What about 51% attack?

From my understanding, anyone can take over the network if they own over 50% of all coins or if they in any way manage to get over 50% of delegated voting weight. How does Nano protect itself from this?

Decentralization of the network is important to protect from 51% attacks, though this is certainly not exclusive to Nano. It’s important to note that users can change their representative at any time, so if they believe collusion is happening in order to attack the network, they can quickly redistribute their voting power.

If you are solely speaking on someone buying up over 50% of Nano, that attack becomes increasingly expensive as the market cap raises and the attack itself would result in their coins becoming less worth. It would simply not be profitable.

From https://docs.nano.org/protocol-design/network-attacks/:

There are multiple levels of defense against this type of attack:

  • Primary defense : voting weight being tied to investment in the system; attempting to flip the ledger would be destructive to the system as a whole which would destroy their investment.

  • Secondary defense : cost of this attack is proportional to the market cap of all of Nano. In proof of work systems, technology can be invented that gives disproportionate control compared to monetary investment and if the attack is successful, this technology could be repurposed after the attack is complete. With Nano the cost of attacking the system scales with the system and if an attack were to be successful the cost of the attack can't be recovered.

  • Tertiary defense : In order to maintain the maximum quorum of voters, the next line of defense is representative voting. Account holders who are unable to reliably participate in voting for connectivity reasons can name a representative who can vote with the weight of their balance.

  • Forks in Nano are never accidental so nodes can make policy decisions on how to interact with forked blocks. The only time non-attacker accounts are vulnerable to block forks is if they receive a balance from an attacking account. Accounts wanting to be secure from block forks can wait a little or a lot longer before receiving from an account who generated forks or opt to never receive at all. Receivers could also generate separate accounts for receiving from dubious accounts in order to protect the rest of their balance.

  • A final line of defense is block cementing. As blocks are confirmed in V19.0+, the node marks the height of the last block confirmed for every account and will refuse the replacement of an already confirmed block. Attempts to fork after previous confirmation of a block will immediately fail.

The most sophisticated version of a >50% attack is detailed in the diagram below. "Offline" is the percentage of representatives who have been named but are not online to vote. "Stake" is the amount of investment the attacker is voting with and will be lost if they successfully attack the system. "Active" are representatives that are online and voting according to the protocol. An attacker can offset the amount of stake they must forfeit by knocking other voters offline via a network denial of service attack. If this attack can be sustained, the representatives being attacked will become unsynchronized and this is demonstrated by "Unsynced". Finally, an attacker can gain a short burst in relative voting strength by switching their denial of service attack to a new set of representatives while the old set is resynchronizing their ledger, this is demonstrated by "Attacked".

If an attacker is able to cause Stake > Active by a combination of these circumstances, they would be able to successfully flip votes on the ledger at the expense of their stake. We can estimate how much this type of attack could cost by examining the market cap of other systems. If we estimate 33% of representatives are offline or attacked via denial of service, an attacker would need to purchase 33% of the market cap in order to attack the system via voting.
Voting attack cost:

  • Euro - M1 in 2014 ~6 trillion, attack amount 2 trillion

  • USD - M0 in 2014 ~4 trillion, attack amount 1.2 trillion

  • UK pound sterling - M0 in 2007 ~1.5 trillion, attack amount 500 billion

  • Bitcoin - Market cap 2014 ~3 billion, attack amount 1 billion

2 Likes