Re: How exactly would a 51% attack work?

Quote from: barbarousrelic on November 20, 2011, 06:31:15 PM

Quote from: BTCurious on November 20, 2011, 06:23:33 PM

Your understanding is close.
If I had 51%, I could mine a chain of blocks in which I transfer all my coins to my personal wallet. I'd mine this chain about 10 long, but not tell the rest of the network. At the same time, I convert all my coins to dollars on the exchange and withdraw them. This happens on the normal blockchain.

After my withdrawal has gone through. the normal blockchain is about 9 long, while my blockchain is 10 long. I announce all my blocks to the network, and lo and behold, the network confirms I am right.

But dollars can't be reverted! So the exchange takes a loss.

Instead of the exchange, I could do this with buying anything for bitcoins. If this happens a few times, it will probably kill bitcoin, or at least hurt the trust in the system severely.

Ahh, I see. So 51% is the magic number because that's the point at which a person can make alternative blocks faster than the rest of the network combined, and then spring the alternative, longer blockchain on everybody all at once, later on, where it replaces the blocks everyone thought were already finalized and settled.

Thank you!

Exactly. Satoshi's original paper contains calculations for how many blocks the recipient has to wait to keep the chance of succeeding in double-spending at a given level (say 0.1%), as a function of the attacker's hashrate. At >50% hashrate the number of blocks if infinite - no matter how many blocks are waited, the attacker has 100% chance to eventually have the longer chain.

This attack isn't the only thing you can do with high hashrate, though.