Cryptocurrency and The Internet of Things
A cryptocurrency provides this trick of trusted exchange without a mediator. Or at least, the protocol acts as the mediator. Most of today’s coins need a blockchain to achieve this balance.
Iota wants to upset that paradigm. The team believes they’ve found the next generation of cryptocurrency; a faster, cheaper, and more secure way of managing trust. They call it a Tangle. This is what it looks like.
Each of those white dots represents a transaction. In order for a transaction to be approved, it needs to verify two other transactions. The green lines represent verifications.
So when you want to add a transaction to the system, you pick two other transactions at random, check them to make sure that their associated keys and balances are valid, then bundle them with your own transaction and a little Proof of Work. That bundle gets sent out to the network to be reviewed and verified by the next generation of transactions.
Proof of Work protects the network against spam attacks or sybil attacks. Both attacks require that the attacker issue a high volume of transactions. With Proof of Work in place, each transaction requires sacrificing some processing power. This means it’s a lot harder and less attractive to generate the number of transactions that an attacker would need in order to disrupt the system.
Cryptocurrencies that employ Proof of Work usually farm out the heavy lifting to miners. In return for contributing hashing power, miner’s receive rewards. So it’s noteworthy that Iota incorporates this processing as an element of a transaction. This system of distributing Proof of Work across the network helps to explain two of Iota’s most interesting features.
Iota does not require transaction fees. Because the network is set up in such a way that in order to participate, you must contribute, each transaction is essentially earning it’s keep through Proof of Work. The absence of transaction fees means that Iota should be very well-suited to processing microtransactions.
Additionally, the team claims that their network‘s’ efficiency will increase as it scales. To get an idea of how this might work, let’s take a look at what happens when the network starts to flood.
Imagine that purple square represents the burrito you bought for lunch. Each of those green lines is a verification that either directly or indirectly verifies that you paid for your burrito. You can see in the case above that after only a few generations, the system has reached a state where any new transaction that is verified indirectly enforces verification of your transaction.
So even if the network is randomly segmented and distributed across devices, you’ve got this situation where you can broadcast a transaction and very quickly, provided the transaction is valid, you’ll have the entire network standing up to vouch for you.
It’s a cool concept. If you’ve got the time, patience and math proficiency, the Tangle whitepaper breaks it down to show exactly how increased load pushes the Tangle to a threshold where transactions are almost instantly verified by all incoming traffic to the network. You might also check out this youtube video. They touch on this concept at around 19:45.
At scale, Iota promises some impressive features: fast transaction verifications, zero fees, increased security, etc. But the network is not yet operating at scale.
In order to keep things on track during these early stages, Iota relies on what’s referred to as a Coordinator. The Coordinator is intended to protect the network while transaction volume is low. The plan is to disable this system when the network hits a high enough transaction volume to stand on it’s own.
This leads to one of the key criticisms of Iota. It’s been argued that, because Iota transactions are subject to this Coordinator, and specific details on the Coordinator’s functionality are not public, Iota in it’s current state is effectively ‘centralized’.
We can’t access the Coordinator’s source code, so we can’t be entirely sure of what it does. However, without it, it would seem that the network is exposed to certain vulnerabilities. This suggests that the Coordinator maintains some influence over factors related to these vulnerabilities.
According to Sergey Ivancheglo, an Iota cofounder, the Coordinator is currently being used to guard against a 34% attack. The 34% attack refers to a scenario in which an attacker is able to contribute over 1/3 of the network’s total processing power, allowing it to produce conflicting transactions. So, what keeps the Coordinator from orchestrating that 34% attack itself?
While the Iota team probably wouldn’t have a good reason to sabotage their own network, that doesn’t exactly prove that they can’t find one. Still, there is a mechanism in place that should help to check the power of the Coordinator.
Any Iota user may independently operate a full node. In so doing, you contribute processing power to maintain the validity of the Tangle. Now, without mining rewards, there’s no economic incentive to running one of these nodes. But a node can benefit a user if they are already processing a large number of transactions, if they operate an app or system that benefits from a reliable connection to the Tangle or a reduction in transaction times, or if they simply desire to support the Iota ecosystem.
It should be noted that the 34% referenced here isn’t referring to a simple 34% of the network. Devices linking to Iota’s Tangle are exposed to only a subset of the full network. So, even if you were able to generate enough processing power to very quickly gain control of 34% of the network, you’d also have to actually find the entire network.
