IOTA (IOT)

From CryptoWiki

Wants to be for Internet-of-things (IoT) payments. Has a centralized coordinator.

IOTA
Total supply2.779.530.283.277.761 IOTA Max Supply: 2,779,530,283 MIOTA

Basics

  • Founded in: 2015
  • Mainnet release: 7-2016
  • Based in: Germany
  • Aka MIOTA
  • IOTA is a fundamentally different type of crypto than most others. It is built on top of a directed acyclic graph (DAG) that they call a ‘tangle’ as opposed to a blockchain, which allows it to have zero fees and rapid transactions, as well as being easily scalable. It is therefore suited for microtransactions of value or data between internet-connected devices.
  • Platform: IOTA tangle, using a small amount of PoW with each transaction.
  • Current issues:

Since the technology is so new and different, IOTA needs to prove that their technology can perform the way they claim, as well as being resistant to hacks and bad actors.

There are also a few question marks around the team, with some in the community being concerned by the direction the team is taking.

History

Audits & Exploits

Bugs/Exploits

15 hour bug downtime and coordinator issues

"Users first reported the problem on Sunday, which took IOTA's engineering team some 15 hours to fix. IOTA founder David Sønstebø said the bug was "minor" and "it's really no different from periods where the network has been spammed and thus real tx [[[transactions]]] slowed down significantly".

IOTA's co-founder Dominik Schiener said in an email the issue originated with the "current primary mainnet node software" and had nothing to do with the Coordinator, a special node that's operated by the Foundation, which is responsible for the final confirmation of transactions on IOTA's decentralized network, known as the Tangle. The team has already started to replace it with a new lightweight node, known as Hornet, and said it plans to remove the Coordinator once engineers have fully tested and resolved any possible network problems with an event known as the "Coordicide."

Following reports on the bug in the network on Sunday, Sønstebø defended the current set-up, arguing this was "precisely why Coordicide takes time, one can't execute it until all possible kinks have been ironed out."

Nonetheless, critics have already argued the centralized nature of Tangle curtails performance and makes it vulnerable.

In 2018, blockchain researcher Joseph Rebstock told The Next Web the Coordinator automatically approves the same hash, meaning hackers could steal cryptocurrency from users who reused wallet addresses by repeating transaction data. Sønstebø later denied this was a vulnerability."

Mainnet Completely down

"On February 13, the IOTA network came to a screeching halt and the IOTA Foundation reports that $1.6 million worth of the native currency was stolen. The following day, the IOTA network status page still shows the mainnet is “not operational” and the development team has found an “exploit related to the Trinity Wallet.”

The official IOTA Twitter account stated:

"Currently, IOTA is working with law enforcement and cybersecurity experts to investigate a coordinated attack, resulting in stolen funds. To protect users, we have paused the coordinator and advise users not to open Trinity until further notice.""

"The IOTA coordinator node responsible for confirming all transactions has been offline for more than 12 days. IOTA’s Schiener said the vulnerability, which led to stolen funds from 50 IOTA holders, came from a botched integration job with the fiat-to-crypto broker MoonPay. “It was not absolutely secure, in terms of the infrastructure that we’d done,” he admitted.

"We are delighted to announce that the Coordinator has been resumed."

Governance

  • Has the IOTA Foundation and a centralised 'coordinator' node. Still active as of 23-11-2022.

Foundation Infighting

  • "A leaked conversation has revealed (11-8-2018) a serious fallout among the founding members of IOTA. Centered around the appointment of two IOTA founders to the board of directors, the controversial transcript opens with co-founder Sergey Ivancheglo, a.k.a. “Come-From-Beyond,” providing a “vote of no confidence” in co-founder Dominik Schiener, the only delegate with the power to appoint new members. While Ivancheglo did not spell out his reasons for distrusting Schiener, the transcript revealed a political stalemate between a number of founders, who discuss the “long overdue” election of Ivancheglo and Serguei Popov, another founder, to the board." Update (3-2-2020)": Still hasn't been resolved.
  • From CoinDesk (25-2-2020): "The hack and shutdown of 2-2020 came just days after another IOTA Foundation scandal, when co-founder Sergey Ivancheglo left the foundation and demanded 25 million IOTA tokens as his share of the project (worth roughly $6.3 million). Sonstebo said the team has matured since they feuded with academics in the past, but Schiener’s blog post about the split used troubling language."

