Bitcoin more vulnerable to attack than expected

April 23, 2018 by Joost Bruysters, University of Twente

Calculations by University of Twente researchers show that Bitcoin is more vulnerable to attack than people had always assumed. If some Bitcoin users were to form a group that controls 20 percent of the currency's computing power, they could launch an attack and, within a few days, force all other users to accept a new standard for Bitcoin. The researchers presented their results last week, at a scientific conference organized by NASA in the United States.

The Bitcoin network uses . All individual (blocks) are linked to each other, forming a chain that any user can check. Within the Bitcoin network, agreements have been made about how exactly these transactions are linked together.

The Bitcoin world is currently divided into various camps. One camp wants to maintain the current standard. Other camps advocate modifications to enable more transactions to be carried out in a shorter period of time, for example. The current protocol imposes a hard upper limit on the size of individual blocks, which means this global system can process no more than seven transactions per second. Many people feel this limitation makes the network far too slow. It certainly does not bear comparison with the number of transactions that credit card companies can process in a second.

Changes to the Bitcoin protocol can only be implemented if they are accepted by the majority of users. However, calculations by University of Twente researchers show that – provided it holds 20 percent of the 'mining power' – a limited group could use an 'Andresen attack' to implement a new protocol within a few days, and force all other users to adopt it. Ansgar Fehnker, one of the researchers involved, compares it to a situation in which 20 percent of a company's shareholders are able to impose their view on the great majority. As a result of the attack, all transactions carried out in the preceding hours would be annulled, with retroactive effect. This, in turn, would seriously undermine confidence in the current standard.

Explore further: Q&A: How is a bitcoin mined? A look at the virtual currency

More information: Fehnker A., Chaudhary K. (2018) Twenty Percent and a Few Days – Optimising a Bitcoin Majority Attack. In: Dutle A., Muñoz C., Narkawicz A. (eds) NASA Formal Methods. NFM 2018. Lecture Notes in Computer Science, vol 10811. Springer, Cham

Related Stories

Bitcoin 'mining pool' promises to stay small

July 17, 2014

The largest group of bitcoin miners, which maintains and processes transactions in the digital currency, is promising to avoid majority control of the currency as a temporary measure to maintain the payment system's credibility.

Recommended for you

Researchers engineer a tougher fiber

February 22, 2019

North Carolina State University researchers have developed a fiber that combines the elasticity of rubber with the strength of a metal, resulting in a tougher material that could be incorporated into soft robotics, packaging ...

A quantum magnet with a topological twist

February 22, 2019

Taking their name from an intricate Japanese basket pattern, kagome magnets are thought to have electronic properties that could be valuable for future quantum devices and applications. Theories predict that some electrons ...

Solving the jet/cocoon riddle of a gravitational wave event

February 22, 2019

An international research team including astronomers from the Max Planck Institute for Radio Astronomy in Bonn, Germany, has combined radio telescopes from five continents to prove the existence of a narrow stream of material, ...


Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Apr 24, 2018
I thought the minimum required to control the BTC network was 51%. How does one-fifth control of the miners force such control? Wouldn't the other 80% of the miners simply invalidate the transactions by the nefarious 20%?
not rated yet Apr 25, 2018
If the other 80 band together, they can mount a counter attack. But they would have to be unifying quickly. The hope would be that a sufficient number would roll over and start mining the longest fork and earn money. Instead of wasting energy on reversing the attack.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.