The concepts that support and relate to blockchain technology are reasonably easy to understand, despite being unquestionably sophisticated and essential for the worlds of crypto and NFTs. One of its key ideas is the so-called “51 percent blockchain attack,” which poses an incomparable risk to decentralized technology (and the crypto industry it supports). We need to examine the foundations of the blockchain itself in order to comprehend what it is and its potentially profound consequences for Web3.

A distributed digital database known as the blockchain is used to move and track data in the form of interconnected blocks resembling chain links. It’s crucial to understand that blockchain systems are run by a network of users and computers known as nodes, which act as a substitute for a third party like a bank or a centralized data server under the control of a Big Tech company in validating transactions.

What is a 51% attack? Why is it a blockchain attack concern?

In theory, the security of a blockchain system is correlated with the number of validating nodes. A group or an individual would need to control 51% of the system’s nodes in order to hack it successfully. This would allow them to change the blockchain record and fake crypto and NFT transactions, potentially causing the loss of millions of dollars worth of digital assets. In essence, a 51 percent assault enables malicious actors to seize control of the blockchain network and alter network transactions with potentially catastrophic financial consequences.

Now that’s what I call a 51% attack by the US Chapter 11 Government https://t.co/j1FtgBMor1 https://t.co/Xn4fHO6st3

— Simon Dixon (@SimonDixonTwitt) January 15, 2023

This might happen as a result of the nodes’ owners’ cooperation or as a result of hackers seizing control of the nodes. The more nodes there are, the harder this is to accomplish. For instance, compared to other chains, the Ethereum blockchain is said to have hundreds of thousands of validators on its network.

On the well-known play-to-earn game Axie Infinity‘s blockchain-based platform, hackers with ties to the North Korean government were able to successfully take over five of the sidechain Ronin’s nine validating nodes, which are tied to Ethereum. The blockchain network was completely stopped for months when the Ronin team recognized what had transpired, and then transactions were resumed in late June. The largest hack in the history of the network involved forgeries of withdrawals totaling about $625 million from it.

When hackers seized control of Bitcoin Gold, a tiny cryptocurrency asset that had split from the Bitcoin blockchain in 2017, there was another 51 percent attack in 2020. The cryptocurrency was double-spent for a total of almost $72,000 by the hackers. When a cryptocurrency is used twice or more, it is referred to as double spending, which enables the person who started the transaction to recover their lost tokens.

What is the probability of a 51 percent attack?

The size of the network directly influences attack susceptibility; a larger blockchain is more secure. The amount of computer power needed to carry out a 51 percent assault is enormous and reduces the possibility for systems using energy-intensive proof-of-work (PoW) consensus mechanisms (like Bitcoin); it is simply not worthwhile for the hackers’ time and money to even attempt to do so.

However, if they are successful, there is no way to stop the actual hardware that gives them access to the system, so they might keep doing this until network administrators start a “hard fork.” A hard fork is a significant modification to the protocol (the fundamental set of guidelines) of a blockchain that splits it into two now incompatible versions of itself. As was the case with Bitcoin Gold, such occasions frequently catalyze the creation of new cryptocurrencies.

However, there are strategies to make 51 percent of attacks less likely. PoS consensus systems, such as the one used by the Ethereum blockchain, require a vastly reduced amount of energy than PoW-operated networks. These depend on validators staking some cryptocurrency in order to be accepted as a validating node. For Ethereum, that amounts to a substantial 32 ETH. Theoretically, under a PoS system, the network might be taken over if enough validators banded together. However, even in this scenario, Ethereum administrators might “cut” the staked ETH, resulting in the offending nodes losing their investment and capacity to launch further attacks.

Numerous times over the years, Vitalik Buterin, the co-founder of Ethereum, has addressed this matter, asserting that, although undesirable, a 51 percent attack on its blockchain wouldn’t be disastrous.

We need to get past the myth that it’s *fatal* if one entity gets enough to 51% attack PoS. The reality is they could attack *once*, and then they either get slashed or (if censorship attack) soft-forked away and inactivity-leaked, and they lose their coins so can’t attack again. https://t.co/utash1hUDU

— vitalik.eth (@VitalikButerin) September 2, 2020

Decentralization discussion

The question of how long people would want to wait before supporting “extra-protocol” intervention was posed in a Twitter poll that Buterin tweeted in the days leading up to Ethereum’s transition to the far more energy-efficient PoS consensus algorithm that it now uses. The question was straightforward: in the event of dire circumstances, would the community support a centralized authority intervening and rendering a decision for the entire blockchain?

How many blocks would a 51% attack need to revert for you to support extra-protocol intervention (ie. a soft-fork) that declares the attack chain illegitimate so that users and clients ignore it?

— vitalik.eth (@VitalikButerin) October 20, 2019

Neither is the query rhetorical. Not only the Bitcoin blockchain has been forced to hard fork in response to an attack. In 2016, Ethereum implemented a hard fork after hackers used security holes in a blockchain-based application, forcing the system’s administrators to undo the transactions associated with the exploit and restore users’ money.

Such centralized acts are the antithesis of blockchain technology’s core idea: Although the majority of respondents to Buterin’s poll agreed with the idea of centralized intervention, the comments below the same poll showed that a sizeable percentage of the Web3 community finds the idea unsettling. But for the time being, they continue to be a regrettable requirement to guarantee the stability of these systems in dire situations. In spite of this, they continue to be a contentious talking point in NFT and crypto communities. Similar to the debate over decentralized Web3 markets, it’s possible that the best, albeit counterintuitive, way ahead is through centralized decentralization.