The decentralized and trustless nature of blockchain technology makes it an attractive option for high-scale institutional payments. However, the security of such transactions relies on the assumption that the network is not susceptible to a 51% attack. A 51% attack occurs when a single entity or group of entities controls a majority of the network's mining power, allowing them to manipulate transaction records and potentially double-spend coins. Such an attack would put any high-scale payments made through the network at risk. Given the significant financial stakes involved, banks and other financial institutions cannot afford to take the risk of conducting transactions on a blockchain that is vulnerable to a 51% attack.
What is a 51% attack?
In Proof of Work (PoW) cryptocurrencies, nodes typically are set up to recognize the blockchain with the most blocks (and therefore the most hashing power) as the correct version of history. Miners with > 50% of the network hashing power can take advantage of this by sending funds to one address on the main chain, while sending the same funds to another address on a forked copy of the blockchain that they are silently mining with more hashing power than the main chain.
Since other nodes only know about the main chain, they will see the first transaction as valid, and exchanges, etc will accept this transaction as valid. This malicious node can later release these silently mined blocks, and other nodes will accept this as the new 'correct chain' since it is longer. This will cause the original transaction to effectively dissappear, and nodes will recognize the funds as being sent to the address from the new chain instead. This is known as a 'double spend' attack.
Most bigger cryptocurrencies have sufficient mining capacity behind them, making it extremely expensive to acquire the necessary hardware to pull an attack like this off. Smaller cryptocurrencies have less hashing power securing the network, making it possible to simply rent hashing power from miners on a service like Nicehash for a few hours. This significantly reduces the capital costs of an attack.
Recently there have been a number of 51% attacks including a high profile attack against Bitcoin Gold where $18 Million was stolen.
How is the attack cost calculated?
Using the prices NiceHash lists for different algorithms we are able to calculate how much it would cost to rent enough hashing power to match the current network hashing power for an hour. Nicehash does not have enough hashing power for most larger coins, so we also calculated what percentage of the needed hashing power is available from Nicehash.
Note that the attack cost does not include the block rewards that the miner will receive for mining. In some cases this can be quite significant, and reduce the attack cost by up to 80%.
In conclusion, while blockchain technology offers many potential benefits for high-scale institutional payments, the threat of a 51% attack is a major obstacle to its widespread adoption. As we have seen, this type of attack can be devastating, causing transactions to be manipulated and potentially resulting in significant financial losses. Although some larger cryptocurrencies may be relatively well-protected against these attacks due to their significant mining capacity, smaller coins remain vulnerable. However, companies like Ripple, which rely on a different consensus mechanism known as XRP Ledger, do not face the same risk of a 51% attack. In addition to alternative consensus mechanisms like XRP Ledger, interchain linking and coins built on top of other networks could offer alternative solutions to the problem of 51% attacks. Ultimately, it will be up to financial institutions and other stakeholders to weigh the potential benefits and risks of using blockchain technology for high-scale institutional payments, and to determine the best path forward.