This article was first published on Dr. Craig Wright’s blog, and we republished with permission from the author.
There are widespread mythologies concerning supposed attacks against Bitcoin (Bindseil et al., 2022), including ones that are promoted by people in the industry. The reality, though, is starkly different. Today, I will start demonstrating the flaws in the arguments that are often made. I will begin with the mythical 51% attack. I refer to it as a mythical attack as it is described completely erroneously. While there are theoretical attacks, the reality is: such attacks are the same as in any system run by any network.
In this article, I shall endeavor to explain what a 51% attack is, how it relates to existing systems, and how, like many aspects of Bitcoin, it is being maligned by industry ‘pundits’ seeking to promote a system different to Bitcoin in many ways. First, I will say again, Bitcoin is designed as a system that will provide scalable digital or electronic cash. That is, low-cost, fast transactions, with value. The purpose of Bitcoin lies not in decentralization. As I will explain in this article, the purpose of Bitcoin is achieved through some level of distribution systems. It is for the same reason that in fact, there is no 51% attack.
What Is a 51% Attack?
The argument concerning the 51% attack is derived from the ability of a single node controlling the network to reorder or delay transactions. In other words, a single node with 51% of the network hash is running the system without interactions with other companies or players. To put it simply, any time there is a single node with control of over 50% of the network consensus mechanism, the actor controls the network. Note that such control is very limited.
There are no differences between the control of a company and the control of the blockchain network when it comes to the ability to perform certain actions. But, even if a node on Bitcoin gains more than 50% of the network consensus mechanism, not all actions are possible. For instance, no level of control of the consensus methodology allows any node to change the protocol. If a node controls 99% of the network hash power, it cannot steal transactions, and it cannot change a signed transaction.
If a node attempted to “fork” and run a separate protocol, it would be isolated from the network. The majority of people on the network would not see the other network. The mythology here is that Bitcoin forks. It doesn’t. People create alternative versions of Bitcoin, and pass them off as Bitcoin. They form a separate system and pretend and mislead and deceptively tell you that it is truly Bitcoin when what you are really doing is installing alternative software.
So, the question that remains is, what is a 51% attack?
A 51% attack is any attack carried out by a known entity controlling the network. For instance, if the Bank of America decided to remove all money from all their client accounts, such actions would present a form of attack—a 51% attack. In reality, it should be termed a ‘controlling-entity attack’. If Facebook wishes to ban a user, it can. The distinction being missed is that Bitcoin is not a system run by a single entity. The BTC network is, but that is a separate issue, which will be addressed in a later post. Developers set the rules.
In the case of the BTC network, where the protocol is flexible and fluid, the developers can set any rules they wish. The nodes cannot change the structure or protocol of the network. Nodes do not set the protocol. Yet, where developers rule the network that is passed off as Bitcoin, they can deceive users when it comes to what they are running, and the system can be changed. In fact, the protocol of the BTC system has changed on a monthly basis.
If two nodes exist on the network and are exactly balanced, the system is already distributed, and neither holds control. If either party seeks to cheat or delay things, the result will be that the other node will account for more transactions and take over. Yet, when three or more nodes are controlling the network, the distribution of power is such that as any one node attempts to suppress transactions or allow people to ‘double-spend’ illegally, they will be instantly blocked.
While there is a balance between the number of nodes when there are three or more, economic costs mean that marginal benefits will be negligible at some point. Eventually, they become a cost. For instance, the cost of sending information between nodes is sufficiently low even when there are ten nodes, so it should not matter. Conversely, in the case of a thousand or more nodes, the cost of distributing outweighs the cost benefits of having extra nodes. The system is self-adjusting and, as such, does not require people to choose how many nodes will be in effect.
The truth is very simple: any network, company, or system run by a single entity is bound by some of the actions of such entities. Which does not mean that any such actions are unlimited. If, for instance, the Bank of America or Visa steal your funds, you have the right to take action against them. Part of the problem lies in evidencing the theft, which is not an issue with Bitcoin. In Bitcoin, the transaction is either processed or not. When a double-spending attempt occurs, it is the same as a cheque that has been presented against the same monies twice. In each case, it requires an action that leaves evidence.
When a merchant receives a transaction, they can wait 10 minutes to see if the transaction has been mined into a block. Equally, by watching the network, the merchant can tell whether the transaction has been double-spent within milliseconds. If a node receives the transaction, the merchant can use that as evidence both against the person who double-spent and against the node operator. Next, when there are only a few nodes (three to four nodes control any blockchain network), checking with each of them that your transaction has been received can be done quickly and easily.
For instance, if 50% of a blockchain network is run by three nodes (the BTC network, Bitcoin, and Ethereum follow the same model), then checking with those three main nodes, who are publicly known, provides assurance. If the nodes allow a double-spending attempt, they should be held liable for any loss. The process does not require that they are a trusted third party. In conducting a transaction, Alice transmits information to Bob, whom she is paying. Bob then settles the transaction on the network, by sending it to the nodes. The original construction of Bitcoin, with IP-to-IP connectivity, is based on such a model.
As Alice is paying Bob, Alice is not the one who should be interested in validating the transaction. Instead, as with negotiable instruments such as cheques, it is up to Bob to validate the accuracy and validity of the transaction that he is receiving as payment. To do so, Bob can first check the Merkle proof and the transaction given to him by Alice. Next, Bob sends the information to the network to ensure no double-spending attempt occurs. Through such a process, Bob personally validates the accuracy of the transaction and then uses the network to ensure that nobody has already spent the transaction.
