Are Proof-of-Stake Blockchains Susceptible to 51% Attacks?
One of the many benefits of cryptocurrencies championed by blockchain promoters is their secure nature. A basic understanding of how they work leads people to think that cryptocurrencies are safe.
They use advanced cryptographic techniques that are enough to deter amateur hackers. However, like any digital currency, they are susceptible to cyber-attacks.
There are two main types of blockchain mechanisms: Proof-of-Work and Proof-of-Stake. The latter is a newer version, but both of them can be compromised in several ways, including 51% attacks.
In this article, we’ll explain what 51% attacks are and if they can affect Proof-of-Stake blockchains.
What is the Difference between Proof-of-Work and Proof-of-Stake Blockchains?
Cryptocurrencies are run on blockchains, which are decentralized digital ledgers. They are like databases with transactions recorded in blocks, strung together like a chain with timestamps.
Blockchain networks operate through a complex system of computers (nodes) that validate transactions. Each transaction on the blockchain requires the exchange of unique cryptocurrency tokens between accounts by solving cryptographic puzzles. Each transaction also has a transaction cost.
Solving cryptographic puzzles, therefore, is a computationally expensive process but it is necessary to keep the information secure at the same time. To promote network participation, the blockchain issues cryptocurrency rewards to active validating nodes, in a process that is called mining.
There are different ways to award cryptocurrency to the validating nodes, which we will discuss next.
1. Proof-of-Work (PoW)
Proof-of-Work blockchains reward nodes that solve as many cryptographic puzzles as possible. The common unit for this operation is known as the hash rate, which is measured in hash strings solved per second.
When a mining node creates a new block to accommodate new transactions, the blockchain algorithms award that node with a fixed amount of cryptocurrency (called a block reward).
The first PoW blockchain was Bitcoin, but many other blockchains use this mechanism of mining today. PoW blockchains favor computers that have powerful hardware, and they are the main reason many cryptocurrency miners go for expensive hardware like ASICS and GPUs, causing a crisis in the blockchain.
Miners look to maximize their throughput with powerful hardware, hence, several companies have formed their own mining farms. This form of mining is very costly as it requires investing heavily in hardware and physical space, along with paying high power bills.
The positive side of PoW mining, on the other hand, is that cryptocurrency rewards are quite predictable and stable. It is easy to account for the spending on this form of mining.
2. Proof-of-Stake (PoS)
In Proof-of-Stake blockchains, cryptocurrency rewards are given based on the cryptocurrency holdings of a user. The higher the amount of the cryptocurrency attached to an address, the larger the ‘stake’ of that user in the blockchain.
The mined rewards are given by assigning a weight to participating users, with those having a higher stake having a higher probability of getting a block reward.
PoS blockchains eliminate the need for high computational power for mining rewards. This is because all computing resources are added to a pool (known as the stake pool). PoS blockchains are more energy efficient than their PoW counterparts.
Because the staking algorithms act as a secondary layer on top of the settlement layer (the layer that performs and records transactions on the blockchain), PoS blockchains are open to smart contracts.
Smart contracts are algorithms that can specify additional terms for receiving cryptocurrency rewards, giving another layer of customization to the blockchain.
Some blockchains like Decred take a combined approach to mining. This type of mining reward structure attempts to compensate for the weakness of both PoW and PoS methods.
Miners first create a block to add transactions in, and staking users are allowed to validate the transactions. Before allowing staking users to validate transactions in a specific block, the blockchain algorithm takes 5 votes to confirm a block. If 3 votes are confirmed, then the miner gets 60% of the block rewards.
The remaining amount is distributed between the stakeholders and the blockchain master nodes.
What is a 51% Attack and How Does it Work?
A 51% attack is a cyberattack on a blockchain in which the attacker gains control of the network equal to the consensus of 51% of the computers on it. It is one of the many types of blockchain attacks.
51% attacks effectively allow the attacker to gain a majority vote in the blockchain. This allows the attacker to influence the transaction consensus mechanism. The attacker will have control over voting for most of the transactions taking place. This is problematic because it allows the user to create new blocks illegitimately.
Other users will be able to create new blocks but at a significantly reduced rate. The attacker can also attempt to permanently alter the record of the blockchain by forcing an unwanted software upgrade that could render old users unable to join the network and permanently corrupt the blockchains.
Additionally, malicious users can allow double spending of cryptocurrency. They can also prevent others from accessing the cryptocurrency locked in their own addresses.
Which Blockchain is Primarily Susceptible to a 51% Attack?
A 51% attack is more likely to occur on a PoW blockchain. This is because the equation is simpler on paper. For a PoW blockchain to be compromised in this way, the attacker needs 51% of the hash rate on the blockchain.
This can be done with enough computing resources. Note that the resource costs include hardware, space, and electric power. In fact, this website helps you estimate the hourly costs needed to pull one off on some existing blockchains! In other words, if you’re looking to target Bitcoin, you need a lot of money.
Many of the notable 51% attacks were initiated on PoW blockchains, especially those that have low user participation due to a small user base. It’s intuitively easier to control a network with fewer nodes. Here are some examples of 51% attacks.
- Ethereum clone blockchains, Shift and Krypton, were targeted in 2016. The attackers sent ransom notes to their victims. They also altered the blockchain code which allowed them to double spend the native cryptocurrency.
- The Ethereum DAO attack was also a similar type of attack. In 2022,Ethereum moved to a PoS mechanism after a hard fork proceeding with the DAO attack.
- Bitcoin Gold is another coin that endured a 3-day 51% attack in 2018. This was a small blockchain, and it was targeted later by another group two years later. The attacks severely damaged the credibility of the blockchain, and it was delisted from several cryptocurrency exchanges afterward.
- Another coin that was seriously affected by 51% attacks was Verge. This was a PoW blockchain-based crypto coin. There were two attacks, and one of them resulted in a loss of coins worth 1.75M USD.
- Bitcoin SatoshiVision was attacked thrice in 2021, which damaged its reputation and caused some users to remove their funds from it altogether.
How Likely are 51% Attacks Possible on Pos Blockchains?
The short answer to this question is that 51% attacks on a PoS blockchain are highly unlikely. There are two reasons for this.
Ownership of the blockchain is distributed amongst many users. Therefore, PoS protocols by nature make it harder for a single actor to hijack a blockchain.
The number of coins needed to initiate an attack would be very high. Many PoS blockchains have fraud detection mechanisms to limit high purchase volumes or detect suspicious activity.
With that being said, a small PoS blockchain will be more vulnerable to a 51% attack because of the reasons we mentioned earlier.
Conclusion: 51% Attacks are a Threat
Despite several advances in the blockchain and cryptocurrency space recently, cybercriminals have become more creative in their attempts to hack blockchains, and we have covered only a fraction of them in this article.
While the reception to PoS blockchains has been positive lately, it is a safe assumption that no crypto blockchain is 100% immune to a hacking attempt.
If you have bought cryptocurrency, or are thinking of buying some, we recommend reading about precautionary measures to minimize the risk of being hit by cyberattacks.
The editorial content of OriginStamp AG does not constitute a recommendation for investment or purchase advice. In principle, an investment can also lead to a total loss. Therefore, please seek advice before making an investment decision.