51% attacks are one of the oldest and most famous attacks against the blockchain. They were described in the Bitcoin whitepaper because 51% attacks arise from how Proof of Work consensus works.
How Proof of Work Consensus Works
The Proof of Work consensus algorithm is designed to use a majority vote to decide the current state of the distributed ledger. However, instead of a “one account, one vote” approach to voting, Proof of Work bases the number of votes a user has on the computational power (or “hashrate”) at their disposal.
The reason for this is that it is easy to create additional blockchain accounts, which could allow an attacker to cheat the vote. Computational power, on the other hand, is harder and more expensive to acquire.
Proof of Work (PoW) implements its majority vote through the mining process. Each block in the blockchain needs to meet certain validity criteria, and one of these is that the hash of the block header must be less than a given threshold (the difficulty target).
The only way to find a valid version of a block header is through a guess-and-check process, testing different values for a nonce to see if they produce a valid header. This means that the more computational power that you have, the higher your probability of finding a valid block first.
This fact - combined with the longest chain rule - makes majority rule work in Proof of Work.
If there are two competing versions of the blockchain, the longest chain rule says that the “longer” of the two should be accepted, which means that whichever version grows faster has the advantage.
If a version of the blockchain has more hashrate supporting it (i.e. the majority vote), then it should grow more quickly and overcome other versions under the longest chain rule.
The 51% Attack
The design of Proof of Work is intended to make it difficult and expensive for an attacker to replace the original version of the blockchain with their own version. However, difficult does not mean impossible.
A 51% attack is a built-in vulnerability of the Proof of Work consensus algorithm. It states that, if an attacker gains control over 51% of the blockchain network’s hashrate, then the attacker gains control over the blockchain.
Looking at the Proof of Work protocol, this makes perfect sense. Proof of Work works on majority vote, and, if an attacker is the majority, then they win the vote and control the blockchain.
Securing a Decentralized System
51% attacks are an inconvenient but unavoidable fact in a decentralized system. If a system works on majority vote, then an attacker with the majority of the vote controls the system. Any measure to block 51% attacks starts introducing centralization into the system.
The best way to fight 51% attacks is by making them too expensive and difficult to perform. This requires building up enough hashrate on a Proof of Work network so that it is infeasible for an attacker to purchase a majority of the network’s computational power.