paint-brush
IOTA vs NANO (RaiBlocks)by@peterryszkiewicz
74,899 reads
74,899 reads

IOTA vs NANO (RaiBlocks)

by Peter RyszkiewiczDecember 13th, 2017
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

<em>Update Feb 2, 2018: This article was written before </em><a href="https://hackernoon.com/nano-rebrand-announcement-9101528a7b76" target="_blank"><em>RaiBlocks rebranded to NANO</em></a><em>. I am leaving occurrences of RaiBlocks for historical purposes. Wherever you see RaiBlocks, you can substitute the word </em><a href="https://nano.org/" target="_blank"><em>NANO</em></a><em>.</em>

People Mentioned

Mention Thumbnail

Companies Mentioned

Mention Thumbnail
Mention Thumbnail

Coins Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - IOTA vs NANO (RaiBlocks)
Peter Ryszkiewicz HackerNoon profile picture

Update Feb 2, 2018: This article was written before RaiBlocks rebranded to NANO. I am leaving occurrences of RaiBlocks for historical purposes. Wherever you see RaiBlocks, you can substitute the word NANO.

There is a new generation of cryptocurrencies gaining popularity; namely that of fast, feeless, minerless cryptocurrencies (I’ll use FFM for fast, feeless, and minerless from now on). At the moment, there are only a few to name, and IOTA and RaiBlocks are two of the most prominent ones at the moment. They differ quite vastly in how they implement FFM. This means they have different characteristics in how they perform, their complexity, and their robustness. I’ll go over these in the following sections.

In general, I think these inventions are fantastic and we need more competition and research in the area of FFM cryptos. A few competitors and copycats are already starting to pop up, for example Radix, which sounds interesting, but is still under development. It’s hard to say whether there will be “one to rule them all” because these different cryptos perform differently and specialize in different use cases.

The Problem with Mining

Mining has gotten a lot of flak recently as people have performed calculations on how it will affect energy demand and global warming. Here is an interesting rebuttal by Andreas M. Antonopoulos, on YouTube. He makes many good points, but he does not fully convince me.

When there is an incentive to spend incredible amounts of energy to send transactions (especially microtransactions), you have an inefficient, unsustainable system that is difficult to fix. (Transaction fees for Bitcoin today are on the order of $30.) Miners who already exist don’t want their expensive AntMiners, GPUs, and CPUs to go to waste. So there will be push-back from these investors from deploying things like Ethereum’s Proof of Stake model. That being said, I do think their Proof of Stake is a step in the right direction. It’ll just be very challenging to get those miners to convert, killing their original business model and investments.

There are “layer 2" approaches to battle this inefficiency, with things like the Lightning Network for Bitcoin and the Raiden Network for Ethereum. Even IOTA has its own second layer called Flash Channels, because fast just isn’t fast enough. But there are still a few problems with these. The simplest rebuttal is that you will need someone to host, maintain, and facilitate this second layer, which introduces fees. In theory, this fee is smaller than the normal transactional fee at layer 1. But it is a fee nonetheless, which kinda puts us back into VISA-land. Another issue is that it erodes the decentralized operation of these coins. When you have large corporations with their own Lightning/Raiden/Flash channel, there is now a point of failure in terms of corruption, hacking, and simple mismanagement. I think it will take a lot of effort, not only to fully implement these systems, but to make them robust, secure, and maintainable.

Another issue is that mining seems to be causing a centralization of hash-power. For some reason, we are not seeing as much competition in this space as one would hope. Basically, China produces a good majority of the Bitcoin mining power in the world, which could eventually lead to issues with double spend attacks on the coin if these companies were to collude. I don’t want to bash China, but they also don’t have a good track record with the government routinely delving into commercial and personal affairs, especially in the cryptocurrency realm, threatening the banning of ICO’s and crypto exchanges.

How Do These Cryptos Work?