Curl and the JINN Processor
Iota‘s original Proof of Work algorithm is known as Curl. Curl employs ternary logic, which means information is stored in three-states as opposed to the traditional two of binary logic. Ternary logic is a fixture of early Russian computing. It can provide certain types of performance benefits over traditional logic, but is not quite practical to find or manufacture processors that take advantage of this logic at the moment.
That’s where JINN comes in. JINN Labs is still in ‘stealth mode,’ but they appear to be working on an asynchronous ternary processor that’s intended for use in Internet of Things applications. Several of Iota’s key team members appear to have been involved in it’s development. The assumption then is that the JINN processor will be able to hash Iota’s ternary algorithm more efficiently than traditional processors. The goal being that the JINN ternary processor will someday be integrated into the majority of Internet of Things devices, offering these devices the ability to exchange value, and securing Iota as the medium by which to do so.
But the use of the Curl algorithm and ternary logic are the basis for another criticism of the Iota platform. This algorithm was developed by members of the Iota team. Being that cryptographic algorithms are entrusted with sensitive information, they generally undergo extensive evaluation before being used in real world applications.
Neha Narula and her team at MIT argue that Iota’s cryptography has not been properly vetted. Narula claims her team was able to generate a collision in Iota’s hashing algorithm. That is, with practically available computing power, they were able to identify 2 keys that hashed to the same value. This could provide attackers the ability to generate conflicting transactions.
In Ivancheglo’s response to Narula’s report, he argues that the vulnerabilities were intentionally added to the code as a form of copy protection (which has given rise to other concerns) and that the Coordinator makes exploitation of those vulnerabilities impractical. He also argues that the uniqueness of the system warrants the risk of developing specialized cryptography. The team has apparently released some adjustments to the cryptography used for certain tasks that nullifies any security issue that may have existed.
Another justification for the use of Curl is that it incorporates the Winternitz One-Time Signature Scheme. Theoretically, quantum computing does not represent a significant advantage in processing the Winternitz hash, so Iota should prove resistant to potential future attacks as quantum computing comes within reach.
Flash channels are a more recent addition to Iota’s services. Inspired by systems like the Lightning Network and Raiden, Flash Channels allow for private, off-network transactions. They provide a way for trusted parties to divert Iota transactions off of the Tangle.
If you want to transact high volumes of iota, you have to wait for each transaction to process to the Tangle. This is likely to cause bottlenecks. Using Flash Channels, multiple parties deposit equal amounts of Iota into a multisignature account. Involved parties can then transact independently of the main Tangle. To close out transactions, they simply agree to release funds from the account. In this way, independent groups can process high volumes of transactions quickly by minimizing direct interaction with the Tangle.
A fixed total of 2,779,530,283,277,761 were created in Iota’s genesis block. Without miners, the system lacks a natural mechanism for distributing tokens, so Iota tokens were initially distributed through an ICO. The ICO raised around $584,000 for the Iota Foundation, the German entity responsible for Iota’s management and development. Current token distribution is visualized here. Check the current price here. Because there are so many Iota in existence, the Iota price as listed on exchanges is almost universally issued in terms of Miota (1,000,000 Iota). The high number of Iota in existence should serve to further promote Iota as an effective vehicle for very small transactions.
Iota’s basic structure was initially described by Serguei Popov in the Iota whitepaper. Popov looks to be a CS PHD, specialized in probability theory, who studied in Moscow and maintains a faculty position at UNICAMP in Brazil.
The implementation of the described protocol was carried out by Sergey Ivancheglo and Dominik Schiener. According to this podcast interview with another one of Iota’s founders, David Sønstebø, Sergey Ivancheglo is the founder of Nxt. Ivancheglo launched Nxt in 2013 under the pseudonym BCNext. Ivancheglo has also commonly appeared under the pseudonym Come-from-Beyond.
The Iota project offers a lot to be excited about. If the team is able to deliver on even a portion of what they‘re shooting for, the effects could be amazing. But it’s still very early in the game and Iota is in mostly uncharted waters. There are projects that have the concepts, the capital, the people to drive a convincing argument that they can pull off what they’ve dreamt up. But there are no guarantees. Iota is a particularly wild dream, and that’s exactly what makes it interesting. The team promises a lot. Only time will tell if they can deliver.