Cryptothreads.io

Bitcoin 51% Attack: What Attackers Can Really Do

A Bitcoin 51% attack lets one entity control the blockchain and double-spend coins, but it cannot steal wallets or create fake BTC. Here's what's at stake.

Bitcoin 51% Attack: What Attackers Can Really Do

Key takeaways

  • A 51% attack occurs when a single entity gains majority control of a Proof-of-Work network's hash rate, giving them the power to manipulate recent transaction history.
  • The only direct financial weapon a 51% attacker has is double-spending – tricking a recipient into accepting a payment that is later reversed.
  • Bitcoin confirmations are the primary defense at the user level.
  • Bitcoin's hash rate has grown to a scale where a successful attack would require billions of dollars in hardware and sustained electricity costs.

A Bitcoin 51% attack happens when a single entity gains control of more than half of the network's total mining power, allowing them to manipulate recent transactions by spending the same coins twice. While this sounds alarming, what an attacker can actually do is more limited than most people assume.

Understanding the real scope of this threat and its boundaries matters for anyone holding, transacting, or building on Bitcoin.

What Is a Bitcoin 51% Attack?

In short: A Bitcoin 51% attack is when one miner or group of miners controls more than 50% of Bitcoin's total hash rate – the combined computing power used to validate transactions and add new blocks.

With majority control, the attacker can rewrite a portion of the blockchain's recent history, effectively undoing transactions that were previously considered confirmed.

In Bitcoin's Proof-of-Work (PoW) system, the chain with the most accumulated computational work is treated as the valid one. Whoever controls the majority of that work controls what gets written into history.

How a Bitcoin 51% Attack Works

In short: In a 51% attack, the attacker mines a secret parallel chain while simultaneously spending coins on the public network. Once their hidden chain is longer than the honest one, they broadcast it.

This attack is a coordinated sequence that plays out over hours or longer, requiring sustained hash rate dominance throughout.

Step 1: The attacker gains majority hash power

The attacker must first assemble more computing power than all honest miners combined.

In practice, this means either purchasing and operating a massive number of ASIC mining machines, or renting hash rate from services like NiceHash.

For Bitcoin, neither route is simple: the network's total hash rate has surpassed 1 ZH/s as of 2026, according to CoinWarz. That means the attacker would need to match or exceed the computing output of every miner on earth, combined.

how a bitcoin 51% attack works step 1
In June 2014, GHash.io briefly crossed this exact threshold, reaching ~55% of Bitcoin's total hash rate. No attack was launched, but it proved the scenario wasn't purely theoretical.

Step 2: A private chain is secretly mined

Once the attacker has majority hash power, they begin mining blocks in secret without broadcasting them to the rest of the network.

The honest network continues building its public chain as normal. Meanwhile, the attacker's private chain grows in the background, diverging from the public version. This is sometimes called a "shadow chain."

how a bitcoin 51% attack works step 2
The honest network sees nothing unusual. Blocks keep arriving at normal intervals on the public chain while the shadow chain grows silently in the background.

Step 3: Double spending happens

  • While mining privately, the attacker sends coins on the public chain – depositing, say, Bitcoin into a crypto exchange and converting them into another asset or fiat currency.
  • The exchange sees the deposit, confirms it after the standard number of block confirmations, and processes the withdrawal.

→ The attacker now has the funds from the exchange.

how a bitcoin 51% attack works step 3
Exchanges are the primary target because they convert crypto to cash quickly. The attacker needs to fully exit their position before broadcasting the private chain.

Step 4: The honest chain gets replaced

  • Once the attacker has received their funds from the exchange, they broadcast their private (shadow) chain to the network.
  • Because it was built with majority hash power, it is longer and carries more cumulative proof-of-work than the public chain. Bitcoin's consensus rules automatically treat the longest valid chain as canonical, so the network switches over.

The attacker's original deposit transaction no longer exists on the new chain, so they effectively got the exchange's money for free while keeping their original coins.

how a bitcoin 51% attack works step 4
Bitcoin's consensus rule – "the longest chain wins" – is what makes this possible, and also what makes it self-defeating at scale: a successful attack on Bitcoin would likely crash its price, destroying the value of whatever the attacker just stole.

What Can a 51% Attacker Actually Do?

