How to prevent 51% ATTACK on new coin

[gio_jordan]

Hello folks. I am interested how bitcoin managed to prevent 51% attack in the beginning?
I am about to create my own coin and i want miners to mine blocks. but The problem is I am afraid  51% attack might destroy my blockchain.What'd be your advise? how did bitcoin make it possible that it has come this far?
What if i use proof of stake and proof of work together? Someone told me it's possible that i can use both. so that 2 blocks get added by proof of stake and then the following 1 block must be proof of work. then 2 blocks will be confirmed by proof of stake and so on. that way, no one can't add 3 blocks by proof of work. just need your ideas about 51% attack prevention.
 Thanks .
If this is the inappropriate group, I'm sorry.

[Xynerise]

No one would attack your coin for no reason because of opportunity cost of just using that hash power to mine (another coin) legitimately.

You could look into merged mining with another coin eg BTC.

[funsponge]

Merged mining would be difficult with a new coin. Theres many different coins coming out and to be able to gain enough interest for merged mining to be a viable option it would require releasing the coin and gaining traction before doing it which means within the initial launch until the time you get enough attention and people willing to do merged mining it would still be vulnerable to a 51% attack.

[DooMAD]

It's not easy, but then it should only be a concern if the value of your coin is high.  If Bitcoin had the mining difficulty it had in 2010, but the price it has now, as an example, you can bet there would be some problems.  But as long as your difficulty keeps pace with your value, you shouldn't be a victim.  

If you do stick with PoW, sensible steps include:

• 1 - not championing CPU-only mining because Botnets
• 2 - not picking an algo that already has huge amounts of ASIC power dedicated to it, because that's the opposite extreme of 1 and equally likely to cause issues
• 3 - not manipulating the price of your coin because you'll make it a more tempting target

There's kind of a delicate balancing act between 1 and 2.  Those are the tricky ones.  3 should be a no-brainer.

[samwolf]

I thought DAG was to stop 51% attack?

Constellation for instance?

[btj]

Choose an hybrid solution or rent some hash power from nicehash etc.

And if you offer a new idea and promizing road map, some peoples will be interested on minning it.

[vit05]

Are you seriously thinking about creating a new currency without being sure about how to prevent one of the main problems in decentralized protocols? I find it very risky and probably unnecessary. Will your project bring any breakthrough in relation to the top 20 current currencies?

PoS is not used to prevent attacks, when they say they use it for that purpose, they only do it as an excuse to centralize the project. It is more difficult to attack a centralized project that has coordination points.

That is, the simplest ways to avoid a 51% attack on a new currency are:

• Centralize the project
• Create coordination points
• Take away the possibilities of profiting performing this attack

[NeuroticFish]

Hello folks. I am interested how bitcoin managed to prevent 51% attack in the beginning?

51% attacks are costly and somebody would do that only if the benefit is bigger than the cost.
As long as your coin is worthless, as long as there are no high value transactions that could be double spent with a 51% attack, you have nothing to fear.

Ideas to prevent 51%?
Invent a completely new algorithm for mining your coin. This way it may not be so easy to get/rent hashing power from other coin for a short time to perform the attack.
Make your coin profitable to mine. Then the miners will come and mine your coin and will make your network more powerful. Yeah, for this the coin has to have success.

Also you can do more thinking and see, maybe you don't need your own blockchain and you can do good enough with a token and the problem of 51% attack is gone, since the parent network is successful enough and safe enough.

[hulla]

There are many ways to prevent the 51% attack for new coin but I mention the method used by some coins before to prevent the attack.
Increasing number of confirmations from usual so that anything fishy can be notice since the attacker will need the transaction to be confirm before the double spend will be successful. However, the attackers have no profit doing the 51% attack but to eliminate their rivalry coin.

[bob123]

There are many ways to prevent the 51% attack for new coin but I mention the method used by some coins before to prevent the attack.
Increasing number of confirmations from usual so that anything fishy can be notice since the attacker will need the transaction to be confirm before the double spend will be successful. However, the attackers have no profit doing the 51% attack but to eliminate their rivalry coin.

You seem to missunderstand the question from OP.
He asked how one can secure a new coin from 51% attacks. Not how user can secure themselfes from a double spend.

Additionally with 51% hashrate (assuming OP talks about PoW coins) one can generate blocks faster. Therefore a victim would not see there is an attack ongoing, once the reorganization happens (after X blocks).
Noone can notice anything 'fishy' until it happened.

[gio_jordan]

Thanks everyone for your ideas.
This topic is so big that It's really hard to make it work.

I was thinking maybe I have master nodes and i also have POW. so imagine I use pow and pos together, which means, that blockchain will be alike (block1, block2, Master-node block, block3,block4, master-node block) . so no one will be able to add 3 blocks simultaneously if he mines privately. does that make sense? I don't know , can you give me at least example if preventing this problem made some coin makers use pow and pos together?

[mu_enrico]

<...>
If you do stick with PoW, sensible steps include:

• 1 - not championing CPU-only mining because Botnets
• 2 - not picking an algo that already has huge amounts of ASIC power dedicated to it, because that's the opposite extreme of 1 and equally likely to cause issues
• 3 - not manipulating the price of your coin because you'll make it a more tempting target

<...>

Yeah, bitcoin was flying under the radar for a very long time, thus when this kind of attack happens, its hash-rate has become strong enough to "resist" the attack.
In addition to above comment, I suggest restricting exchange listing. Other words, don't use resource for the listing fee.

