I see a LOT of talk about the horrors of a 51% attack and very little understanding of what that entails..

This is my understanding of a 51% attack based largely on Satoshi's original white paper. PLEASE do not hesitate to correct me on any of these points.

The Anatomy of a 51% Attack

Prerequisites:

1. A 'Bad Actor' gathers enough hash rate to outpace the rest of the network's block creation for at LEAST 6 blocks (Approx 60 or 120 minutes based on 2 scenarios below)
 Scenario a) Bad Actor participates in the network prior to their attack and gradually builds hash rate until it accounts for ~51% of the network's hash rate (luck plays a role beyond sheer % hash)
 Scenario b) Bad Actor wishes to go completely undetected and does not participate in the network prior to the attack, in which case he needs %101 of the network's hash (enough hash power to outpace the entire network)

2. Bad Actor has Bitcoin. Probably a lot of it.

Motive

The most likely reason for a 51% attack is to renege your Bitcoin transactions; you can't really steal bitcoin from other people's wallets, but you can send someone Bitcoin in exchange for something else of value then make that transaction disappear.

Another reason for a 51% could be to block transactions -- you could effectively control who is able to send bitcoin by only encoding your desired transactions in the blocks that you solve during your attack, though odds are that the transactions will make it into the blockchain later.

The Attack

If the bad actor is participating in the network prior to the attack (Scenario A above), they would have to pull all of their resources 'offline', effectively disconnecting from the public Bitcoin network and continuing to mine bitcoin in a closed network, creating an intentional 'fork' in the blockchain that would have to outpace the public blockchain. It's notable that this would result in a ~50% reduction in the public network's hash rate, which would be quite notifiable and would double the time to solve blocks (up to about 20 minutes).. 6 Confirmations would now take 2 hours.

The Bad Actor then submits transactions through the public Blockchain, for which they receive compensation; likely something non-physical and of immense value so as to make this a worthwhile endeavor AND to remain anonymous once the attack has been discovered (it may be possible for them to actually get bitcoin in return and retain it; I'm unclear on this) - this would notably require a significant amount of Bitcoin to begin with. On their private version of the blockchain, they move the SAME Bitcoin that was used to purchase their bounty on the public network into another wallet, likely one they own.

Once they have received their compensation purchases (likely after a number of confirmations on the public network) they open their private version of the blockchain up to the public network and the two different accounts of the Blockchain merge. Assuming they've managed to keep ahead of the public network in block generation, the Public network's Blochchain is nullified and the Bad Actor's version of the Blockchain overwrites it on the public network.. We now have a conflict: the bad actor's Bitcoin was spent differently on the two Blockchains, and as the bad actor's version now overwrites the public network's version of things, he not only keeps whatever he purchased, but he also keeps his Bitcoin (which will likely devalue now that a 51% attack has occurred) safely tucked away in another of his wallets.

Conclusion

At the end of the day, it's simply very challenging to imagine just how anyone could make this a profitable endeavor. Even if you don't have to purchase and operate millions of dollars worth of mining equipment (i.e. you manage a pool and create your alternate blockchain using other miners' hash power), you'd still be hard pressed to assure your safety and anonymity and turn much of a profit.. The presumption is that you begin the attack with significant Bitcoin holdings (which you would retain) and your own actions would serve to devalue this investment. In terms of rewards, there are only so many things of great value that one can purchase anonymously, and a cryptocurrency would probably be one of the most likely candidates, though you would still devalue the markets such that getting a return on this kind of scheme probably wouldn't pan out.

At the end of the day, the people most likely to perform such an attack would effectively be people with a vested interest in severely damaging or destroying the cryptocurrency landscape; people who were not looking to turn a profit and likely are willing to take a substantial loss in order to cause such damage.

Anyhow, I need to go to sleep, but this has been irking me and I wanted to hammer it out.. Would love to see some thought provoking discussion on this!

Cheers
Zachamo