IOTA (cryptocurrency)

from Wikipedia, the free encyclopedia
IOTA
Iota logo.png
symbol MIOTA
Publishing year 2016
founder David Sønstebø,
Sergey Ivancheglo,
Dominik Schiener,
Serguei Popov
Blockchain No
Mining No
Website www.iota.org

IOTA (derived from the smallest letter in the Greek alphabet Iota ) is a digital payment system - also known as cryptocurrency . The reference software for processing IOTA payments was published as open source . IOTA is geared towards secure communication and payment between two machines as part of the Internet of Things . A design goal is the fast completion of transactions without high computational effort and without cost. At the end of 2017, its market capitalization was around $ 12 billion. At the time, IOTA was one of the ten largest cryptocurrencies .

Unlike Bitcoin , IOTA does not use a blockchain based on a linked list . Instead, transactions are recorded in a directed acyclic graph . This is intended to reduce transaction costs and achieve better scalability than blockchain-based cryptocurrencies. There are no transaction fees for IOTA transactions, only the sender of a transaction has to use computing power. ( Proof of Work ).

In its current form, IOTA is not a decentralized currency, as the security of the system is partly based on a central instance, the so-called coordinator. The coordinator's source code has been published as open source since April 10, 2019 . The aim of the project is to be able to do without the coordinator in the medium term.

The IOTA Foundation has extensive industrial partnerships. Among other things, the foundation is developing a so-called "data market" based on the technology used in IOTA together with the Linux Foundation , Deutsche Telekom , Fujitsu and Samsung .

history

IOTA was founded in 2015 by David Sønstebø, Sergey Ivancheglo, Dominik Schiener and Serguei Popov and is overseen by the IOTA Foundation, a non-profit organization dedicated to developing the technology and keeping it license-free for all developers. The fixed amount of 2,779,530,283,277,761 Iota (2,779,530,283 Miota) has already been created and distributed in an Initial Coin Offering . A few months later, IOTA started open beta testing . During the beta period, trading between beta users began for the next eleven months.

In May 2017, IOTA announced a $ 10 million ecosystem fund to support larger corporate collaborations, community projects, and developer acquisition initiatives. In the following June, IOTA was listed on the Bitfinex trading exchange and started at $ 0.64 per Miota (1 million IOTA). Outlier Ventures, a venture capital firm, invested a seven-digit sum in IOTA - the first direct investment in a distributed ledger technology. The micropayment service SatoshiPay announced a transition from using Bitcoin to using IOTA.

In August 2017, the IOTA Foundation partnered with Refunite (Refugees United), the world's largest database of missing people, to help reunite families during and after conflict. The flash network, which is supposed to enable immediate payments and high transaction numbers between two specified transaction partners, was also presented. In November 2017, Sopra Steria announced a partnership with IOTA to create a framework for optimizing security between devices on the Internet of Things.

On August 7, 2017, the cryptographic hash function Curl was replaced as an in-house development by a variant by Keccak (guy). This was preceded by the publication of extensive vulnerabilities in Curl. This would have made attacks against IOTA possible. Because of these controversies about the hash function Curl, University College London discontinued its cooperation with the IOTA Foundation.

On October 20, 2017, a bug in key generation was fixed, which theoretically allowed IOTA to be stolen from certain accounts without the owner's involvement.

In November 2017, the "IOTA Foundation" was registered as a non-profit foundation under civil law by the Berlin Foundation Supervisory Authority. Shortly afterwards, the "data marketplace" is published online. LATTICE80, a Fintech - Hub in Singapore and the largest of its kind, announced to open an IOTA innovation lab for the Internet of things.

On April 18, 2018, the world's first IOTA charging station for electric cars was installed. Communication during charging and payment takes place via an IOTA-based protocol.

As a result of investigations by the Hessian State Criminal Police Office , a 36-year-old suspect was arrested in Oxford (United Kingdom) on January 23, 2019, supported by Europol . The alleged perpetrator is said to have stolen Iota with an equivalent of 10 million euros. The theft became known in January 2018. It is currently assumed that there are 85 injured people worldwide.

On July 15th, 2020 a bug was published in the hash function Kerl, which makes it possible to easily generate hash collisions. A proof of concept in the form of a pull request on the Github coding platform showed how three different input parameters lead to the same hash.

technology

Example of an IOTA "Tangle"

Tangle

Many other cryptocurrencies, including Bitcoin, use a blockchain based on a simply linked list of blocks that contain multiple transactions. With IOTA, on the other hand, there are no blocks, the individual transactions form the nodes of a directed acyclic graph (DAG), which is colloquially known as a "tangle".

