51% Attack
A 51% attack happens when an entity controls over 50% of a blockchain's mining power, allowing it to double-spend coins or censor transactions.
What Is a 51% Attack?
A 51% attack, also called a majority attack or double-spend attack, happens when one entity controls over 50% of a Proof-of-Work blockchain's total mining power, or hash rate. This gives the attacker the ability to outpace honest miners, rewrite recent transaction history, and undermine the core promise of blockchain: immutability.
How Does a 51% Attack Work?
In a Proof-of-Work blockchain, miners compete to add new blocks. The longest chain is always considered the valid one. A 51% attacker exploits this rule in three steps:
- Gain majority hash rate — The attacker acquires or rents enough mining hardware to control over 50% of the network's total computing power.
- Mine a secret chain — While the public network continues normally, the attacker privately mines an alternative chain that excludes certain transactions (like their own payments).
- Broadcast the longer chain — Once the secret chain is longer than the public one, the attacker releases it. The network automatically accepts it as the valid history, overwriting honest blocks and reversing confirmed transactions.
This enables two primary exploits: double-spending (spending the same coins twice) and transaction censorship (refusing to include specific transactions in blocks).
Why 51% Attacks Matter for Crypto Holders
A successful 51% attack can reverse your confirmed transactions, meaning payments you received could disappear. Exchanges are particularly vulnerable — attackers deposit coins, sell them for fiat or another crypto, then reverse the deposit. This is why exchanges require many confirmations before crediting large deposits.
For individual crypto holders, the risk depends on which blockchain you use. Bitcoin's enormous hash rate makes a 51% attack economically impractical, but smaller Proof-of-Work chains remain vulnerable. Proof-of-Stake blockchains like Ethereum (post-Merge) use a different consensus mechanism that makes this type of attack fundamentally different and far more expensive.
Can a 51% Attack Affect Your Hardware Wallet?
A 51% attack cannot steal your private keys or drain your wallet directly. Your hardware wallet's security — the secure element, PIN protection, and seed phrase — remains intact regardless of network-level attacks. However, a 51% attack can reverse transactions on the blockchain itself, meaning coins you thought you received might be taken back by the attacker.
This is one reason why self-custody with a hardware wallet matters: keeping your crypto off exchanges removes your exposure to exchange-level double-spend attacks. When you control your own keys, you decide when and how to transact — and you can wait for sufficient confirmations before considering a payment final.
How to Protect Against 51% Attacks
- Use established blockchains — Bitcoin and Ethereum have hash rates so high that 51% attacks are economically impractical.
- Wait for more confirmations — The more blocks confirmed after your transaction, the harder (and more expensive) it is to reverse.
- Self-custody your crypto — Store assets in a hardware wallet rather than on an exchange, which is a primary target for double-spend exploits.
- Diversify across chains — Don't keep all assets on a single small-cap Proof-of-Work chain.
- Monitor network health — Tools like Crypto51 estimate the cost of attacking various blockchains.
Blockchain developers also implement countermeasures such as checkpoints (fixed reference points that prevent deep chain reorganizations), increased confirmation requirements, and chain analysis monitoring to detect suspicious mining patterns.
Hash rate measures the computational power of a miner or network in cryptocurrency mining, expressed as hashes per second (H/s). Higher rates increase block-solving chances.
Read full definitionMining uses computational power to solve puzzles, validate transactions, and add blocks to a blockchain. Miners earn cryptocurrency rewards for securing the network.
Read full definitionFiat is government-issued currency, like the US dollar or euro, not backed by a physical commodity. It derives value from official decree and contrasts with decentralized cryptocurrencies.
Read full definitionCryptocurrency is a digital or virtual currency secured by cryptography, operating on decentralized blockchain networks to enable secure, peer-to-peer transactions.
Read full definitionEthereum is a decentralized blockchain platform that enables smart contracts and decentralized applications (dApps). Its native cryptocurrency is Ether (ETH).
Read full definitionA consensus mechanism is a protocol that enables blockchain networks to agree on valid transactions and the ledger's state without a central authority.
Read full definitionPIN Protection is a security feature that requires a personal identification number (PIN) to access a cryptocurrency wallet or device, preventing unauthorized access.
Read full definitionSelf-custody means users control their own private keys to manage cryptocurrency assets directly, without third-party custodians. It embodies 'not your keys, not your coins.'
Read full definitionIn cryptocurrency, a swap is the direct exchange of one token for another on a blockchain, often via decentralized exchanges (DEXs) without intermediaries.
Read full definitionBitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Read full definitionA block confirmation is the process of verifying a new block in the blockchain network, confirming its validity and preventing double-spending or fraud.
Read full definitionOn-Chain Analytics examines data directly from the blockchain, like transactions and wallet balances, to reveal insights into user behavior and network activity.
Read full definitionReal-World Examples
Example 1: Double-Spend in E-Commerce
An attacker uses 10 ETH to buy electronics online. The merchant confirms 20 blocks on the public chain and ships the goods. The attacker reveals a longer secret chain excluding the payment, reversing the transaction and reclaiming the ETH while keeping the items.
Example 2: Ethereum Classic Attack (2019)
Attackers rented hash power to control over 51% of Ethereum Classic's network. They double-spent $1.1 million by reorganizing recent blocks, exploiting ETC's lower total hash rate compared to Ethereum.
Example 3: Transaction Censorship
A miner cartel gains 51% hash rate and refuses to include transactions from rival exchanges in their blocks. They orphan honest miners' blocks, censoring those transactions indefinitely while maintaining the longest chain.
Example 4: Impracticality on Bitcoin
To launch a 51% attack on Bitcoin requires controlling 600+ EH/s hash rate. At current rates, this costs over $20 million per hour in mining hardware and energy, deterring attackers from attempting it.
Ethereum is a decentralized blockchain platform that enables smart contracts and decentralized applications (dApps). Its native cryptocurrency is Ether (ETH).
Read full definitionHash rate measures the computational power of a miner or network in cryptocurrency mining, expressed as hashes per second (H/s). Higher rates increase block-solving chances.
Read full definitionBitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Read full definitionMining uses computational power to solve puzzles, validate transactions, and add blocks to a blockchain. Miners earn cryptocurrency rewards for securing the network.
Read full definitionReady to Choose a Secure Wallet?
Use our tools to find the right hardware wallet for your needs.