A Wake Up Call On Proof of Work: How Much It Costs To Implement A 51% Attack On PoW Tokens (Bitcoin Included)?
"Decentralization" is a strong argument in favor of the crypto world. It basically means no one will have total control over the public ledger of transactions, hence no one will be able to tamper with it (like spending the same tokens twice, a.k.a. "double spending"). This decentralization is enforced, among other methods, via Proof of Work (PoW) a method which uses computing power to validate transactions. It was the first method used by Bitcoin, but there are other ways to enforce decentralization, like DPoS (the one used on Steemit), or even exotic ones like PoB (Proof of Burn, in which you mine blocks by burning tokens). Like I said, Bitcoin uses PoW, Ethereum uses this and a few hundreds of other tokens (many of them in top 50 are using this).
But computing power can be bought, right? You can even rent it on sites like NiceHash...
So, if someone would want to launch an attack on such a network (known as a 51% attack, see below) how much money should he spend? Well, there is a site which calculated, based on the current hashrate of a few (very) relevant coins, the actual cost of succeeding at a 51% attack.
Before getting into details, here's a short explication of a 51% from the same site:
In Proof of Work (PoW) cryptocurrencies, nodes typically are set up to recognize the blockchain with the most blocks (and therefore the most hashing power) as the correct version of history. Miners with > 50% of the network hashing power can take advantage of this by sending funds to one address on the main chain, while sending the same funds to another address on a forked copy of the blockchain that they are silently mining with more hashing power than the main chain.
Since other nodes only know about the main chain, they will see the first transaction as valid, and exchanges, etc will accept this transaction as valid. This malicious node can later release these silently mined blocks, and other nodes will accept this as the new 'correct chain' since it is longer. This will cause the original transaction to effectively dissappear, and nodes will recognize the funds as being sent to the address from the new chain instead. This is known as a 'double spend' attack.
So, for getting control on Bitcoin, you need half a million worth of computing power to launch a 1 hour 51% attack. In this case, NiceHash only has 2% of the entire computing power, so you can't rent it from there.
But that's not the case of Bytecoin, where the cost is only $981 (yeah, you read that right) and it can definitely be made with rented hashrate from NiceHash.
Here is the complete list of the top 10 cryptos and the theoretical cost of launching a 51% attack, you can see the complete list by clicking the link above.
It's worth noting also the disclaimer of the site:
This website is intended to bring light to the risk of 51% attacks on smaller cryptocurrencies. It is not intended to encourage or help in completing an attack, but instead to get people talking about the problem and potential solutions.
I'm a serial entrepreneur, blogger and ultrarunner. You can find me mainly on my blog at Dragos Roua where I write about productivity, business, relationships and running. Here on Steemit you may stay updated by following me @dragosroua.
Wanna know when you're getting paid?
|
I know the feeling. That's why I created steem.supply, an easy to use and accurate tool for calculating your Steemit rewards |
Never thought that hacking/attacking could be that easy...All altcoins are very soft targets...
Unless they use another "Proof of .." to secure the blockchain. It would be a lot more difficult to launch such as attack on Steem, since they would need to control the majority of the witnesses.
So cheap, and yet, nobody tried it. Why?
How do you know nobody tried? :))
Hence the exhortation to wait for 6 confirmations.
Still, that's disturbingly low for bitcoin, and certainly worth renting an hour of 51% hashing power to doublespend a $100 million transaction.
Hell, rent the hashpower for two hours/twelve confirmations, to give your victim extra peace of mind.
It's not that easy, of course, since any such providers would know a successful 51% would destroy their business model.
If there were ten of them, though, and you only leased 6% from each...
I never thought it's as low number as in $500,000-550,000 for Bitcoin, that's concerning... Luckily, letting Bitcoin and other cryptocurrency foster will be more profitable mid-term & long-term...
I don't know if someone will sacrifice all this money so they can double spend for few hours and risk lose it.
But is that how easy a BTC hater can destroy the whole thing? Terrifying!!
Wow, that's crazy cheap for some of the blockchains! It's almost strange that we don't see these attacks happen more often if it's this cheap.
i do not trust PoW
People will always find ways around things, i don't know how secure the nodes that carry out this transactions are but people will always find ways to cheat the system
decentralization crypto is better than other methood.. i support with you.
And your crypto calculator is very helpful to me
thanks for the information sir, upvoted and resteemed.
very intiristing piblication