In order to send transactions over the IOTA network, you, the client, must perform minimally heavy computations on two previous transactions in the network. These computations take, on the order of, a few seconds to a few minutes, depending on the power of your GPU (the proof of work algorithm in IOTA is GPU optimized) and your luck. Once you successfully perform the proof of work required, your bundle of data gets broadcasted over the IOTA network, where it sits waiting to be confirmed by future transactions. This is a pay-it-forward kind of system. Once your transaction gets enough confirmations from other peoples’ transactions, your transaction will be deemed fully confirmed.

In theory, the more transactions that occur over the network, the faster your transactions get confirmed. In the earlier days of IOTA, this would only take a few minutes, if that. Right now, there are congestion issues which is causing delays in confirmation rates and times. This seems contradictory, given the “infinite scalability” being marketed about IOTA. But, in my opinion as a developer and node operator, and looking at the node code itself, there are lots of optimizations that can be done to speed this process up. I have experienced many CPU spikes and memory leaks while operating my nodes (and I’ve posted some of them in their GitHub Issues), but I am confident that these are only technical issues which can be fixed with a few hundred engineering hours. (Update, Dec 23, 2017, the IOTA network and congestion issues have improved since recent updates to the node and wallet)

One huge area of improvement will be in porting the node code from Java to Rust (performance stats) or another high level, high performing, portable programming language. Java is very easy to learn and has many nice features as a high level, object oriented programming language. But it must be run through the JVM (a virtual machine that allows for the code to be executed on just about any computer on the planet) which comes at the cost of performance.

RaiBlocks operates on a crypto architecture they call “block lattice”. They provide a nice wiki page where they describe how this works. The gist of it is that RaiBlocks isn’t just one long blockchain, like Bitcoin or Ethereum; it is a database of blockchains where each user (or address) gets their own blockchain that only they can add onto. Users send funds by creating two blocks: one send block on their personal blockchain and one receive block on the recipient’s blockchain. Users receive funds by “pocketing” any outstanding receive blocks into their personal blockchain. Users do not have to be online to receive funds (this is a common question concerning RaiBlocks’ novel “pocketing” system). Whenever the user decides to access their funds, the wallet itself will automatically “pocket” any outstanding funds. Pocketing funds essentially means signing the receive block with your private key, so that it can be added to your personal blockchain.

Consensus Algorithm

In IOTA, transactions get attached to the “tangle”, which is a directed-acyclic-graph (DAG) data structure. (Git works using this same data structure!) As more transactions get added to the tangle, a “weight” is added to attached ancestor transactions. When a transaction has enough weight, the transaction will exhibit a “confirmed” status. In principle, this confirmation could be as quick as seconds when there is a sufficient flow of transactions across the network.

In RaiBlocks, there is a different confirmation system based on “representatives”. In general, all that is needed is your cryptographic signature on your “send” and “receive” blocks. When the node syncs, it runs through the ledger to ensure that the signatures are authentic.

In order to prevent double-spend attacks, RaiBlocks has a “representative system”. A representative in the system is basically an address with a lot of money. The representative acts as the arbiter of which double spent block to go through and propagate through the system. I’ll elaborate a little more on potential attack vectors here, later in the article.

Incentive for Running Full Nodes

A common question that gets asked about these FFM cryptos is: “Who is going to pay for running the full nodes?” It’s a very good question. In most other cryptos, like Bitcoin and Ethereum, there is an incentive for the miners to run full nodes because they can collect lucrative mining fees by doing so. But there are no miners in IOTA or RaiBlocks.

There are a number of answers to this question, and there are slightly different answers depending on if you are running an IOTA node vs a RaiBlocks node vs other cryptos.

For those that are new to cryptocurrencies, a node is basically a computer that facilitates transactions across the global network. Nodes may be added or removed at any time by anyone on the internet and the cryptocurrency, as a whole, will continue to function. Cryptos tend to need a minimum number of nodes to prevent attacks on the network, but that’s another topic.

Let’s do a few calculations and see if these networks can sustain themselves

Every exchange needs to host their own nodes as a point of withdrawals and deposits. Let’s assume every exchange needs 5 nodes on average for load balancing purposes and upgrades. (They will need more or less than that, depending on traffic, but 5 is a nice little conservative estimate.) Now let’s figure that once these coins become popular, they will be available on roughly 100 exchanges around the world. Again, a conservative estimate, as there are hundreds of popular exchanges around the world, with new ones popping up all the time. This gives us 500 nodes, once IOTA and RaiBlocks are widely adopted in the exchange industry.

