Before starting to examine the 51% attack, it is very important to have knowledge about mining and blockchain-based systems.
One of the greatest strengths of Bitcoin and its underlying blockchain technology is the decentralization of creating and verifying data. The decentralized operation of nodes ensures that protocol rules are followed and that all network stakeholders agree on the current state of the blockchain. This requires the majority of nodes to regularly reach consensus on the mining process, the version of the software used, the validity of trading transactions, and similar issues.
Thanks to the Bitcoin consensus algorithm (Proof of Work), miners are guaranteed to verify a new transaction block only if the network nodes agree on the accuracy of the block hashes provided by the miner. (e.g. if the block hash proves that the miner has worked hard enough and found a valid solution to the block's problems)
Blockchain infrastructure, as a decentralized ledger and distributed system, prevents any central entity from using the network for its own purposes. This is why there is no single authority on the Bitcoin network.
Since the mining process (in PoW-based systems) requires the investment of very high amounts of electricity and computing resources, the performance of a miner depends on the computing power it has, often called hashing power or hash rate. There are many mining nodes in various locations, and they compete with each other to find the next valid block hash and be rewarded with the resulting Bitcoins.
In this context, mining power is distributed across different nodes around the world, which means that the hash rate is not in the hands of a single entity. At least it shouldn't be.
So what happens if the hash rate is no longer distributed well enough? For example, what happens if an entity or organization has more than 50% of the hashing power? One possible outcome is what we call a 51% attack or majority attack.
What is a 51% attack?
A 51% attack is an attack on Bitcoin (or another blockchain network) by a single person or organization taking control of the majority of the hash rate, potentially causing disruptions in the network. In other words, the 51% attacker has enough mining power to change the order of transactions or eliminate them at his own discretion.
Such an attack makes it possible for the malicious entity to reverse transactions made while in control, thus likely causing a double-spending problem. A successful majority attack could enable the attacker to prevent some or all transactions from being confirmed (denial of service transaction) or to block mining by all or some other miners (mining monopoly).
A bandwagon attack, on the other hand, does not allow the attacker to reverse other people's transactions or prevent their transactions from being broadcast to the network. Changing the block reward, creating coins out of thin air, or stealing coins from others are other very low probability scenarios.
How likely is a 51% attack?
Since the blockchain network is maintained by a distributed network of nodes, all participants collaborate in reaching consensus. This is one of the main reasons why blockchain networks are secure. Larger networks have greater protection against attacks or data corruption.
In the case of proof-of-work blockchains, the higher the hash rate a miner has, the higher his chances of finding a valid solution for the next block. This is because mining requires very high amounts of hashing attempts, and higher computing power means more attempts per second. Some of the first miners joined the Bitcoin network to contribute to the development and security of the network. As Bitcoin's value as a currency has increased, a large number of miners have also joined the network to compete for block rewards (currently 12.5 BTC per block). Such a competitive environment is one of the reasons why the Bitcoin network is secure. Unless there is an environment of dishonesty when trying to obtain block rewards, miners will have no reason to invest large amounts of resources.
Therefore, a 51% attack on Bitcoin is unlikely due to the size of the network. Once the blockchain gets large enough, it quickly becomes impossible for one person or group to acquire enough computing power to overwhelm all other users.
Moreover, as the chain grows, it becomes increasingly difficult to modify previously confirmed blocks because all blocks are linked by cryptographic proof. For the same reason, the more verifications a block has, the more costly it is to change or reverse the transactions of this block. Therefore, a successful attack can only briefly alter the transactions of a few recently added blocks.
Let's go further and imagine a scenario where the malicious entity is not for profit and attacks to destroy the Bitcoin network, no matter the cost. Even if the attacker causes disruption to the network, the Bitcoin software and protocol can be quickly adjusted and adapted in response to the attack. This requires other network nodes to agree on changes, but during an emergency this will likely be done very quickly. Bitcoin is very resistant to attacks and is considered the most protected and secure cryptocurrency in existence.
While it would be quite difficult for an attacker to gain more computing power than the rest of the Bitcoin network, it is not that difficult on other smaller networks. The hashing power that secures the blockchains of altcoins is so low compared to Bitcoin that 51% attacks can actually happen. Some of the cryptocurrencies that are victims of these attacks are Monacoin, Bitcoin Gold and Zencash.