In order for an IOTA user to send a transaction , the user must verify two other transactions. A sent transaction must accumulate a sufficient level of verification and must therefore be validated by other users enough times to be marked as "confirmed" by its recipient. In order to carry out a transaction, the sender must also solve a cryptographic task ( proof of work ), comparable to the tasks of the miners in the Bitcoin protocol.

IOTA uses a central instance, the so-called "coordinator", which represents a basis of trust in the IOTA network. This publishes so-called "milestones" at regular intervals, whereby all transactions up to this milestone are considered verified by the network. This is to prevent attacks against IOTA, such as double spending . The development goal of the project is to manage without a coordinator if the IOTA network is large enough. Compared to other cryptocurrencies such as Bitcoin , IOTA is currently not a purely decentralized system and has a single point of failure as well as a central trust authority. According to the IOTA Foundation itself, it is theoretically able to freeze funds by the coordinator deliberately ignoring certain transactions in milestones.

The figure on the right shows the IOTA Tangle graphically as an example. Each node (box) in the graph (Tangle) represents a sent transaction. The transactions were generated chronologically from left to right in the picture. For each new transaction, two existing transactions are validated in the Tangle. These transactions are selected by the client. A transaction is considered validated as soon as a defined threshold of transactions is reached that depend on it. In the figure, red nodes show transactions that have already been validated but have not yet reached this threshold. Green marked nodes represent transactions that are considered verified by the network. There is still no validation for nodes marked in gray.

The number of new nodes that are created per second in the IOTA Tangle is in principle unlimited. In contrast to blockchain- based cryptocurrencies, there is no inherent upper limit for the transaction throughput. In order to verify transactions, however, the complete tangle including all previous transactions must be kept available, which places considerable demands on the participants' storage capacity.

Addresses

As with Bitcoin , an IOTA address represents a public key . The associated private key is required to transfer IOTA that are stored at an address.

For signature transactions on one is cryptographic hash functions based scheme (that on the Lamport signature based Winternitz one-time signature method ). In contrast to more widespread methods such as RSA or DSA , this should provide security against attacks by quantum computers . Due to the properties of the signature scheme used, the reuse of IOTA addresses after payments have already been sent from them represents a serious security risk and must be avoided by the user.

Ternary system

The content of the IOTA tangle was initially presented in the ternary system , although the dual system is the basis of all modern computers. This was justified by the fact that future hardware in the area of ​​the Internet of Things should be based on ternary logic.

Criticism and weaknesses

Both the IOTA project and the cryptocurrency itself have been and are the subject of extensive criticism.

Vulnerabilities in curl

Until August 2017, IOTA used the cryptographic hash function Curl, an in-house development as part of the IOTA project. As part of their research, employees of the Digital Currency Initiative (DCI) of the Massachusetts Institute of Technology found extensive weaknesses in Curl using differential cryptanalysis and showed that Curl is neither collision-proof nor pseudo-random . Under certain circumstances, these vulnerabilities could have been used to attack the IOTA network and steal IOTA tokens. Other researchers found the report to be credible and correct.

In a reaction, the IOTA Foundation stated that the attacks shown against Curl could not be used against IOTA, since the security of IOTA does not depend on the collision safety of Curl. Nevertheless, Curl has been replaced by a variant of the standardized function Keccak . At the same time, the published vulnerabilities were questioned by IOTA founder Sergey Ivancheglo and he accused the researchers involved of deliberate deception, for which he threatened them with legal action on Twitter. He then contacted the university, where Ethan Heilmann was doing his doctorate, through a lawyer, to report the allegations. Co-founder David Sønstebø specifically accused Ethan Heilmann of having published the vulnerabilities in order to make money. Furthermore, Sergey Ivancheglo stated that the vulnerabilities found were deliberately built in in order to be able to proceed against copies of the IOTA network.

On February 21, 2018, the IOTA- related blog tangleblog.com published the full email communication between MIT researchers and the IOTA developers.

The IOTA developers have been sharply criticized for handling the publications. In response, the Center for Blockchain Technologies (CBT) at University College London discontinued its cooperation with the IOTA Foundation.