There is also a commercial need to run nodes. Businesses small and large are joining the cryptocurrency space (as am I, with my company P Rizz Ventures LLC), and we need to host nodes to provide for our services. Let’s suppose there are thrice as many online stores, marketplaces, and services than exchanges. I think this is pretty conservative, given that there are way more online stores than there are online exchanges on the internet. Let’s assume they will need an average of only three nodes each, since they will probably have less traffic than a highly popular exchange. This gives us a total of 900 nodes in the commercial space.

We will also have many smart devices in our future. Forbes references a paper that predicts 75 billion IoT devices by 2025. Let’s say that just 0.001% of these devices will need to run full nodes in order to achieve a high quality of service. That right there is 750 thousand full nodes running on the network.

So with all these industries combined, there will surely be a strong baseline of nodes at any given time. I predict IOTA and RaiBlocks will gradually and naturally ramp up their node numbers over the coming years, as they gain more and more popularity.

Suitability for Developers

IOTA provides official Javascript, Python, C#, Java, and Golang libraries for working with the network. They also provide their Proof of Work library, which they call curl, or kerl now, which is available as a C library and for use in web browsers with WebGL2. They provide versions of their node implementation called IOTA Reference Implementation, or IRI, in Java with plans of porting it over to C++, Rust, and Golang. In my opinion, I hesitate for them implementing it in C++ for a host of reasons, with the main one being a higher potential for bugs and vulnerabilities. C++ has a place for high performing applications and OS kernels, but I don’t think it’s a good decision here. We can debate it, but that’s another story.

API support for RaiBlocks is quite good, as well. They have RPC libraries, for interacting with nodes in Javascript, Python, PHP, and Elixir. I can’t quite tell whether these are official libraries vetted by the RaiBlocks organization or not. (If someone from the RaiBlocks team can clarify, that would be great!) Either way, they are all endorsed and posted on their devtools website. There is also a library for performing Proof of Work in the web browser, written in WebAssembly. They also have a few more tools for interacting with the protocol and a package for Fedora.

Overall, both projects have a decent level of support for developers to start building with and integrating these cryptos into their own projects and businesses.

Suitability for IOT

Both cryptos provide a great use case for microtransactions in the Internet of Things space. We will definitely need to utilize FFM cryptos if we want our machines to quickly and autonomously interact with currency. Let’s look at both from a few different angles.

Data Streams

Transactions in IOTA allow for roughly 1 kilobyte of arbitrary data to be attached. 1 kilobyte doesn’t sound like a lot, but it opens up a realm of possibilities for the transfer of data on the tangle. (This is how my IOTA-based chatroom app, Chatangle, works.) IOTA’s data marketplace will also make great use of this data attachment to facilitate the transfer of data between devices and the marketplace itself. This is a great feature to have on layer 1.

RaiBlocks does not have a built in mechanism for data transfer on layer 1. I had an interesting conversation with a fellow redditor about this topic and he brought up the idea of steganography, that you could encode data inside the value transaction itself, since RaiBlocks uses 128 bits per transaction. In principle, you could use the bottom 64 or 32 bits to create and extract small messages. Beyond that, RaiBlocks could implement a layer 2 approach pretty simply: if one can already communicate with other IoT devices, one could just utilize that channel for the data layer. Therefore, this is not a major obstacle for RaiBlocks, in my mind.

Off-chain Transactions

IOTA has a unique feature in that it is possible to create transactions off-chain and attach them to the tangle at a later date. IoT devices may be able to interact with each other while offline and then propagate their transactions once they reconnect to the network. But this begs the question of whether the receiving party will “believe” the transaction and that it is not a double spend, before actually being confirmed by the whole network. As long as the devices can have reasonable trust in each other, this becomes a moot point. Nevertheless, this is a theoretical counter-argument for the benefit of these off-chain transactions.