Apart from ensuring that the transaction has not been double-spent, Bob alone can validate the process. Validating the signature and checking transactions can be done easily and without using the network. The only question that remains is whether the network has seen the transaction before. The network cannot change the transaction. The network can either hold the transaction or allow Alice to send an alternative transaction to be processed. That is what a double-spending effort refers to. It is, in effect, a form of cheque fraud and deception.
The difference between Bitcoin and other systems is that using Bitcoin, Bob retains evidence that may be used against both Alice and the node operators. If a node processes the double-spending transaction, Bob can now record the fact that a deception has been used against him. If there are three nodes on the network, and Bob has checked with one of the three nodes, a node is obliged to act and process the transaction Bob provided.
Nodes have been defined in my white paper (Wright, 2008). One part of being a node and being paid for providing the services to the network involves the requirement to propagate all transactions to all nodes. In other words, if Bob receives a transaction from Alice and then sends it to the network, the node he sends it to is obliged to inform Bob if the transaction has been spent before. Suppose there is a double-spending transaction, or the equivalent of cheque fraud. If Bob now checks with two nodes out of three, Bob is guaranteed that his transaction will be accepted.
If the same two nodes do not process the transaction, Bob can take action against them. Bob doesn’t need to trust them; he knows that they will either act in his favor or be shut down. More importantly, if there is a distribution of three or more nodes, Bob knows that by checking with any two nodes and being informed by the majority that his transaction has not been seen before, even if the third node chooses to try to cheat, a double-spending transaction will be rejected.
One misconception associated with Bitcoin, and other systems derived from it, is that the network operates outside the law. Bitcoin does not remove all trust, nor does it remove all intermediaries. The term ‘trusted third party’ is a financial intermediary specified in English law. Such parties are individuals that have a fiduciary duty. The control of the network is split between the nodes, which operate the network as agents of the system, and the developers, who can change the system.
The BTC system differs from Bitcoin in the sense that Bitcoin has a fixed, set protocol. Bitcoin’s protocol is set in stone. I am not a trusted third party in Bitcoin because the protocol is fixed. In the BTC network, the Core developers can change the protocol and do so regularly. No consensus methodology distributes change. Rather, a small group of individuals selects what will be introduced. Here, such individuals have a fiduciary duty to the network. It is not the nodes but the developers that implement such changes. Without a fixed protocol, any blockchain network has trusted third parties. The developers are trusted third parties if they can change the protocol at will.
For the same reason, I said the Bitcoin protocol was set in stone (Wright, 2010). I also specified Bitcoin as a “global distributed database, with additions to the database by consent of the majority” (Wright, 2009). Note that the majority is not the majority of users. As explained in the white paper, the majority is purely a majority by hash power. Crucially, those able to add to the database do not own the database. Those adding to the database only have the right to read and append, not to change. Once the database has been written and achieved a depth of 100 blocks, the database is permanent and fixed.
Back to the Myth…
The reality is that a system doesn’t need to be perfect. Innovation can be incremental. Bitcoin was not designed to replace banks or governments or to overthrow the existing system. Rather, Bitcoin is incrementally better than any existing system. Concerning the protocol, the fact that the protocol doesn’t change is key to not having a trusted third party. No methodology exists that allows third parties who are developers to update the protocol through a global consensus of users.
If the protocol changes in any way, the control of the protocol lies in the hands of a small group of individuals or a corporation. The control of the network can be monitored. Blocks are broadcast. Consequently, the large companies that run the Bitcoin network, or any other blockchain system for that matter, can be audited globally. The system does not require that every single transaction is distributed to every user. Rather, it requires that individual users retain the evidence they need to prove their case. Here, the block headers have to be widely disseminated. If the block headers are not disseminated, we are not talking about a blockchain.
The existing system is a closed ecosystem without evidence. There are no existing methodologies to audit corporate accounts adequately. If money goes missing from your bank account, proving the existence of such money can be difficult. It may be necessary to validate transactions across time, and if the bank does not digitally sign them, you may not have the evidence required. While possible, it is difficult.
Here lies the 51% attack, where a single company can act. It is the existing scenario around the world, the status quo. Right now, every bank is an individual agent responsible for the actions of employees and others. They use a form of database that is rather insecure and that can be changed. At the same time, people with inside information and who work for the organisation perform a range of activities that can cause problems for the users of the system. In part, this is why we have seen so much fraud and deception throughout the world.
Bitcoin changes the scenario. The worst-case scenario involves a single controlling entity, which is no different from any other system today. Yet, Bitcoin still presents an improvement. Even with only one node, every transaction can be audited, and there is evidence that can be used in court against the node. It is also impossible to hide a node at scale. There is no anonymity in Bitcoin mining when you have control of the network.
Nodes cannot change transactions. Yet, Bitcoin is not about allowing illegal transactions. The concept of ‘censorship resistance’, when related to violations of anti-money laundering (AML) guidelines, has no place in Bitcoin. Rather, Bitcoin could always stop transactions flagged by law enforcement. Every single blockchain can. If somebody tells you that you cannot filter transactions on a blockchain, ignorance or deception would be two explainations. Some people are ignorant, which is not an excuse. Everyone else is deceiving you.
So, the worst case in any blockchain system is one analogous to existing corporations, with the difference that a blockchain provides a perfect record of all changes, which can be used in court. If a double-spending effort occurs, Bob will have the transaction from Alice, which can be used to take action in court against the miner. Bitcoin is not a system created by anarchists. It is not a system created to take down banks. It is not a system that acts outside the law. Rather, Bitcoin is a system designed to work within existing legal frameworks and reduce fraud.