You stated so indirectly. In order to steal coins from most transactions, ECDSA must be broken.
I never stated it, directly or indirectly. Nah you must not break it
Yes we should. Because it is wrong.
Reverse other people's transactions
Send coins that never belonged to him
The attacker CAN do these things.
Are you claiming that somebody broke ECDSA?
Where did i exactly claimed that? Please point me to that
Because i never said that
I just said the attacker can spend coins owned by other people
Gabi, please tell me how it's possible to spend coins you don't own. It isn't possible. Unless you actually think that reversing a transaction is actually your victim sending coins back you you?
It's just not the way it works.
It is so easy and yes it is possible: just rewrite the chain from when these coins were mined. You will find the blocks, so you will have mined them, so they will be your. Thus, the other transactions never existed. That is how a 51% attack work, you can rewrite the chain as you wish.
No need to break ECDSA. You just make it so you mined these coins. So you own them. 51% attack.
Even if you have 51% hash rate, it only means you can be a little bit faster than others. You cannot revert the block chain too much. Otherwise, you need a long time to catch up with the normal chain, and by that time you may already lose the 51% advantage because of the difficulty adjustment.
For example, if you have 60% network hash rate, and you decide to quit the main chain and create a new chain. At the current difficulty, you can generate 1.5 times faster than all other miners. Say you begin this exactly in the beginning of the difficulty change cycle, and you have to get more blocks than the original chain before the difficulty changes. Otherwise, the difficulty of main chain adjusts and you lose your advantage. That means you have to generate more blocks before next 2016 blocks. In this period, you can generate 2016 * 1.5 = 3024 blocks. So you can only revert the blockchain by around 1000 blocks if you have 60% network hashing rate.
If you have only 51%, then you are only 1.04 times faster. You can only generate 2096 blocks in this period, so you can only revert 80 blocks back at most.
Moreover, each new release of bitcoin client will hardcode the recent block hash, so no one can revert beyond this point. Therefore, if you cannot catch up before a new official client release, you lose all your efforts.
Finally, all this reverting only causes one result: bitcoin becomes zero value and will not bring any profit to the attacker, because everyone will notice if you revert the blockchain by only a couple of blocks. So the attacker lose all the value of bitcoins they have, and moreover they have lost the chance to earn more than 2000 BTC (>1 million dolloar) per day forever. Therefore, 51 attack is only meaningful to the organizations who want to destroy bitcoin at any cost.
Besides, what you described has nothing to do with spending others' coins.