With RaiBlocks, off-chain transactions are not possible. The sending party must be online and connected to the network to facilitate a transaction. Again, I don’t think this is a big issue, as there would still be that trust issue if it did have this feature. Beyond that, most smart devices and smart consumer electronics have internet access these days.

Long-term Adoption

One issue that we will run into is that when there are enough users and clients of a cryptocurrency, we have to start asking ourselves, are there enough to go around? On top of that, when we are dealing with IoT where machines will send tiny amounts of a currency to each other, we need to make sure that these tiny amounts don’t grow too expensive in the long run.

Both IOTA and RaiBlocks are effectively “pre-mined”, meaning that their ledgers started out with a certain amount of cryptocurrency that can never change. Over time, these tokens have been bought, sold, and moved around with ICOs and Faucets, increasing the general users’ attainment of these cryptos.

The max supply of IOTA is 2,779,530,283,277,761 IOTAs (or roughly 2.8 quadrillion IOTAs). (For comparison, Bitcoin will reach a max of roughly 2.1 quadrillion satoshis.)

The max supply of RaiBlocks is on the order of 2¹²⁸ ~ 340e36, or 340 undecillion. The reason for this high ceiling is that they utilize a 128 bit integer to represent balances. (Later, I will argue why this is a good thing.) Their actual max supply is about 133,248,290 MXRB, where 1 MXRB represents 10³⁰ (or 1 nonillion) raw RaiBlock units. The max supply can be denoted as roughly 133e36, or 133 undecillion raw RaiBlocks. Their wiki also denotes a few helper units based on the SI system to help with using some of these high numbers. Here is the max supply in raw units, just for fun: 133,248,290,000,000,000,000,000,000,000,000,000,000. That’s 39 digits! For comparison, this means there are about 48 sextillion raw RaiBlocks for each and every IOTA that could ever exist. That’s quite the ratio!

Let’s picture a scenario where we reach 75 billion IoT devices by 2025. Let’s forget, to keep things simple, that there will be billions of people owning cryptocurrencies by 2025. Therefore, let’s also assume that these IoT devices own all the crypto (Skynet!?). Now, let’s make a few calculations. The average amount of crypto that will be shared among these future 75 billion devices will be on the order of 37 thousand IOTA (or 37 kIOTA) or 1.78 octillion raw RaiBlocks (or 1.78 kXRB). From this, we can see that there will be much more flexibility in the transactional sense for RaiBlocks than for IOTA. This leads me to think that RaiBlocks could very well dominate the IoT space in the coming years, unless IOTA upgrades their protocol to either increase the max supply or allow for divisible IOTAs.

Scalability

There are a few different metrics we can look at in terms of scalability.

Speed of Transactions

In IOTA, as more transactions get sent through the network, confirmation times decrease, in theory. We’ve seen issues in recent weeks causing delays in peoples’ transactions being confirmed, sometimes taking days. But as I explained earlier, I think these are technical issues. Once the node performance and spam issues are mitigated, we should see a bounce back to better confirmation rates and times.

In RaiBlocks, you, as the user, performs the confirmation by signing your transaction. This process takes a trivially small amount of time. In general, your transaction is fully confirmed and processed in a matter of seconds. The bulk of the time is spent on performing proof of work, which is necessary to mitigate unchecked spam attacks.

Ledger Size

IOTA has a mechanism to trim ledger size in a process called snapshotting. Until now, we have had a number of snapshots which were manually executed by the IOTA team. (Max ledger size I’ve experienced is on the order of ~5–10 GB per month of transactions) After a snapshot, the size of the ledger becomes reduced to the non-zero addresses in existence and the balance of each of those addresses. From then on, the tangle works like normal again. There are a few issues with this scheme, at the moment. One issue is that one needs to manually “attach” their addresses to the tangle again to see their balance in their wallet properly. (This has probably given many people mini-heart attacks as they open their wallet to see a balance of ZERO) The new UCL wallet will automate this process. I believe we can expect them to release an alpha this month or next. Another issue is that the node operators must manually go into their servers, and wipe the old database storing the transactions. I believe this is just a technical issue that will be solved though. There are plans to fully automate these snapshots on their roadmap.

