[EGreg]

Can someone please explain how exactly a 51% attack would actually cause double-spends to be accepted?

All the miners do is accept transactions into a block. We don't trust any given machine to validate that there were no double-spends. For that, each client would have to check the entire history before accepting payment. So, how would mining the blocks cause double spending to take place?

Don't bitcoin miners have to SIGN their blocks? If so, then broadcasting two different histories would quickly be discovered.

I guess the only thing they can do is make a bitcoin fork, something that is possible anyway, by enough miners agreeing.

Perhaps they can alternate the two forks length growth, making the clients thrash and re download the two forks over and over.

[sillysaurus3]

https://notehub.org/nz8d0

Basically, the longest chain is considered correct. And it has to work that way. It's why BTC is sybil-resistant.

So the attack is to get >51% of the hash power together, then mine in secret, creating a perfectly valid longer chain with a different tx history.

Publish it, and watch the world burn.

[mavdi]

I wonder what would be needed to gain 51% hash power? How many super computers would that be?

[gruez]

>How many super computers would that be?

you're asking the wrong question. mainly because bitcoin mining is done with ASICs and not general purpose computers. I would be surprised if the bitcoin network hashrate isn't higher than all the general purpose computing power in the world combined (converted to double SHA256 hash rate).