14

In many sources, included Wikipedia, we read:

Any pool that achieves 51% hashing power can effectively overturn network transactions, resulting in double-spending.

My question is: Why do we talk about 51% attack?

If my understanding is correct, we could also say 50.1% attack or 50.01% attack.

More simply, wouldn't it be wiser to use "50% attack" idiom?

kelalaka
  • 48,443
  • 11
  • 116
  • 196
Manu NALEPA
  • 243
  • 2
  • 6
  • 2
    I've come across "51%" in other contexts, mostly for voting matters in organisations, where the number of voters is fairly small. But a quick web search gives more examples, especially in the realm of rules and regulations: https://www.eaa.org/eaa/aircraft-building/builderresources/getting-started/selection-articles/faa-51-rule ; https://texas.public.law/statutes/tex._gov't_code_section_411.204 ; https://ffcfc.com/SBA-504-Q-A-504-Loan-Occupancy-Requirements – Jasmijn Dec 20 '21 at 21:45
  • This is really just a matter of terminology, as has been mentioned already. There are many contexts in cryptography and distributed systems where you can prove that "everything will be secure/correct/good" as long as an attacker does not control a majority of the participants. In many cases this doesn't even need to be a strict majority! That is, if there are $n$ participants and $t$ of them collude together to break the given construction, it is typically the case that they succeed if $t\geq n/2$, that is, if there is a corrupt coalition of least 50% parties. – Daniel Dec 20 '21 at 23:28
  • 2
    It should be 50% + 1. – Oleg V. Volkov Dec 22 '21 at 10:47
  • @OlegV.Volkov Agreed. Personally, I think the question should have been asked on the English stack exchanges as a semantics question. – ReinstateMonica3167040 Dec 22 '21 at 15:51

1 Answers1

26

From Bitcoin Wiki;

A majority attack (usually labeled 51% attack or >50% attack) is an attack on the network.

It is also called consensus attacks.

It is only to demonstrate that one needs the majority. The majority is simply $\geq n/2$ where there are $n$ participants. If we normalize it to 100 we can say $>50\%$

51% sounds better than 50.1% and is easy to hear.

  • Fifty-one percent, or
  • Fifty point one percent.

One might even ask why not 50.00000001%? Any value $> 50$ is correct. 51% easy to get the notion.

Actually, it is shown that one may need just over 30% (need a real ref than below)

This is from Antonopoulos's book; Mastering Bitcoin

Security research groups have used statistical modeling to claim that various types of consensus attacks are possible with as little as 30% of the hashing power

Unfortunately, there is no reference for this in the book. With a little search;

From cloudsecurityalliance

Name of weakness Description
Consensus 34% Attack 34% Attack against BFT network, a specific instance of Consensus Majority Attack
Consensus 51% Attack 51% Attack against DLT network, a specific instance of Consensus Majority Attack
  • BTF : Byzantine Fault Tolerant
  • DLT : Distributed Ledger Technology

A nice website from MIT's digital currency initiative: 51% attacks

And note that this attack can only be used for double-spending, private keys are safe!

kelalaka
  • 48,443
  • 11
  • 116
  • 196
  • 2
    The "20% attack" and presumably the "34% attack" are short-term attacks: that is, they create a double-spend that will persist for a few hours or days, but which will eventually be corrected. – Mark Dec 20 '21 at 22:38
  • @Mark I wonder what will happen when there is no human interaction. When a fork started, some of the other honest miners will start to mine in the malicious fork without noticing so they may reach the majority and with the help of some luck, they will find the required hash value earlier than the rest. – kelalaka Dec 21 '21 at 11:04
  • 1
    @kelalaka If peering is sufficient, that won't happen. – wizzwizz4 Dec 21 '21 at 12:12
  • @wizzwizz4 do you know a website that keeps track of the peering's sufficiency? – kelalaka Dec 21 '21 at 13:09
  • 1
    What if we said "50%+1" attack? We really only need 1 more than half of all votes to be in favor of the attacker. – Montana Burr Dec 21 '21 at 20:45
  • @kelalaka I don't think that's possible. – wizzwizz4 Dec 22 '21 at 00:15
  • 1
    @MontanaBurr If you have infinite patience, yes. However, the more over 50%, the easier the attack; it's not practical with 50.001%. – wizzwizz4 Dec 22 '21 at 10:18
  • @MontanaBurr True. I think it's just semantics. – ReinstateMonica3167040 Dec 22 '21 at 15:50
  • 1
    It is worth pointing out that several attacks do not require a strict majority, that is, even if an attacker controls exactly 50% of the parties, problems can appear. For instance, protocols (either from distributed systems, or secure multiparty computation) may only be able to proceed if certain strict majority agrees on something, which is not possible if the adversary is controlling exactly half of the parties. – Daniel Dec 22 '21 at 19:59