Weak points in key generation

In December 2017, a case became known in which IOTA worth around $ 30,000 from a user was stolen. As part of an investigation into the causes, weak points in the key generation of IOTA and the signature process became known, through which a signature is sufficient for a subset of all addresses (around 3%) to calculate the entire private key. Under certain circumstances, these vulnerabilities made it possible to steal IOTA from third-party addresses without any action on the part of the owner as soon as the latter initiates a transaction from them. Due to changes in the current versions of the IOTA software, these vulnerabilities can no longer be exploited.

centralization

By using the "Coordinator", IOTA does not represent a decentralized system in its current form. According to the developer, the Coordinator is an interim solution on the way to a decentralized system. The complete decentralization of the IOTA system is currently in preparation. The "Znet" was launched in March 2019. It is a fork of the already existing IOTA Reference Implementation (IRI), which can be found under the name Coo Less IRI (CLIRI) on the Github coding platform. At the moment, Znet is still a test environment that is to be optimized with the support of the community before the remote coordinator is replaced by more complex validation mechanisms.

Jinn Labs and 65 Tera IOTA donations

IOTA emerged from the company Jinn Labs. Jinn Labs is a ternary processor development company founded by Sergey Ivancheglo and David Sønstebø. In the course of the conversion from Jinn token to IOTA token, so-called "unclaimed token" were created. These IOTA tokens in the amount of 65 Ti (Tera IOTA) were not called up by the investors and declared as donations by the founders. Since the beginning of 2020, the founders of Jinn Labs have been arguing who is personally entitled to these tokens, as David Sønstebø is the only person who has the private key to these addresses.

