Crypto
2 min read

51% Attack

A scenario where a single party controls more than half of a blockchain’s mining power or stake, allowing them to reorganize blocks, censor transactions, or double-spend coins. Large networks like Bitcoin make this prohibitively expensive in practice.

What an attacker can do

With majority hash rate (in proof of work) or majority stake (in proof of stake), an attacker can:

  • Double-spend their own coins. Send a transaction, get an exchange to credit it, then secretly mine an alternative chain that excludes the transaction. When the alternative chain becomes longer than the public one, it replaces the public history. The original spend gets undone, but the value has already been withdrawn.
  • Censor transactions. Refuse to include certain transactions in their blocks, delaying or freezing them.
  • Reorganize recent blocks. Replace the last several blocks with an alternative version of their choosing.

What an attacker cannot do, even with majority control:

  • Steal coins from others. They can't forge signatures, so they can't move coins they don't own.
  • Inflate supply. Protocol rules still apply — they can't mint new coins out of thin air.
  • Rewrite ancient history. Reorganizing requires redoing all proof of work since the rewrite point. Going back more than a few blocks becomes computationally implausible.

Why Bitcoin is effectively safe

Bitcoin's hash rate is so high — measured in hundreds of exahashes per second — that capturing 51% of it would require billions of dollars of specialized hardware and a substantial share of global electricity production. Even if a state actor pulled it off, the moment the market noticed, Bitcoin's price would crater, undermining the value of any double-spend and burning the attacker's own holdings. The economic logic, more than the technical barrier, is what secures the network.

Real-world cases

Smaller proof-of-work chains have been successfully attacked. Bitcoin Gold suffered double-spend attacks in 2018 and 2020. Ethereum Classic was attacked in 2019 and 2020 with confirmed double-spends in the millions of dollars. Both incidents involved attackers renting hash power from cloud-mining marketplaces rather than building infrastructure from scratch — the rentable supply of mining power lowered the bar.

Proof-of-stake nuances

In proof-of-stake networks, the equivalent attack requires majority stake. The defense changes from "expensive hardware" to "expensive token purchase plus social slashing": if a validator tries to attack, the protocol can slash their stake, and in extreme cases the community can fork them out and zero their balances on the surviving chain. Critics argue PoS makes the attack cheaper to attempt; defenders argue the recovery options are stronger and the cost of the attack is paid by the attacker rather than externalized to the energy grid.