tokens that participate in transaction validation.
At the same time, the network itself may contain additional protection methods due to the specifics of consensus. The consensus may apply penalties (slashing with loss of steak share) for attempted attacks. The role of the validator and the frequency of its participation in validating transactions in the network may be limited at the protocol level, such as the practice of reducing predictability - randomly selecting the validator - in the Solana network.
There are, however, types of attacks that may precede the "51% Attack" but carry stand-alone network manipulation threats, like the "Sivilla Attack."
Conclusion
"The 51% attack" remains one of the main and fundamental threats of any decentralized blockchain. As practice shows, low hash rate networks are particularly vulnerable. Bitcoin is protected from such attacks due to its high computing power. The growing influence of individual mining pools sometimes leads to renewed discussions about a potential attack, but for a large blockchain, as in the case of Bitcoin, it is more likely to be uneconomical.