Token

Launch

Token allocation

Utility

Token Details

Stablecoin

Tech

  • Whitepaper can be found [insert here].
  • Code can be viewed [insert here].
  • Consensus mechanism:
  • Algorithm:
  • Virtual Machine: building an IOTA EVM (26-1-2024).
  • Development language used:

Transaction Details

How it works

  • DAG and therefore (supposedly) scalable, branch-able for small devices needed in the IoT.
  • IOTA is different among the cryptos as it doesn’t use blockchain technology but a “Tangle Network” (Just like Byteball) which allows instant, free transactions with the intention of creating a “Machine Economy”. With the rise of the Internet of Things different machines will be able to communicate and pay each other for products or services that can supplement each other. In line with this IOTA is developing its own hardware and a terniary CPU especially for this. However, there are still many questions about the security of the network.
  • Theoretical confirmation-time: Quasi-infinitesimal. More nodes: faster network.
  • Currently, a large number of blockchains are set up in such a way, it necessitates the entity of miners. Miners must continuously mine to open new blocks to minimize congestion and to minimize fees which ensures one’s place in the block to get their transaction confirmed. Network congestion and network fees are positively correlated, (the higher the congestion, the higher the fees). So, an inherent problem of blockchain is scalability, if the miners don’t mine quickly, the congestion (unconfirmed transactions) build up, the network becomes slower and fees become higher.
  • The tangle attempts to solve this problem by eliminating blocks. No blocks means no need for miners, so it eliminates the blockchain problem of scalability from the start. Tangle makes it to where the next transaction will confirm the two prior transactions, the higher the transactions, the the higher the possibility of your transaction becoming confirmed, rapidly, leading to minimal or no fees.
  • If there is not a directed edge between transaction A and transaction B, but there is a directed path of length at least two from A to B, we say that A indirectly approves B.
  • In order to issue a transaction, a node does the following:
  1. The node chooses two other transactions to approve according to an algorithm. In general, these two transactions may coincide.
  2. The node checks if the two transactions are not conflicting, and does not approve conflicting transactions.
  3. For a node to issue a valid transaction, the node must solve a cryptographic puzzle similar to those in the Bitcoin blockchain. This is achieved by finding a nonce such that the hash of that nonce concatenated with some data from the approved transaction has a particular form.
  • In general, nodes do not necessarily see the same set of transactions. It should also be noted that the tangle may contain conflicting transactions. The nodes do not have to achieve consensus on which valid transactions have the right to be in the ledger, meaning all of them can be in the tangle. However, in the case where there are conflicting transactions, the nodes need to decide which transactions will become orphaned.
  • The topic of economic clustering has been introduced in IOTA, which means that it is not the case that all nodes need to process all transactions anymore.

Fees

Upgrades

"IOTA’s network upgrade Chrysalis is now live (19-8-2020), bringing an exponential increase (50x) in speed. The upgrade is designed to be an intermediate stage before the removal of the Coordinator from the IOTA network. The Coordinator is a centralized server managed by IOTA developers that creates checkpoints in its transaction history."

"The IOTA foundation has unveiled new node software, called Hornet, and started making the network more decentralized."

This upgrade has not taken away the coordinator yet (still not as of 23-11-2022).

Mining

Different Implementations

Interoperability

Other Details

  • Claimes to be already quantum secure because hash-based Winternitz signatures.

Oracle Method

"According to a blog, the IOTA Oracle service offers a standardized way to bring off-chain data feeds from a web API to the Tangle. IOTA said that first-party oracles would help check data issuers’ authenticity, such as IoT sensors, and prevent manipulation.

First-party oracles do not rely on external third-party data sources but allow organizations to submit data to a ledger directly. In the IOTA case, the oracle feeds would be verified by nodes on the Tangle network, making the authenticity of data feeds somewhat centralized."

Their Other Projects

Launched an Ethereum L2 which went live on 6-6-2024.

Roadmap

  • Can be found [Insert link here].
  • Has three stages in mind.
  1. IRI Beta version with 1500 nodes, which is IOTA 1.0 Mainnet. Live now (5-2020). The reference implementation. The node software written in Java by the IOTA foundation.
  2. Hornet, a complete protocol upgrade with tokenized assets and projected 10K nodes. IOTA 1.5 Chrysalis. 2020 Q3. Node software written by community developers in Go. Supported by the IF. Meant to completely replace IRI.
  3. Bee, Production ready / smart contracts / fully decentralized and projected 100K nodes. IOTA 2.0 Coordicid. 2021 Q1. Framework for IOTA nodes, clients and applications in Rust.

Usage

"Unlike the Ethereum Foundation, so far there aren’t any clients using the IOTA protocol beyond research and pilots, which sometimes include patents. As such, the nonprofit’s priority this year is finding a partner for live products."

Projects that use or built on it

Competition

Compared to Byteball

“IOTA is still far away from “mass-adoption”, but also years ahead of Byteball. Months of negotiation and clever strategic management of the IOTA-CORE, especially David Sønstebø’s efforts and Dominik Schiener’s participations in meaningful IoT-conferences, lead to tons of collaborations and partnerings between IOTA and real companies.”

“The recently added foundation-members are the first glance at IOTA’s future, which is not stuck in Cryptoland, but located in real global businesses. This is maybe the biggest winning margin IOTA has over Byteball at this moment, for speculators and developers. the difference that Iota is specialized for machine-to-machine use, while Byteball is specialized for human-to-human applications”

Pros and Cons

Pros

  • Instant, free transactions.
  • Since every user needs to be a node, the node count will be high.
  • No miners so technically should be faster in verification than PoW.
  • If the market takes off it will have positioned itself perfectly
  • Very large potential market.
  • Several strong (but maybe fake?) partnerships.