Web links

Individual evidence

  1. IOTA. Retrieved April 28, 2018 .
  2. a b IOTA Support - what is IOTA?
  3. Patrícia R. Sousa, Luís Antunes, Rolando Martins: The Present and Future of Privacy-Preserving Computation in Fog Computing . In: Amir Rahmani, Pasi Liljeberg, Jürgo-Sören Preden, Axel Jantsch (eds.): Fog Computing in the Internet of Things. Intelligence at the Edge. Springer Science + Business Media , Cham 2017, ISBN 978-3-319-57639-8 , p. 54-55 , doi : 10.1007 / 978-3-319-57639-8_4 .
  4. IOTA (MIOTA) price, charts, market cap, and other metrics - CoinMarketCap . Retrieved December 6, 2017.
  5. a b c Roger Aitken: IOTA's Bitfinex Listing Surges To $ 1.5B Record-Breaking 'Crypto' Capitalization On Market Debut . 2017.
  6. ^ Future of Digital Currency May Not Involve Blockchains . Retrieved December 6, 2017.
  7. a b Dominik Schiener: Current role of the coordinator IOTA Guide. Retrieved April 28, 2018 .
  8. Jakub Cech: Open source coordinator on Mainnet. April 8, 2019, accessed April 12, 2020 .
  9. Jonathan Ponciano: IOTA Foundation Launches Data Marketplace For 'Internet-Of-Things' Industry . Retrieved December 6, 2017.
  10. Blockchain network IOTA teams up with Microsoft, others on data marketplace
  11. No, IOTA has no fixed cooperation with Microsoft. Trending Topics, December 12, 2017, accessed December 13, 2017 .
  12. micropayment Company Ditches "Outdated Bitcoin" For IoT Technology . Retrieved December 6, 2017.
  13. Thomas Bocek, Burkhard Stiller: Smart Contracts - Blockchains in the Wings . In: Claudia Linnhoff-Popien , Ralf Schneider, Michael Zaddach (eds.): Digital Marketplaces Unleashed . Springer Science + Business Media , Berlin / Heidelberg 2017, ISBN 978-3-662-49275-8 , p. 178 , doi : 10.1007 / 978-3-662-49275-8_19 .
  14. David Sønstebø: IOTA Ecosystem Fund ($ 10 million) . May 5, 2017. Retrieved December 6, 2017.
  15. IOTA launch . 2017. Retrieved December 6, 2017.
  16. IOTA's price development
  17. Roger Aitken: IOTA's Bitfinex Listing Surges To $ 1.5B Record-Breaking 'Crypto' Capitalization On Market Debut (en) . In: Forbes . Retrieved August 18, 2017. 
  18. micropayment Company Ditches "Outdated Bitcoin" For IoT Technology . Retrieved December 6, 2017.
  19. IOTA Blockchain to Help Trace Families of Refugees During and After Conflicts . Retrieved December 6, 2017.
  20. IOTA Unveils Flash Network, Allowing for true Nanopayments . August 20, 2017. Retrieved December 6, 2017.
  21. Press release . Retrieved December 6, 2017.
  22. Curl Upgrades & Updates . Retrieved February 9, 2018.
  23. a b Curl disclosure, beyond the headline . Retrieved February 9, 2018.
  24. a b c IOTA Vulnerability Report: Cryptanalysis of the Curl Hash Function Enabling Practical Signature Forgery Attacks on the IOTA Cryptocurrency . Retrieved February 9, 2018.
  25. ^ A b Mix: University College London (UCL) severs ties with IOTA Foundation . In: Hard Fork | The Next Web . April 28, 2018 ( thenextweb.com [accessed April 29, 2018]).
  26. a b Bugfix and make jshint happy iotaledger/iota.lib.js@3e3adf6. Accessed April 29, 2018 .
  27. a b Lekkertech: IOTA Signatures, Private Keys and Address Reuse? - Lekkertech. Accessed April 29, 2018 .
  28. IOTA Data Market . Archived from the original on December 4, 2017. Info: The archive link was automatically inserted and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. Retrieved December 6, 2017. @1@ 2Template: Webachiv / IABot / datum.iota.org
  29. LATTICE80, World's Largest Fintech Hub, Partners with Germany's IOTA on New Innovation Lab - Crowdfund Insider . November 28, 2017. Retrieved December 6, 2017.
  30. https://blog.iota.org/worlds-first-iota-smart-charging-station-52f9024db788
  31. https://www.presseportal.de/blaulicht/pm/43563/4174536
  32. Kerlissions: Trivial Collisions in Iota's Hash Function (Guy) | Hacker News. Retrieved July 15, 2020 .
  33. Add test vectors to demonstrate kerlissions by soatok · Pull Request # 8 · iotaledger / kerl. Retrieved July 15, 2020 .
  34. ^ Iota whitepaper . Retrieved February 7, 2018.
  35. a b Eric Wall: IOTA is centralized. In: Eric Wall. June 14, 2017. Retrieved April 29, 2018 .
  36. ^ IOTA Foundation: Coordinator. Part 1: The Path to Coordicide. November 20, 2018, accessed January 28, 2019 .
  37. IOTA Support - How addresses are used in IOTA. Retrieved April 29, 2018 .
  38. Why does IOTA use a ternary number system? Retrieved April 29, 2018 .
  39. Casey Rodarmor: IOTA: The Brave Little Toaster That Couldn't. Accessed April 29, 2018 .
  40. Jeff Kauflin: IOTA Rose 464% In 2017, But Buyer Beware: Experts Have Major Security Concerns . In: Forbes . ( forbes.com [accessed April 29, 2018]).
  41. a b https://ftalphaville.ft.com/2018/04/25/1524628801000/FUD--inglorious-FUD/. Accessed April 29, 2018 .
  42. Why I find Iota deeply alarming - Hacker Noon . In: Hacker Noon . September 26, 2017 ( hackernoon.com [accessed April 29, 2018]).
  43. ^ Neha Narula: Cryptographic vulnerabilities in IOTA. In: Neha Narula. September 7, 2017. Retrieved April 29, 2018 .
  44. Unrolled thread from @matthew_d_green . ( threadreaderapp.com [accessed April 29, 2018]).
  45. Official IOTA Foundation Response to the Digital Currency Initiative at the MIT Media Lab - Part 1… In: IOTA . January 7, 2018 ( iota.org [accessed April 29, 2018]).
  46. Come-from-Beyond on Twitter . In: Twitter . ( twitter.com [accessed April 29, 2018]).
  47. Come-from-Beyond on Twitter . In: Twitter . ( twitter.com [accessed April 29, 2018]).
  48. Come-from-Beyond on Twitter . In: Twitter . ( twitter.com [accessed April 29, 2018]).
  49. Letter # 83 from emails between IOTA and Digital Currency Initiative . ( tangleblog.com [PDF; accessed June 25, 2018]).
  50. Letter # 76 from emails between IOTA and Digital Currency Initiative . ( tangleblog.com [PDF; accessed June 25, 2018]).
  51. CFB's letters to Neha Narula's team during their analysis of Curl-P hash function. Accessed April 29, 2018 .
  52. Full Emails of Ethan Heilman and the Digital Currency Initiative with the IOTA Team leaked . In: The T ngler . February 24, 2018 ( tangleblog.com [accessed April 29, 2018]).
  53. Matthew Green on Twitter . In: Twitter . ( twitter.com [accessed April 29, 2018]).
  54. Eric Wall: Hello David ,. In: Eric Wall. June 18, 2017. Retrieved April 29, 2018 .
  55. ^ The Transparency Compendium - IOTA . In: IOTA . June 15, 2017 ( iota.org [accessed April 29, 2018]).
  56. Founding history. Retrieved June 12, 2020 .
  57. Hacks and disputes among founders: What's going on at IOTA? In: FinanceFWD. February 20, 2020, accessed June 12, 2020 .
  58. IOTA mud battle, Exit Scam accusation and 7 patents from HPE. February 10, 2020, accessed on June 12, 2020 (German).