In RaiBlocks, the current full ledger size is on the order of 3 GB. Not bad for two years worth of transactions. Granted, RaiBlocks isn’t nearly as popular as IOTA yet, so we have yet to see how it will perform under extreme loads. Over time, size will definitely become an issue. There are plans of pruning the database, as all that is needed for consistency is the total balance in each of the block lattice’s blockchains. This pruning is on their roadmap.

Decentralization

IOTA has been getting flak about how its protocol is not yet fully decentralized. I tend to agree with the sentiment, but I am confident that they are also working as quickly as possible to attain full decentralization without their coordinator. (I elaborate on the coordinator in the Attack Potential section below) We are still waiting on an analysis or an estimate as to when this will be achieved. I would hazard a guess that the coordinator will be removed some time in 2018.

Another issue is that of peering. Until recently, node operators have had to manually reach out to other operators and add each others’ IP addresses and ports to their IRI configuration. But, I am happy to say, that there has been a recent development, called Nelson, which effectively solves this problem, and allows for full auto-peering on the network. Right now, this is a wrapper on the IOTA node, but I expect them to eventually implement a fully baked in solution in the node itself.

RaiBlocks has no central authorities managing transactions on the network and has had auto-peering since its release around September 2015. Therefore, we can deem it as being decentralized. The only area where I see a slight issue is in that of their representative system. This is a potential attack vector, whereby a malicious entity may buy up millions of dollars worth of XRB and carry out a voting attack. This scenario is outlined on their Attacks wiki. Granted, it is “low” risk as the malicious party would have to effectively forfeit large sums of money to carry out this attack, on the order of hundreds of millions of dollars or ~50% of the market cap, as of this writing.

Exchanges (How to Buy?)

IOTA is available on a number of major exchanges, including Bitfinex and Binance, with plans of being added to more exchanges in the near future. You can find their most active markets here.

RaiBlocks, by contrast, is not on any major exchanges yet. Its volume is on the order of ~$5-$10 million, compared to IOTA’s ~$500 million. Their main exchanges, BitGrail and Mercatox, have recently been hit with performance issues, due to increased traffic, and rumors of DOS attacks. It is, unfortunately, quite difficult to obtain RaiBlocks at the moment, given these unstable exchanges and lack of supply. You can keep track of their exchanges here.

Update, Feb 23, 2018: NANO, formerly RaiBlocks, is now available on a number of popular and more reliable exchanges such as Binance and Kucoin. I have to advise against using BitGrail as they have been involved in a recent hack and are now insolvent.

Roadmaps

Both IOTA and RaiBlocks are currently under heavy development. At the moment, the IOTA team has a larger size than the RaiBlocks team, at roughly 30 developers compared to RaiBlocks’ 5 developers. IOTA also has fostered a large number of corporate partners that will help develop their ecosystem, including Volkswagen and Bosch.

As for published roadmaps, here is a blog post from IOTA and here is a wiki page and an infographic for RaiBlocks.

Both tokens have good roadmaps, but IOTA’s is more interesting in that they are trying to implement private transactions, smart contracts, a data marketplace, and more, on top of IOTA!

RaiBlocks goes by the mantra, “Do one thing, and do it well.” Because of their focus on making the best FFM token, it would be difficult for them to extend this token to be private, have smart contracts, etc. (Maybe someone could make a decent fork with these features and become uber-rich???) Edit: Caution: there are some dubious projects that claim to be trying to implement this currently. Be wary of these projects; many of them are scams and never deliver.

User Friendliness

The main point of interaction for the average user is the wallet.

Official IOTA Wallet

For IOTA, their current wallet is quite bare in terms of user friendliness. It gets the job done. It is more of a developers’ wallet for a product still in beta. I’ve seen numerous posts on reddit asking whether they should reattach or rebroadcast their transactions. These esoteric options should be totally abstracted from the user, in my opinion. Edit: The IOTA team has recently added another feature called “Transaction Promotion,” and again, I will say that this should be totally abstracted from the user.