In short: A 51% attacker can manipulate recent transaction history, but only in one direction: making confirmed transactions disappear. Every capability they have flows from this single power, and all of it targets exchanges, not individual wallets.

Reverse recent transactions

The attacker can undo transactions that were included in recent blocks, provided those blocks haven't been buried too deeply under subsequent confirmations. This is the core mechanism behind double-spending.

Double-spend coins

This is the primary financial incentive for a 51% attack. By sending coins on the public chain, then replacing that chain with their private version, the attacker effectively spends the same coins twice.

Exchanges and payment processors that accept low-confirmation transactions are the most common targets, since they may release goods or funds before a transaction is truly final.

Block new transactions

An attacker with sustained majority hash power can selectively exclude certain transactions from the blocks they mine, effectively censoring specific addresses. This is sometimes called a "transaction withholding" or "blacklisting" attack.

In practice, this is difficult to maintain, since honest miners will eventually include the censored transactions if the attacker's dominance is lost.

Delay confirmations

By controlling which blocks get added, the attacker can slow down confirmation times for targeted transactions, causing practical disruption to the network, particularly for time-sensitive payments.

What a 51% Attack Cannot Do

In short: Controlling the majority of mining power does not mean controlling Bitcoin itself. An attacker cannot touch funds they don't own, create coins out of thin air, or change the rules the protocol runs on.

They cannot steal your wallet

Private keys are generated and stored independently of the mining process. No amount of hash rate gives an attacker access to another user's private key or the funds it controls. Your wallet remains yours.

They cannot create fake Bitcoin

Bitcoin's supply rules are enforced by every node on the Bitcoin network, not by miners alone. An attacker cannot mine blocks with invalid coinbase rewards (e.g., claiming 1,000 BTC per block instead of 3.125 BTC) – the rest of the network's nodes would reject those blocks outright, regardless of hash rate.

They cannot change Bitcoin rules alone

Protocol rules – supply cap, transaction format, difficulty adjustment – are enforced by the full node network. Changing these rules requires consensus among node operators, which cannot be forced by hash rate dominance alone.

They cannot reverse very old transactions easily

The further back a transaction sits in the blockchain, the more blocks an attacker would have to re-mine to undo it.

Transactions buried under hundreds or thousands of blocks are computationally protected by an enormous and growing amount of accumulated proof-of-work. Reversing a transaction from years ago would be practically impossible even with a majority hash rate.

A 51% attacker can do

A 51% attacker cannot do

✅ Reverse recent, unconfirmed or low-confirmation transactions✖ Access or drain individual wallets
✅ Execute double-spend attacks against exchanges✖ Create Bitcoin that doesn't exist
✅ Temporarily censor specific transactions✖ Change Bitcoin's protocol rules unilaterally
✅ Delay confirmation times✖ Reverse deeply buried historical transactions

Every capability sits inside the same narrow lane – recent transaction history, while everything outside that lane remains completely out of reach.

Why Bitcoin Is Extremely Difficult to Attack

In short: Bitcoin is difficult to attack because the cost of acquiring majority hash power now runs into the billions of dollars. Even a successful attack would likely destroy the value of the asset being stolen, making the entire effort economically irrational.

1. The hash rate barrier is enormous

As of May 2026, Bitcoin's network hash rate stands at approximately 1.125 ZH/s (zettahashes per second), according to CoinWarz.

  • An attacker would need to match or exceed this with their own hardware – a task that would require procuring hundreds of thousands of the latest-generation ASICs, at a hardware cost alone estimated at $4.6 billion by Duke University professor Campbell Harvey (October 2025).
  • Add data center build-out (~$1.34 billion) and electricity (~$130 million per week), and a one-week sustained attack on Bitcoin's mainnet would cost roughly $6 billion, according to Harvey's analysis published by Crypto.news.

2. Bitcoin confirmations matter

Bitcoin requires 6 confirmations as a standard baseline, but high-value transactions often require many more. Each additional block means the attacker must not only re-mine that block, but outpace the entire honest network doing so – a computation that compounds exponentially with depth. This is the core security design of Proof-of-Work.

3. The game theory makes attack irrational

Even if an entity somehow assembled 51% of Bitcoin's hash rate, launching an attack would likely crash the price of Bitcoin. Honest mining is simply more profitable: the block rewards from playing by the rules consistently outweigh any theoretical gain from a short-lived attack.