You need to fly under the radar as long as possible while building hash-rate to make the 51% attack very expensive.

<...>
I was thinking maybe I have master nodes
<...>

Just don't....

[buwaytress]

Just contributing my thoughts here. The key is to identify the motivating factor for a 51% attack. Which really just boils down to economic profit. Of course, this takes the assumption that an attacker is rational.

Starting with the estimate value of the coin, the aim is simply to make a 51% "economically unfeasible".

User above suggests not listing and this can be effective if you're not looking to put your coin on the open market (actually a coin without market is practically safe from 51% attacks if it serves no other purpose).

As value grows, you assume this is because of adoption, recognised use, a more widespread network of nodes. Coins that didn't grow organically are especially susceptible, just read about all the past 51% attacks this year. None gained adoption the way Bitcoin did...

[suzanne5223]

I think it pretty easy to prevent or detect 51% attack since the attackers will shut down the network in other to prevent anyone transaction expect theirs to go through. Meanwhile, DDoses can be use to lowering the hashrate of the attackers but this is what Gavin Anderssen (the man that worked alongside with Satoshi back then) said about preventing 51% attack

"ignore a longer chain orphaning the current best chain if the sum(priorities of transactions included in new chain) is much less than sum(priorities of transactions in the part of the current best chain that would be orphaned)" would mean a 51% attacker would have to have both lots of hashing power AND lots of old, high-priority bitcoins to keep up a transaction-denial-of-service attack. And they'd pretty quickly run out of old, high-priority bitcoins and would be forced to either include other people's transactions or have their chain rejected."

You can check his blog for more information.

[spartacusrex]

You could do what IOTA does. Have a 'Coordinator'.

Basically it's a centralised server that Timestamps the CORRECT chain. You run it on your servers (users check with you), and you refuse to re-org past 1 hour, no matter the weight of the other chain. Totally not cool in the long run, but in the Bootstrap period of a coin, I don't see any issues.

This is only temporary ( or so they say on IOTA, but I have my doubts ), and once your hash rate is high enough you can get rid of it.

[monsterer2]

You could do what IOTA does. Have a 'Coordinator'.

Basically it's a centralised server that Timestamps the CORRECT chain. You run it on your servers (users check with you), and you refuse to re-org past 1 hour, no matter the weight of the other chain. Totally not cool in the long run, but in the Bootstrap period of a coin, I don't see any issues.

This is only temporary ( or so they say on IOTA, but I have my doubts ), and once your hash rate is high enough you can get rid of it.

I don't want to derail this thread too much, but I thought I would comment on this - IOTA can never remove the coordinators, for two reasons:

1) Their security model is utter snake oil*
2) DAGs require some kind of centralisation otherwise lite nodes cannot function at all.

*) https://bitcointalk.org/index.php?topic=1799665.msg20108439#msg20108439

[Marcel666]

Well for someone to effect a 51% attack, such individual would have more than halve the total hashrate and computing power percentage.
How about using coded algorithms to give the community the power to vote down or discredit malicious miners through a smart contract voting system?
To do this you would need two cryptocurrencies working together. One would be used by miners and the other for the general community.

Also try other popular solutions. Increasing the number of confirmations needed for a transaction to be completed.

Or you could try Gavin Anderson's solution:
Something like "ignore a longer chain orphaning the current best chain if the sum(priorities of transactions included in new chain) is much less than sum(priorities of transactions in the part of the current best chain that would be orphaned)" would mean a 51% attacker would have to have both lots of hashing power AND lots of old, high-priority bitcoins to keep up a transaction-denial-of-service attack. And they'd pretty quickly run out of old, high-priority bitcoins and would be forced to either include other people's transactions or have their chain rejected.

I personally think it is still possible to bypass this as miners can create longer blocks over a period of time and add it to the chain. And it also doesn't solve the problem of 51%attacks stopping other transactions from getting completed.

My best solution is making the system 'less decentralized'.

[Kakmakr]

Just contributing my thoughts here. The key is to identify the motivating factor for a 51% attack. Which really just boils down to economic profit. Of course, this takes the assumption that an attacker is rational.

Starting with the estimate value of the coin, the aim is simply to make a 51% "economically unfeasible".

User above suggests not listing and this can be effective if you're not looking to put your coin on the open market (actually a coin without market is practically safe from 51% attacks if it serves no other purpose).

As value grows, you assume this is because of adoption, recognised use, a more widespread network of nodes. Coins that didn't grow organically are especially susceptible, just read about all the past 51% attacks this year. None gained adoption the way Bitcoin did...

A lot of people are launching these attacks to sabotage the competition and economic gain from the 51% attack alone, is not their primary goal. If you have a lot of hashing power and you can pull off a successful attack on a new Alt coin, then that Alt coin will suffer a public humiliation and it will taint their reputation.

The successful attack might also partly fund the cost of that attack, so it is a WIN/WIN situation for the attacker. There are currently a lot of competition in the Alt coin scene and people will fight dirty to get to the top.