Is Hyperledger-fabric prone to 51% attack?

Question

I've been given task to research blockchain implementation and its risk for my company , but I can't find this anywhere.

Answer 1

It ultimately depends on the consensus algorithm used. Recall that Hyperledger Fabric supports pluggable consensus.

So I will provide a more generic answer (rather than focusing on the current version of Hyperledger Fabric) since the supported consensus algorithms change and evolve over time.

If a Crash Fault Tolerant algorithm is used (like the current Kafka), then a 51% honest majority is sufficient (more precisely, n/2 + 1 nodes).

If a Byzantine Fault Tolerant algorithm is used (as PBFT in an the older version, or the future-planned BFT-smart), then a 66% honest majority is required (more precisely, 2n/3 + 1 nodes).

All of the above are the lower bounds. Some consensus algorithms require "stricter" honest majorities.

Answer 2

The answer to your question (as in a lot of questions) is: "depends on the context".

Hyperledger Fabric is very modularized, meaning a lot of things can be customized to fit your specific needs, one of the things that can be chosen is the consensus algorithm for your specific Fabric network, to learn more about this read the official documentation: https://hyperledger-fabric.readthedocs.io/en/release-1.3/blockchain.html

Currently the only consensus algorithm offered by Fabric to use on production is Kafka. Perhaps is more important in terms of security to understand that Kafka is not a Bizantine Fault Tolerance algorithm but there is work in progress to provide a BFT algorithm for Fabric in the future.

The majority attack (usually known as >50% or 51% attack) refer to the idea of one participant (individual or group) owning more than half the power of decision of what will be included in the blockchain next. This is very important to prevent on completely public decentralized networks where you don't have control at all over the participants of the network, and is more relevant to proof-of-work or proof-of-stake consensus algorithms.

Hyperledger Fabric is aimed more for private permissioned networks which means more control over the participants of the network (certain level of centralization). If your company implements an internal network were all the nodes will be part of the same organization then probably a DLT (distributed ledger technology) or blockchain technology is not the best fit. If your organization will be part of a consortium or group where they are part of the network but interact with other organizations or participants the scenario makes much more sense for a blockchain protocol depending on the use case.

Let's say your organization is part of a consortium with other 3, that makes a 4 organizations network, you can configure your Fabric network in a way that any transactions needs the approval of all the participants which makes a 51% attack impossible by design. As it is a private network the consortium controls who can become part of the network and that give more control over possible malicious participants.

Another important point is that a 51% attack is something relevant in decentralized networks with different participants that don't trust each other. In traditional networks where administrators have permissions to do things (read/write/admin) databases a 51% attack is by design is unlikely to be prevented if the participant with admin rights behave maliciously it could do it because it have rights to do it.

Finally to answer your question more directly, yes, Hyperledger Fabric could be prone to a 51% attack but it is very unlikely if the network is correctly setup and the use case makes sense for it to be used.