In order for a 51% attack to occur the malicious party must control 51% or more of the mining power (hash rate) processing transactions on the blockchain. Once a group has this majority, they then potentially have the ability to decide which transactions are verified or not.
The malicious attack that occurred on Ethereum Classic is known as a double-spend attack. For example, let’s assume we have a malicious user and they have 100 ETC. A double spend occurs when the malicious user sends a transaction of 100 ETC to one user and at the same time sends the same 100 ETC in their balance to another user. Whilst the first transaction is being confirmed on the existing blockchain the malicious user utilises their majority hash advantage (50%+) to begin confirming the second transaction in secret. Once the first transaction is confirmed on the existing blockchain branch, the malicious user then releases the confirmed blocks that include the second transaction, which due to the superior hash power, has extended the blockchain further than the original chain. Here is a graphic that can help visualise how it occurs:
The longest chain is always considered the ‘true’ chain and therefore the first transaction is considered null and void. The issue is, the time lapse between the first transaction and the second transaction can be long enough that the recipient of the first transaction may have released whatever goods or asset was agreed upon, before realising that their transaction was null and void on the blockchain. They therefore never receive payment.
Coinbase suspended all ETC transactions and there have been reports that there may be vulnerabilities in Ethereum Classic’s Proof of Work system that contributed to the attack. On 7 January 2019 Ethereum Classic developers disputed any 51% attack occurring, citing the testing of new ethash machines from a single pool as the source of the strange behaviour.
In general 51% attacks are discouraged naturally due to the stability factor that is in symbiosis with price. If an attacker continually creates double spend situations, then confidence in the crypto will be lowered and price will suffer. The larger the network of miners, the less chance there is that someone has the resources to mount a 51% attack. Bitcoin is significantly harder for a malicious attacker to attempt to subvert due to it’s enormous hash rate. However Ethereum Classic is still a top 20 cryptocurrency, which makes this alleged attack some what concerning.
Thanks for reading. I manage a soon to be launched Digital Currency Exchange based in Australia. Check us out at www.easycrypto.com.au or if you are in New Zealand we are already running at www.easycrypto.nz.