One of the forms of attack on a blockchain is directed against the consensus. The two best known are the Sybil attack, for Proof of Stake (PoS) and the 51% attack, for Proof of Work (PoW).
These types of attacks are what I will explain in this article, regarding the two most used consensuses to forge a blockchain, PoW and PoS.
Sybil and 51% attacks are not the only ways to attack a network, although they are the most important. It is also possible to exploit code vulnerabilities in the protocol, or perform a DDoS (Distributed Denial of Service) attack.
The attack on the PoS protocol is theoretically more likely than on the PoW protocol, since the algorithm is much more complex, because in addition to programming the issuance of coins and coding the structure for block validation, the protocol must manage the distribution of rewards between operators and delegators. Complexity is prone to vulnerabilities.
The DDoS attack consists of affecting the availability of the system, generating large volumes of packages or requests, to overload the system, from multiple sources of aggression.
Both algorithms admit variations in their protocol for the different blockchains, but they keep their essence, and therefore, the same corresponding attack vectors.
You should know that there are many other consensus protocols such as: Delegated Proof of Stake (DPoS), Leased Proof of Stake (LPoS), Proof of Elapsed Time (PoET), Proof of Importance (PoI), Proof of History (PoH), Proof of of Activity (PoA) a mix between PoW and PoS, Proof of Capacity (PoC) which counts the capacity of your hard drive, Practical Byzantine Fault Tolerance (PBFT), Delegated Byzantine Fault Tolerance (dBFT), etc.
I show you a graphic summary below:
Blockchain consensus attacks target those who forge the network and the economic incentives for their work. Block after block, recording transactions, whether they are miners in the Proof of Work (PoW) consensus, or validators in the Proof of Stake (PoS) consensus, the revenue is made up of coin issuance (inflation) for many of the networks , plus validation fees, for all, whatever the consensus.
The PoW protocol is vulnerable to the 51% attack, which occurs when a group of miners controls the consensus with more than half of the mining hashrate (computational power) of a network, being able to alter the normal mining process, preventing other miners from completing blocks, denying or modifying transactions at will.
If we take Bitcoin data from the last 12 months, we have a PoW network of about $700 billion cap, where miners have been charged $16.8 billion to secure it.
Those earnings are made up of 328,500 BTC (6.25 BTC x 144 daily blocks x 365 days) at an average value of USD 45,000 last year, adding USD 14.8 billion per BTC mining, plus validation fees. Source: Blockchain.com
Therefore, a 51% attack on such a network would cost (by bribing miners) at least USD 9 billion a year.
A Sybil attack is a type of blockchain attack, in which an attacker subverts the consensus system by creating a large number of pseudo-anonymous identities and uses them to gain a very large influence on the consensus. This attack is possible in Proof of Stake (PoS).
Following the same analysis I did for the 51% attack, a USD 700 billion PoS network, assuming a delegation of 50% of circulating coins, would require at least USD 357 billion to attack the network, buying half of the tokens that are delegated. The greater the delegation, the more difficult the attack. Cardano has maintained a delegation of no less than 69% of its currency, for more than a year, therefore it is even more expensive for its attackers.
Comparison of PoW and PoS Attacks
A Proof of Work (PoW) blockchain does not suffer from a Sybil attack, because there is a large hardware and energy cost in testing each node to solve arbitrary cryptographic puzzles.
With the proposed exercise, it can be seen that a PoS network, if it keeps half of its circulating coins in delegation, is 40 times more expensive to attack compared to a PoW of similar capitalization value.
The higher the delegation in PoS, the more expensive the attack.
The higher the price of your cryptocurrency, the more expensive the attack is for either of the two consensuses.
In this exercise, the costs of the validators to run their nodes have not been considered, which would reduce the attack barrier, because the net profits are lower after subtracting the expenses to sign blocks.
PoW has higher costs by requiring specialized hardware to be able to mine, (ASIC is the processor with the largest market) and a lot of electricity to protect the network, all to solve arbitrary mathematical equations, which implies that the net profit is much lower, and therefore this reduces the attack barrier compared to PoS.
On this site you can read about the energy input of Bitcoin: Cambridge Bitcoin Electricity Consumption Index.
The interest of the miners is to continue with the business, and that incentive (Game Theory) means that they are not easily bribed (perhaps the attacker should offer them several years of rent in advance).
In this table you can see the requirements for the main PoS blockchains.
The higher the hashrate (computing power) in PoW, the less likely a 51% attack is, and the probability is further reduced when that hashrate is distributed among multiple miners.
In the same sense, for the PoS protocol, the Sybil attack is less likely, when a large number of cryptocurrencies are in delegation and distributed among several holders, since the value of the token itself is used to secure the network.
PoS consensus is a much more efficient protocol, from the economic point of view, to obtain a high security of blockchain, without the enormous cost of hardware and energy of PoW, and thus, its economic ecosystem can have fees and inflation (issuance ) much lower, due to its design.
The conclusion is clear, for both protocols, decentralization in block production is key, for a healthy blockchain in the long term.