A 51% attack occurs when a single entity or coordinated group controls more than 50% of a blockchain’s consensus power — hash rate in Proof of Work networks, or staked capital in Proof of Stake networks — enabling them to rewrite recent transaction history, double-spend coins, and censor blocks.
What a 51% Attack Can (and Cannot) Do
CAN DO:
- Double-spend: Send coins to an exchange, receive goods/other crypto, then rewrite history to reverse the original deposit — effectively spending the same coins twice
- Reverse recent transactions: Unpublish confirmed transactions from the last N blocks
- Censor transactions: Exclude specific transactions from all mined blocks
- Collect double block rewards: Mine blocks in secret and release them all at once
CANNOT DO:
- Steal coins from addresses you don’t control (no private keys)
- Create coins out of thin air (beyond the protocol reward)
- Modify the total supply or protocol rules
- Access others’ wallets
The key constraint: attackers must constantly outrun the honest chain. As the attack extends to longer history, the resources required grow prohibitively.
Why Mining-Based Attacks Work
In Nakamoto consensus (Bitcoin), the valid chain is the one with the most accumulated proof-of-work. If an attacker controls 51% of hash rate:
- Attacker mines a secret chain from block N, excluding victim’s transactions
- Honest chain extends normally (attacker ignores it)
- Attacker’s chain accumulates faster (51% vs. 49%) — eventually it’s longer
- Attacker reveals their chain — the network switches to the longer chain
- The honest chain’s blocks are orphaned; the attacker’s chain is now canonical
Time to catch up is a function of attacker hash advantage. At 51%, the attacker’s chain grows at $0.51/(0.51-0.49) = 25.5times$ slower but inevitably surpasses the honest chain given enough time.
Cost of Attacking Bitcoin
Bitcoin is too expensive to attack. At current hash rates (2024-2026):
- Renting 51% of Bitcoin’s hash rate: >$20M/hour (and no such rental market exists for this scale)
- Building the hardware: Hundreds of billions in ASICs + energy infrastructure
- Energy cost alone: Billions annually for sustained attacks
This is by design. PoW’s security model converts electricity and hardware into irreversible economic commitment.
History
51% attacks have occurred repeatedly in practice — almost exclusively against smaller Proof of Work chains where hash rate is cheap to rent. The theoretical risk for Bitcoin has existed since 2009 but has never been executed at scale.
Real Attacks on Smaller Chains
51% attacks are consistently executed against smaller PoW coins where hash rate can be rented cheaply:
| Event | Target | Damage |
|---|---|---|
| Jan 2019 | Ethereum Classic (ETC) | ~$1.1M double-spent |
| Aug 2020 | Ethereum Classic (ETC) | 3 attacks in 2 weeks; $5.6M |
| May 2018 | Bitcoin Gold (BTG) | $18M double-spent |
| 2018 | Vertcoin (VTC) | Multiple attacks |
| 2014 | Ghash.io pool | Approached 51% on Bitcoin briefly; pool voluntarily reduced |
The pattern: coins using the same algorithm as larger chains (ETC uses ETHash/Etchash) can be attacked by renting GPU/ASIC hash from NiceHash or similar markets.
Proof of Stake Equivalent
In PoS, a “51% attack” requires controlling 33%+ of staked ETH to perform certain attacks, or 51%+ for full double-spend capability. On Ethereum (2024):
- 51% of staked ETH ≈ $180B+ of ETH required
- The attacker’s stake would be slashed (burned by the protocol) upon detection
- The attack destroys the attacker’s investment in the very asset they’re attacking
This skin-in-the-game mechanism makes PoS 51% attacks far more costly than PoW counterparts for established networks.
Common Misconceptions
“A 51% attack lets you steal anyone’s coins.”
Attackers can only manipulate transactions they were party to (double-spending their own sends). They cannot access addresses they don’t have private keys for — the cryptographic security of individual wallets is unaffected.
“51% means exactly 51% of miners.”
The threshold is more than 50% of total consensus power (hash rate or stake), not the number of mining participants. A single large pool or coordinated group can cross this threshold.
Social Media Sentiment
- r/CryptoCurrency / r/Bitcoin: 51% attacks on small chains generate significant discussion — often used as evidence that altcoins with low hash rate are fundamentally insecure. Bitcoin maximalists cite Bitcoin’s attack cost as a core security argument. ETC attacks in 2019–2020 received heavy coverage.
- X/Twitter: Attack events on smaller chains trend briefly. Bitcoin’s security is frequently invoked in debates about Proof of Work vs. Proof of Stake. The Ghash.io incident is historically referenced in discussions about mining pool centralization risks.
- Discord (crypto communities): Security-minded communities track real-time hash rate distribution on sites like Crypto51. The topic surfaces in governance discussions for smaller chains weighing algorithm changes or merge-mining.
Last updated: 2026-04
Related Terms
See Also
Sources
- Bitcoin Whitepaper — Satoshi Nakamoto — original discussion of majority-hash-rate attacks
- Binance Academy — 51% Attack — accessible explainer
- Crypto51.app — live hourly cost estimates for 51% attacks on PoW chains