4. The network self-corrects

If an attack were detected, exchanges would immediately increase confirmation requirements, potentially suspend deposits, and coordinate a response. Developers can implement emergency measures.

In 2014, when the GHash.io mining pool briefly exceeded 51% of Bitcoin's hash rate, the community's reaction was swift and decisive. GHash.io voluntarily capped its share at 39.99% and the episode became a case study in self-regulation.

why bitcoin is extremely difficult to attack
An attacker needs to beat all four barriers at once, with billions of dollars on the line and a ticking clock before the market reacts.

How Much Would a Bitcoin 51% Attack Cost?

In short: No one can give a single definitive number, because cost depends on the method and duration. But every serious model arrives at the same conclusion – it is extraordinarily expensive.

The most commonly cited framework breaks down the cost into three components:

  • Hardware (CAPEX): Acquiring enough ASICs to exceed 51% of the current hash rate. Professor Campbell Harvey's October 2025 estimate put this at approximately $4.6 billion at current hardware prices.
  • Data center infrastructure: Building or leasing facilities to house and power that hardware. Harvey's model puts this at approximately $1.34 billion.
  • Electricity (OPEX): Running the machines for the duration of the attack. For a one-week attack, Harvey estimated approximately $130 million in electricity costs.

Total for a one-week attack: approximately $6 billion, representing roughly 0.26% of Bitcoin's total market value at the time of the estimate.

Has Bitcoin Ever Suffered a 51% Attack?

In short: No. Bitcoin's mainnet has never experienced a successful 51% takeover or double-spend attack.

The closest it came was in June 2014, when the GHash.io mining pool briefly crossed the 51% threshold, reaching approximately 55% of total network hash rate over a 24-hour period, according to the analyses at the time.

No attack was executed. GHash.io's operators publicly stated they had no intention of exploiting the position and voluntarily pledged to cap their share at 39.99%. The episode prompted extensive community debate about mining centralization but produced no actual harm to the network.

Since then, Bitcoin's hash rate has grown by orders of magnitude. The mining landscape has become more distributed, and the infrastructure required to replicate GHash.io's feat has become exponentially more expensive.

→ There is an irony embedded in the 51% attack threat: Security and market cap are deeply linked. Every new miner that joins the network, every ASIC deployed, every marginal exahash added makes the network fractionally harder to attack and fractionally more expensive to subvert. The attack that could theoretically destroy Bitcoin is, in a very real sense, deterred by Bitcoin's own success.

Disclaimer:The content published on Cryptothreads does not constitute financial, investment, legal, or tax advice. We are not financial advisors, and any opinions, analysis, or recommendations provided are purely informational. Cryptocurrency markets are highly volatile, and investing in digital assets carries substantial risk. Always conduct your own research and consult with a professional financial advisor before making any investment decisions. Cryptothreads is not liable for any financial losses or damages resulting from actions taken based on our content.
bitcoin
attack
network security
btc

FAQs About Bitcoin 51% Attack

Could a government or nation-state pull off a 51% attack on Bitcoin? Theoretically, a nation-state with sufficient resources could attempt it, but the logistics are daunting even at that scale. Procuring and deploying enough ASICs to exceed Bitcoin's current hash rate would require sourcing hardware that doesn't yet exist in sufficient quantity, building massive data centers, and sustaining the operation without detection.

BytebyByte
WRITTEN BYBytebyByteBytebyByte is a blockchain developer and crypto market researcher contributing technical analysis and research at Cryptothreads. His work focuses on the infrastructure, economic design, and market structure of digital asset systems. With a background spanning blockchain development, quantitative analysis, and financial market dynamics, BytebyByte specializes in examining how crypto protocols operate—from consensus mechanisms and token economics to on-chain market behavior. His research often explores the intersection between blockchain technology and the broader financial system, translating complex technical concepts into structured insights accessible to a wider audience. At Cryptothreads, BytebyByte contributes in-depth articles covering blockchain architecture, protocol economics, and emerging narratives shaping the digital asset ecosystem. His work aims to help readers better understand the mechanisms behind crypto markets and the technological foundations that drive the industr
FOLLOWBytebyByte
XFacebook

More articles by

BytebyByte

Hot Topic