Thankfully, they do have a much improved wallet coming out, thanks to the team at UCL. This wallet should clear up many of the headaches surrounding the current wallet experience. They are also working on releasing mobile wallets for general consumption, as their iOS wallet is currently undergoing beta testing before public release.

Screenshot of the upcoming IOTA wallet from UCL

Another issue with the IOTA protocol is something called the “address reuse” issue. Essentially, every time you spend from an address, a private signing key for that address gets partially leaked. If you spend from the same address many times, an attacker could reconstruct the original signing key to steal funds from that address. This process is effectively baked into the IOTA protocol and is what implements their “quantum resistance.” This quantum resistant algorithm is called the Winternitz One-Time Signature Scheme. (Read more about one time signature schemes here.) Still, it is difficult to train new users about this, who are used to sending and receiving Bitcoin, Ethereum, and basically every other coin.

When you do spend from the IOTA wallet, any leftover funds from your transaction are automatically sent to another address you own. (Each seed can “own” a large number of individual addresses) And new versions of the wallet will warn that you are trying to send funds to an address that had already sent funds, which is a step in the right direction. You still have to be careful sending across snapshots, as I don’t believe the wallets and nodes can detect this. (Please correct me if I am wrong.)

Official RaiBlocks Wallet

RaiBlocks’ current wallet is also a developers’ wallet. Everything is black, white, and gray, with small font and a bare-bones navigation interface. It gets the job done. There is no lite wallet support yet, so users must sync the entire ledger before being able to properly interact with the network. And sync times are quite bad at the moment, anecdotally speaking; I am spending tens of hours trying to get my full wallet to sync. Thankfully, there is an alternative to fully syncing your node the slow way: you can download the full ledger here.

Again, new and improved desktop and mobile wallets are currently under development, according to their roadmap!

Update, Feb 23, 2018: The new version 10.0.1 of the NANO wallet is able to fully download the ledger on the order of minutes (with a fast internet connection) and fully sync with the network in a few hours! Well done NANO team!

RaiBlocks also follows the general convention of sending and receiving from the same address being OK; no address reuse issue here.

Basically, the wallet experience for both of these cryptos is quite lacking at the moment. But, we can expect great new wallets from both of them in the very near future!

Growth Potential

IOTA still has a lot of room to grow and I elaborate on this in my article, IOTA Price Analysis and Predictions. The TLDR is that IOTA has many items on their roadmap and many more exchanges to be added on, which, in my opinion, will boost the price to levels on the order of $141/Mi, compared to their current price of roughly $3.80. That’s a predicted 37x gain. Please take this with a grain of salt.

RaiBlocks has risen from obscurity in recent weeks, from a market cap of ~$20 million (~rank 200) on November 24, to ~$530 million (~rank 40) on December 14th. That’s 26.5x in only 3 weeks!!! And there’s no telling when this growth will stop. My hypothesis is that RaiBlocks has been riding the wave of money flowing into IOTA and other related next generation cryptocurrencies over the past few weeks. And as more people look into the technology and test out the wallets to see that it actually works, more people will get sucked into this cool new tech. I predict RaiBlocks will be a top 10 crypto one year from now, from the simple fact that their tech is fast, simple, and it works! They still have a long roadmap ahead of them, but I am confident they will deliver. If RaiBlocks does become a top 10 crypto, they would have a market cap of ~$5 billion, which means a ~9.4x gain in one year. One year from now, the necessary market cap to attain a top 10 ranking will probably be much higher, so this growth is probably going to be even higher.

Attack Potential

We must ask ourselves a few questions if we want to believe in the long term viability of these cryptocurrencies. How can these cryptos be attacked? How likely are those attacks? What are the severity of these attacks?

IOTA has a few potential attack vectors. One of them being executed recently is called a spam attack. This is where an attacker spams the network with dummy transactions, messing up the confirmation tip selection algorithm, causing delays in confirmations, sometimes orphaning valuable transactions for days or weeks. The foundation is very aware of these issues and we are currently waiting on a more robust release. Edit Dec 20, 2017: New versions of the IRI (v1.4.1.4) and wallet (v2.5.5) have been released and they claim many of these issues are resolved. Anecdotally, I am seeing many people say, on Reddit and the IOTA Slack, that their confirmations occur much faster now.

