The Sybil and 51% attack

The Sybil and 51% attack

Hijacking a blockchain.

Introduction

Blockchain networks, though immutable, can be hijacked by perpetrators seeking to damage the integrity of the blocks on-chain.

This article sheds light on the two most common ways hackers can hijack a blockchain network and gain complete control over it, allowing them to manipulate it at will. By the end of the article, you would have learned: how to know if the integrity of your favorite blockchain has been compromised.

What Is A Sybil Attack?

The definition of a Sybil attack could be summed into an interval of unwarranted hijacking on any fully operational system done by creating multiple entities (nodes, accounts, etc) to influence the system from within.

During this interval, The attacker seizes control over the system using the influence of their malicious entities to violate the integrity of the system.

On a blockchain level, the term hijacking remains relevant, as a Sybil attack on a blockchain network is declared once an attacker can successfully manipulate the affairs of a blockchain network by using their malicious nodes on the network.

These nodes are created by the attacker and then introduced into the ecosystem to exist in the company of honest nodes with the ill intent to gain control over them. By committing such a violation of the security of the network, the integrity of said network becomes categorized as compromised.

A blockchain network is only as good as the security measures put in place to prevent unfair play and centralization. The theme of decentralization ceases to be valid once the network has been compromised, as the attacker now has the resources to control and destroy the network.

What Is A 51 Percent Attack?

A 51 percent attack is the result of when a malicious entity operating on a blockchain has successfully gained control over more than half of the nodes operating on the network.

In scenarios like these, the attacker, operating under the fake nodes generated can easily overthrow the legitimate rule of the real nodes, giving them total control over the network as they can now determine what block is valid, and what block should be added on-chain.

With up to 51% of nodes, the attacker practically controls more than half of the network's mining hash rate.

This is another compromise on the integrity of the blockchain, as control over the blockchain and its activities has fallen into the hands of a centralized power that can do whatever they want without opposition.

How Can These Attacks Affect A Blockchain?

Blockchains usually hold high yields in the form of cryptocurrency and other digital assets stored on-chain that are very valuable and priceless to users. As a result of this, attackers would always see these networks as a target.

A Sybil attack is so often used to create a 51 percent attack in most situations. They both work unanimously. It is a transitional process that first starts with the creation of one or more fake nodes and then evolves into total domination of the network, using divergent fake nodes that outnumber the honest nodes.

For most blockchains existing today, nodes operating on-chain are not capable of making independent decisions that affect the network and because of this, they have to rely on communication with other nodes to validate transactions before they add them on chain as legitimate.

(See also P2P below).

An untampered blockchain retains its integrity as long as its nodes are yet to be compromised (that is to say they still effectively run with the cryptographic truth that is used to verify transactions in a clear and impartial process) but, once that integrity has been compromised by an attacker, that attacker now gains access to manipulate the whole network and influence decision making, using the power of the 'greater than 50 percent' (> 50%) nodes they control.

With this, the attacker can now;

  1. Block incoming and outgoing transactions on the network: because they now control more than fifty percent of nodes on-chain using these false nodes, they can refuse to validate any transaction they choose.

  2. Reverse transactions: They can reverse whatever transaction they choose as well, and this leads to double spending from users on the network as they would end up paying gas fees again to retry the transaction that had been reversed.

  3. Approve incorrect transactions on the network: Adding to the fact that the attacker could block incoming transactions and reverse them, with control over the network, the attacker can also approve a number of fake transactions and verify them as legitimate. This could lead to loss of funds stored on the network.

  4. Terminate the network completely: Once the integrity of the network has been compromised, and the attacker only increases their rate of malicious attacks, users are likely to opt for the termination of their relationship with the network if the developers and community responsible for it couldn't fix it fast enough before damage is done and loss of user funds procured.

Case Study Using Ethereum Classic (ETC)

To understand how dangerous a Sybil attack can be to a blockchain, we take a look back at an instance using the outdated version of the Ethereum network, also known as Ethereum Classic (ETC).

The attacker, a determined malicious entity had purchased a hash rate for a whopping $200,000, with it they mined 4280 blocks and created private transactions on-chain that other miners couldn't access.

After they (the attacker) were done, the transactions went live and were forked to the mainnet. The attacker had successfully carried out their malicious scheme, as they had mined a sum of 65,000 dollars in block rewards, and 5.5 million dollars from double-spending incurred by users on the network.

With the upfront cost of $200,000, the attacker had turned in profits that were more than triple the cost of running the operation.

Sybil and 51% attacks are the most effective way to target a blockchain, as the malicious nodes could go unnoticed for the longest of time, silently influencing the honest nodes in a majority carries the vote fashion.

Important note: Ethereum Classic (ETC) is not the Ethereum network we use today, although, in the early years, the Ethereum blockchain had experienced a hack of its own, which eventually led to the separation between Ethereum classic(ETC) and Ethereum 2.0.

(See interesting links below).

How blockchains prevent these attacks

Most blockchains use a plethora of ways to prevent these malicious attacks and their attackers. These preventive measures are put in place before the network goes live for use in hopes to suppress future attacks and discourage attackers.

The current state of technology is ever-growing, both for the developers and attackers, and there isn't a method that can be guaranteed to stop Sybil and 51% attacks on blockchain networks yet, but several measures have been put in place to discourage these attackers over the years while developers work on newer and better ways to fully put an end to these type of attacks.

The most common preventive measures applied in blockchains are;

  1. Cost-discouraging methods: This involves the application of consensus mechanisms like Proof-of-Stake (PoS), and Proof-of-Work (PoW).

    The main objective of these mechanisms is to discourage the attacker. In a network secured by Proof-of-Work consensus algorithms, the attacker would be spending a luxurious amount of money just to buy one of the right machines with enough processing power to be classified as a miner. He would also need to garner a high enough hash rate to influence the already existing miners spread all over the globe and mining every second.

    Meanwhile, if they tried a Proof-of-Stake algorithm, they would have to first place a stake in the native cryptocurrency of the network before they'll be allowed to validate transactions on the network and create new blocks.

    They'll need to place a stake in every single machine they use, and to stake on enough machines required to influence the network against all the competition is simply too costly.

  2. Rampant node creation: Because it's so simple and easy to run a node such that anyone can do it on their smartphones, there is an accurate record of the network's activity saved in each of these diverse devices spread worldwide.

    An attacker would have to try altering the saved history of all these nodes at once, which is technically almost impossible to do as no one has ever successfully done it, yet.

    Every wallet ever created on the blockchain is a node, and one of its purposes is to store a partial sum of the blockchains history and records, like a ledger of a ledger. With so many wallets and nodes created in popular blockchains like Ethereum (ETH) the history of the blockchain is properly recorded ensuring that it is fool and tamper-proof.

Conclusion

Although a Sybil attack would spell the end of any blockchain network, it's also unlikely to happen to any of the existing networks we have today, such as Ethereum, Bitcoin, Solana and others.

Upcoming blockchains also follow a similar path before opening their network for users which makes it practically impossible to carry out a Sybil or 51% attack on their chains once fully launched as well.

This is because blockchain technology is improving speedily and we could be entering the next phase of mass adoption in the coming years.

As security measures get better and better, blockchains will evolve into a more peaceful ecosystem devoid of malicious attacks, where user assets will have maximum security.

Interesting links

To learn more about blockchain hacks and consensus mechanisms see the links below:

You've come to the end of the article. If you enjoyed it and found it informative, leave a like. If you have any questions, leave a comment. If you want more simplified articles like these, leave a follow.

Click on this link to get in touch with me on my socials. See you next time.