Cons

  • The creators have implemented a “training stage” until the network is large enough that security is not such a concern. So not decentralized at the moment. As of 7-2019 still uses a coordinator. Still active as of 23-11-2022. This (14-2-2020) Twitter thread goes into all the Coordinator issues and changes.
  • Could be susceptible to 51% attacks (Some argue even 33% attacks)
  • Requires specialised hardware which may delay its intended use
  • The market it’s aiming for doesn’t exist yet
  • the nodes have nothing at stake for attempting to attack the network which is coia red flag for security.
  • Created their own Hash Function, not battle tested. They rolled their own custom hash function called Curl. Lo and behold, an MIT team led by Neha Nerula demonstrated significant vulnerabilities in Curl. They found that Curl produced hash collisions in a predictable way (different inputs hash to the same output) and the team was able to “find collisions using commodity hardware within just a few minutes, and forge signatures on IOTA payments”. The MIT team reported this to IOTA’s team and the bug was swiftly patched.”  
  • From CoinDesk (25-2-2020): "By 2019, members of the IOTA community earned a reputation for routinely harassing women security experts, like Open Privacy founder Sarah Jamie Lewis, who found flaws in IOTA research." 
  • This hash function is closed source, due to “copy right” so they are not working for the community but for profit. (Sergey Ivancheglo, Iota’s cofounder, claims that the flaws in the Curl hash function were in fact deliberate; that they were inserted as ‘copy protection)
  • "It was found that despite the theoretical scalability of the Tangle, the actual IOTA protocol has relatively high energy consumption. The Proof-of-Work and transaction signing operations are computationally complex relative to the limited capabilities of many IoT devices and and may be impractical on energy-limited / battery-powered devices."
  • Had a hack and due to the hack, the Foundation paused financial transactions on the network for almost a month.
  • Leadership infighting (3-2-2020).

"To capitalize on the expanding opportunities, IOTA has to provide practical working solutions to enterprises and organizations. Previously, this was a problem, given the team’s focus on fringe innovations like ternary logic, which, to this day, isn’t fully embraced by hardware producers."

Andreas Brekken Critique

  • Andreas criticised IOTA back in 2018 for the same things IOTA later on got troubles with in early 2020;

"“Today,” Brekken began back in early February of 2018, “I’m reviewing IOTA, a token that uses a tangle instead of a blockchain. IOTA is supposed to be used on small devices in the Internet of Things. I’ll show you how to buy, store, send, and sell. TL;DR: IOTA cannot be used for Internet-of-Things devices. Or anything.

“IOTA is the worst cryptocurrency I’ve reviewed so far,” Brekken finally insists. “Installing the IOTA wallet was a pain. Receiving and sending IOTA tokens is technically challenging and time consuming. Address reuse can lead to loss of funds. There is no functional IOTA mobile wallet. There is no IOTA hardware wallet support.” Beyond loss of funds, he also cuts at the heart of its value proposition, noting it cannot even be used for the “internet of things.” In classic Brekkenian philosophy, he cheers, “IOTA is a shitcoin. I don’t recommend buying or holding it. I’m even going to short it. However, if you choose to go against my recommendation, trade on Binance with my referral link. At least then your misery helps me.”"

Team, Funding, Partnerships, etc.

Team

"With Sønstebø’s exit, the original Iota founding team is down to just two members. Sergey Ivancheglo, who worked with the team in 2015, also departed last year in a controversial move and even called for Sønstebø’s resignation at the time."

  • Cohen, David A.; former member of IOTA foundation, now at Hashgraph
  • IOTA Foundation, from CoinDesk (25-2-2020): "The foundation’s staff of 120 people are paid through a combination of community donations and corporate consulting gigs."
  • Centrality claims their team members come from (10-4-2020) all kinds of big organisations, one of which is Alibaba.

Funding

"IOTA is at risk of running out of cash, which is exacerbated by tensions between co-founders and lack of commercial use cases of Tangle, the protocol’s consensus mechanism. For now, the Foundation has slightly over 59.6 Trillion MIOTA (Ti) tokens valued at $23.8 million at current prices. Over the past year, the project’s average monthly burn rate was 4.6 Ti. At such a rate, IOTA Foundation has until August 2021 before it runs out of its crypto holdings. There is an Ecosystem Development Fund, and some cash might still be left from the initial €1 million ($1.17M) endowment from the co-founders. Considering how much the team spends, however, these sources aren’t enough to alleviate the risk. One of IOTA’s co-founders, Sergey Popov, told Crypto Briefing that the project also gets funding from some companies and government agencies. Although Popov couldn’t share the exact percentage share of grants versus token liquidations, he stated that the inflows from partners are substantial."

Partners