People argue that IOTA is not yet decentralized due to the deployment of something called the coordinator. This is basically “training wheels” for the IOTA network which is used to mitigate 51% attacks and such. Most blockchains, including Bitcoin, have had mechanisms like this in their early days. But we are still waiting on a official metric or a timeline for when this will be removed. The link earlier stated that it would become “optional” by the summer (the article looks dated so I think it meant the summer of 2017?). In theory, I believe the coordinator is optional, but in practice, I highly doubt people are running their nodes in a coordinator-less fashion; please let me know if I am mistaken here. I’m still confident that once IRI autopeering and neighboring is fully implemented, the network will be robust enough to stand on its own; and these features are on the roadmap. (Here is a nice little repository of IOTA’s anti-FUD rebuttals, including info about the coordinator.) Just for comparison, RaiBlocks doesn’t have the concept of a coordinator, and auto-peering has been a standard feature of full nodes and the wallet since it was released.

There are other potential attack vectors with the IOTA protocol and you can read more in their whitepaper. In general, the attack risk for IOTA is low at the moment.

RaiBlocks is the new kid on the blockchain (pun intended). Therefore, it hasn’t had the same levels of hardening and improvement like other cryptos. With this recent surge in pricing, we can be sure that attackers will start trying to knock down or even break the service. Time will tell if the current implementation is strong enough to withstand these. I recommend code reviews and audits by security teams, analysts, and the general developer community, especially since the main node software is written in C++ *shivers*. I’ve only had a brief glimpse of their code and see many functions and files that are too many lines long (example) and nesting-hell (example). Here is a perfect case for a guard statement refactoring ;-) I’m not trying to bash on RaiBlocks, Colin LeMahieu (the creator of RaiBlocks), or their developers, but there are a lot of code smells going on and lots of room for improvement :-]

I encourage community developers and members to help contribute their time and talents to this project, as for IOTA and other cryptos. (Just to keep it balanced, here is a nasty example of deep-nesting in the IRI; something like 8 levels deep) I guarantee there are bugs here, waiting to be either fixed or exploited. Hopefully the former.

Furthermore, RaiBlocks gives a nice, concise description of many different attack vectors and their severity on their wiki page. Take a look. The TLDR is that most of these attack vectors are low to moderate risk and basic defense mechanisms have either been theorized or already implemented. This is not a comprehensive list of course; I predict there are some unknown attack vectors and exploits which we will see in time.

Resources

IOTA Homepage; IOTA Whitepaper; IOTA Transparency Compendium

RaiBlocks Homepage; RaiBlocks Whitepaper; RaiBlocks Wiki

Conclusion

IOTA and RaiBlocks definitely overlap in terms of functionality and use cases. Each has their own theory as to why they will be the prevailing FFM coin of the future. We don’t really know whether one will “win” or whether both will thrive in their own ways. They both have many, very exciting features, products, and improvements yet to be released. And neither perfectly solves all use cases. There will probably never be a “perfect” coin to rule them all.

That being said, I think both coins will be very strong players in the cryptocurrency space for years to come. And there will be new players trying to make their way into this crowded, competitive space. We should not only be competing, but also working together to foster a stronger future for both of these cryptos and for new FFM cryptos to come. Both competition and collaboration will promote innovation!

We have a very interesting future ahead for these cryptos with plenty of new developments happening. I’m thoroughly excited to see what happens!

Edit Dec 20, 2017: I originally stated there were 10–12 developers working on RaiBlocks. This was inaccurate. There are actually 5 developers.

Edit Dec 24, 2017: I made a mistake in the number of RaiBlocks in circulation. I had assumed that exchanges sell in units of 10²⁴ raw RaiBlocks, when in fact, they sell in units of 10³⁰ raw RaiBlocks, aka Mxrb. All subsequent calculations have been updated.

You can follow me and my company, P Rizz Ventures LLC, on Twitter, Medium, Facebook, and LinkedIn.