What Is a 51% Attack?

How Proof-of-Work Consensus Works

Bitcoin uses proof-of-work to reach agreement across thousands of independent computers around the world. Miners compete to solve a computationally expensive puzzle. The first to solve it earns the right to add the next block of transactions to the chain and collect the block reward. Every other node on the network independently verifies the solution before accepting the block.

The honest chain - the one followed by the majority of miners - is always the longest chain. This is the rule every node enforces. If two competing versions of the chain ever exist, the network eventually converges on whichever one has more accumulated proof-of-work behind it. This is the foundation of Bitcoin's security model, and it is also what a 51% attacker would attempt to exploit.

Because finding valid blocks requires real-world resources (electricity and hardware), it is not free to produce a fraudulent chain. The longer a dishonest chain needs to be to overtake the honest one, the more work - and therefore cost - the attacker must commit to the effort.

What a 51% Attacker Can and Cannot Do

Understanding the precise boundaries of a 51% attack is important. Popular media coverage often overstates what an attacker could actually accomplish.

The "cannot" list is long because Bitcoin's consensus rules are enforced by full nodes - not by miners. Miners decide which valid transactions to include in blocks. They do not define what counts as valid. A block that violates the consensus rules (such as one that creates extra bitcoin or spends a coin without a valid signature) will be rejected by every honest node on the network, regardless of how much hashrate the miner controls.

Why a 51% Attack on Bitcoin Is Practically Impossible

Bitcoin's hashrate has grown dramatically since its creation. As of early 2026, the network operates at over 600 exahashes per second - meaning miners collectively perform more than 600 quintillion hash computations every second. Gaining 51% of that requires either building or renting an enormous amount of specialized ASIC mining hardware that simply does not exist in sufficient quantity outside the existing honest network.

The cost estimate for a sustained 51% attack on Bitcoin runs into tens of billions of dollars for hardware alone, before accounting for electricity. And that cost must be sustained for long enough to complete the attack - which means the window of opportunity is narrow while the expense keeps accruing.

There is also a fundamental economic argument against attacking Bitcoin. An entity that controls 51% of Bitcoin's hashrate could mine blocks honestly and collect significant block rewards. Choosing to attack instead destroys the value of the very network that makes those rewards worth anything. A successful 51% attack would collapse trust in Bitcoin, crashing its price - meaning the attacker would be spending billions to destroy the value of their own investment.

Real-World Examples: 51% Attacks on Smaller Chains

While Bitcoin has never been successfully attacked, smaller proof-of-work networks have been - demonstrating that the threat is real when a network lacks sufficient hashrate security.

Ethereum Classic (ETC) suffered multiple 51% attacks between 2019 and 2020. In August 2020 alone, ETC was attacked three times within a single month. Attackers were able to reorganize hundreds of blocks and double-spend millions of dollars worth of ETC on exchanges before the exchanges could respond. The attacks were feasible because renting 51% of ETC's hashrate from mining services like NiceHash was relatively inexpensive compared to Bitcoin.

These attacks illustrate the key variable in proof-of-work security: the total cost of attack. Networks with low hashrate and a liquid market for renting that hashrate are vulnerable. Bitcoin, with its enormous and hardware-bound hashrate, sits at the opposite end of that spectrum. There is no marketplace where you can rent 300-plus exahashes per second - it does not exist.

The Economic Incentive Argument

Satoshi Nakamoto addressed the incentive question directly in the Bitcoin whitepaper. The argument is straightforward: a rational miner with majority hashrate earns more by playing by the rules than by attacking them. Honest mining generates a steady stream of block rewards and transaction fees. An attack is a one-time event that, if successful, would likely destroy the market value of the reward.

This is sometimes called the "Nash equilibrium" of Bitcoin mining. Even if an attacker could technically execute a 51% attack, the economically rational choice is still to mine honestly. The security of Bitcoin is therefore backed not just by cryptography, but by aligned financial incentives across all participants.

This is a meaningful distinction from traditional financial security, which relies primarily on legal enforcement and trusted intermediaries. Bitcoin's security model functions without requiring trust in any individual participant - it works because participants are rewarded for honest behavior and punished (through wasted resources) for dishonest behavior.