Have you ever heard of a “51% attack?”

A 51 percent attack is a method of forking a blockchain to perform double-spending.

This assault can be carried out by adversaries who possess more than half of a network's total hashing power. Similarly, n confirmation and selfish mining are two attack approaches like the 51 percent assault method.

It was thought to be an extremely implausible move to try this, for a long time, due to the high expense of performing the 51 percent strike. However, the attack has been more regular in recent months, with numerous cryptocurrencies losing millions of dollars.

The 51 percent attack approach differs depending on the consensus process used by a cryptocurrency. It allows attackers to double-spend the same cryptocurrency, restrict transactions, reject blocks, and even have complete control over a cryptocurrency's price.

Due to the easily achievable hashing, a crypto-coin with a low hashing power is always vulnerable to the 51 percent attack.

Security approaches fail to provide adequate protection against the 51 percent attack in the vast majority of circumstances because the flaws are inherited from consensus protocols set up from the start.

And this is the major problem with security and the blockchain.

Blockchain technology is a recent breakthrough of secure computing without centralized authority in an open networked system. It is predicted that the annual revenue of blockchain- based enterprise applications worldwide will reach $19.9 billion by 2025, a yearly growth rate of 26.2% from $2.5 billion in 2016.

Of course, these kinds of sums are hugely tempting to any criminally minded person.

Because the mathematics, encryption, and computations are so complicated, there are hardly any people in the world who understand, in detail, how this all hangs together – and if one of those “goes rogue,” There are, equally, few who can sort it out and repair the damage.

This presents great risks - and great rewards.

At all stages of the process, there is scope for fraudulent activity but this is, thankfully, rare.

In Bitcoin, everyone has a copy of the entire network, so it is tough for an adversary to modify all copies of the data in the whole Bitcoin network.

This is because, in using a hash function with collision resistance, the hash function outputs will be wholly inconsistent with an overwhelming probability. Such inconsistency can be easily detected by others on the network, making it very hard to disguise tampering.

In the Bitcoin network, it is almost impossible for the adversary to change the previous block's hash and so on along the chain until the head of the list (a.k.a. genesis block) is reached. DDoS attacks attempt to overload the host system or the host network resource by flooding with excessive requests. DDoS attack refers to a "distributed" DoS attack, in which the incoming traffic flooding attack to a victim originates from many disparate sources.

The larger the Bitcoin network becomes, the harder it is to succeed in such large-scale DDoS attacks. The double-spending attack in the context of Bitcoin is considered a security concern because digital information can be reproduced relatively easily.

A user’s address can be viewed as a pseudo-identity in the Bitcoin network, achieving a weak form of anonymity employing the public key hash.

Security and privacy attacks may be launched, such as illegally transferring Bitcoins to some target wallet(s), reversing genuine transactions as if they never occurred, and so forth.

In Bitcoin-like systems, a user can have multiple pseudonymous addresses. Unlinkability refers to the inability to state the relation between two observations or two observed entities of the system with high confidence.

Anyone can relate a user's transaction to other transactions involving her Bitcoin address by a simple statistical analysis of the addresses used in Bitcoin transactions.

More seriously, a user may lose her anonymity and privacy for all the transactions associated with her Bitcoin address if the identity of her Bitcoin address to the user's real-world identity is exposed. In addition, given the open nature of the public blockchain, anyone can attempt to do so.

Consensus is a group-based protocol for reaching agreement dynamically in a group. It emphasizes that the entire group as a whole could benefit by getting a consensus.

The problem of reaching consensus due to faulty actors is referred to as Byzantine fault.

The consensus protocol designed by Satoshi Nakamoto for Bitcoin aims to reach a collective consensus from the network on the validity of each Bitcoin transaction. It bypasses the Byzantine Generals Problem using the PoW (Proof of Work) protocol, which is designed to be difficult and time-consuming for any prover to produce.

The PoW is thought to be a probabilistic solution to the "Byzantine General Problem" (BGP) in Bitcoin, which breaks down the effectiveness of the group to coordinate its actions.

It works by adding a nonce to a message to, say, send to the west side of a city. When the east side of the city wants to send a message, it follows the steps of the PoW protocol, appending a "nonce" to the original message. If the hash condition is satisfied, the recipient on one side of the city will get the message. PoW protocol in Bitcoin extends the Hashcash system with some minor improvements.

This hash function makes it hard to tamper with the hash of the message even if the messenger got caught. Finding the correct nonce can be time-consuming and computationally expensive. By adding more messengers, the probability of all of them getting caught is reduced significantly. Even though this process is computationally costly and time-consuming, it is still possible. The PoW protocol counters this loophole by increasing strength in numbers.

It is easy and straightforward to validate the hash result to see that no tampering has been made. Complexity will increase the amount of time required to tamper with the cumulative message and find the corresponding nonce for a hash substantially in the PoW system. The protocol also limits the rate of creating and adding new blocks to the network by limiting the network's speed of adding blocks.

The proof of work security comes from block creation rewards, which are strong incentives to attract a large number of miners to participate. The protocol is a highly inefficient process due to high computation complexity and low probability of successfully generating the Proof of Work. The Bitcoin PoW Protocol is a protocol with a reward mechanism while providing the same consistency and liveness properties with an approximate Nash equilibrium proof.

In the Bitcoin system, seeking moderation by combining social consensus may hold potential for healthy growth of the system. An adversary can get unlimited hashing ability with a 51% attack of any significant chain. Convincing all nodes of the entire network that this chain is legitimate is much harder than just obtaining the 50% hash power.

Such a social layer of consensus may still hold the potential to protect any chain in the long term.

It is reported that over 70% of the hash rate is divided among the top five independent mining farms (e.g., BTC.com 24%, AntPool 14.4%, Via BTC 11.4%, and SlusuPool 11.1% on March 20, 2018). If these big mining farms were team up with more than 51% of each other, they could acquire more than 50% of Bitcoin power.

Because participants may have varying computational capacities, they have different probabilities of success rates in generating Proof of Work.

This discourages centralized cartels and colluding parties from forming and prevents central cartels from acting anti-socially.

The more blocks under which a transaction is stored, the more challenging and less feasible it becomes for an adversary to remove it. The number of blocks needed to wait for consensus approval before accepting a transaction can be viewed as a reliably stored parameter (a Security Parameter).

There is growing interest in the blockchain in both academic research and industry. Developing lightweight cryptographic algorithms will be a critical enabling technology in its future development, useability, and applications.

An in-depth understanding of a blockchain’s security and privacy properties plays a critical role in enhancing the degree of trust a blockchain may provide.

Developing technological innovation for robust defense, techniques, and countermeasures will be an ongoing task for many years to come.