Can a Blockchain be attacked? [Updated 2023]

How can a blockchain be attacked?

Although the blockchain is one of the most innovative technologies of our age, there are rightly questions about the real security and thus the trust in it. After all, it is still relatively young and more than capable of development. If it is to be used more and more, how can complete security be ensured in a completely decentralized manner? What exactly do attacks look like there? How are these supposed to be controlled if everything is managed decentrally? In order to better understand this article, it is important to understand that a “blockchain attack” always means an attack on the respective consensus mechanism. Only he ensures security and only he can be attacked in order to be able to manipulate a blockchain according to the intentions of the attacker. The size of a community is also important and plays a decisive role. Large blockchains such as Bitcoin are almost impossible to attack due to the size of the participants when they are still young with fewer participants, and the trend is rising. Why is that so? The more a blockchain grows, the more decentralized it becomes, which means that attempted attacks can be revealed faster and more likely by the community. Finally, financial costs also play a role. Especially in the case of the BTC blockchain, whose consensus mechanism is based on “Proof-of-Work” technology, it takes an enormous amount of computing power and electricity to be able to make changes to the consensus algorithm for your own benefit. It would simply not be financially worthwhile to buy this “power”, but more on that in a moment. The attack on a blockchain is not always the same, because there are different forms, which mainly has to do with the fact that blockchains work according to different consensus mechanisms. 

Since it would take quite a long time to list all the possibilities, the most well-known attack model, which has even occasionally occurred with various blockchains or cryptocurrencies, is briefly explained below:

The 51% attack

With a 51% attack, as the name suggests, the majority of the effort within a community is used to dominate the important consensus. Even more disturbing is the fact that theoretically less than half (say 35%) would be enough, but then the probability is correspondingly lower. The power required for this is represented by the so-called “hash rate”, which, to put it simply, is the power of a computer to carry out mathematical calculations. The attackers and their mining power are in the majority, the decentralized network suddenly becomes central. By mastering the consensus, they can decide which transactions are confirmed and which remain unconfirmed, only blocks are accepted which would contain transactions in the sense of the attacker. It would also be possible to spend bitcoins twice. A common misconception is that such an attack would control the entire network with a very high hash rate, which is never the case. However, for a 51% attack to be profitable at all, it must remain undetected. Why? As soon as even an outside participant in the network notices something about the manipulation, he will complain about it. This news would then spread like wildfire among the other participants, resulting in a lack of trust. If there is no trust, no value can exist: as a result, the “other part” of the community would start selling the cryptocurrency. Due to the resulting low value, the attackers are very unlikely to make any profit. So to make a 51% attack really worthwhile, it has to be done in secret. To show what such an attack can do with a cryptocurrency, here are two short examples that took place almost consecutively in mid-2018:

Verge (XVG)

Verge is a so-called private coin, i.e. a cryptocurrency that specializes in privacy. This was the victim of such an attack on April 4, 2018 due to an error in the XVG code. The attacker(s) were able to carry out the attack for three hours that day before it was stopped by itself. The consequences: According to the XVG team, around 250,000 Verge coins were stolen, user transactions were not accepted, reputation damage and a price collapse.

Bitcoin Gold (BTG)

Bitcoin Gold is a cryptocurrency created by a so-called “Bitcoin fork” (you will find out exactly what that is shortly). In principle, this does not differ much from Bitcoin itself, but has the goal of making mining more decentralized. BTG was also the victim of a 51% attack in May 2018, this time the attacker(s) had different intentions. While the attack on Verge was more aimed at mining and the coins distributed as a result, the goal with Bitcoin Gold was to sell a lot of non-existent BTG to exchanges through double spending. Double spending is easily possible for the attacker with this attack by reversing the number of BTG that was deposited at the various exchange offices. Due to the existing majority of the hash rate, the course of the blockchain could be changed and the BTG that were sold no longer appeared in the history afterwards. Damage at the time was estimated at $18 million. However, this sum would not have been possible if the attack had been discovered earlier. As with Verge, the reputation was damaged and the price collapsed as a reaction from the community.

Conclusion

There are various ways to attack a blockchain, this article explained one of if not the most well known form. Depending on the blockchain and consensus mechanism of the network, there are different ways to harm the decentralized community. There are no reasons to worry about the safety of a blockchain, especially on big projects like bitcoin. The more people participate in a decentralized network, the harder it gets for attackers to harm the community.

Over time, blockchains will get safer and more trusted by people, therefore making them more resistant to attacks.