This past weekend, a mysterious individual released a whole lot of emails to a journalist at Tangleblog who disclosed them on Twitter. The emails are correspondence between IOTA programmers and scientists at the MIT-subsidiary Digital Currency Initiative (DCI). This leak has disclosed the month long conversation between David Sønstebø and Sergey Ivancheglo of IOTA and Ethan Heilman and Neha Narula of DCI. The discussion between IOTA’s team members and DCI was about an alleged vulnerability in IOTA’s system.
What was the alleged vulnerability?
As we all know, IOTA is a public ledger with no chains, no blocks, and no fees. The name stands for Internet of Things Application, and instead of a blockchain, it utilizes a new technology called the Tangle. The IOTA’s currency is called MIOTA. In its repositories on GitHub, researchers found a serious vulnerability — the IOTA programmers had written their own hash function, Curl, and it produced collisions (when different inputs hash to the same output). Hash function is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash) and is designed to be a one-way function. Researchers were able to find collisions using commodity hardware within just a few minutes, and forge signatures on IOTA payments. After this, they informed the IOTA developers and they patched their system. You can check the vulnerability report submitted by researchers here.
This email leak has exposed the IOTA developers’ reply to a critical flaw in one of their cryptographic blocks. The conversation ended with threats of legal action by IOTA founder, Sergey Ivancheglo, against a member of the Boston University security group. Due to that, many cyber security researchers and cryptographers have called to denounce the entire project. After the leak was made public, multiple security researchers and cryptographers have suggested investors not to hold the currency. They also told other researchers not to collaborate on enhancing the security of the IOTA system.
There are many in the cyber security community think that the IOTA system, which today relies on the central operator called a “coordinator,” is not as decentralized as promoted. Rick Dudley, a blockchain architecture said that, “Basically, what they have done is written some source and papers that only describe part of the system. The rest of the system is secret. Which is completely antithetical to blockchains”.
What complete nonsense. No one copied IOTA because it's trash, not because of an intentional weakness coded into the system. If someone copied the flaw, you exploited, they patched and kept going, then what? What kind of security is that?
— Rick Dudley (afdudley.eth) (@AFDudley0) January 15, 2018
IOTA in an official statement regarding the MIT DCI email leaks said that “We remain 100% committed to transparency with our community, and we continue to welcome discussion of the issues raised by the DCI team in a thoughtful and constructive manner. While 9 out of 10 social media posts on the topic contain well-thought-out discussion points, it is the remaining 1 out of 10 which is both the most uncouth and the most publicized. For the sake of the entire DLT space, we hope that these discussions will not dissolve into internet “flame wars,” and that we can stay somewhere within the realm of intelligent discussion”
It is obvious that the IOTA group, by showing opposition to the procedure of dependable vulnerability exposure, has lost the support of expert cryptographers and security researchers.
Shiba Inu to Reach 1$ soon? This New Upcoming Development Proves it Right
Did IOTA plagiarize NKN’s consensus model in the Coordicide?
Chinese Internet Security Company Finds Critical Vulnerabilities In EOS Blockchain
Big News: Ripple Price is about to TRIPLE? This News Confirms…
Edward Snowden Likes Zcash
Telegram Zero-Day Vulnerability Used By Hackers To Spread Cryptocurrency Miner.
Flaws in Monero Could Make Transactions Traceable
IOTA Price Prediction 2023: IOTA Price To Touch $1 Soon?
Crypto News Weekly: Bitcoin Core, PwC, Hard Forks And Much More
What is Proof of Work (PoW)?
The Big Ripple Price Prediction for 2023 – How high can the XRP price go in 2023?
IOTA Price Forecast – Will Germany’s Favorite Cryptocurrency Rise Now?
Vulnerabilities found in Monero
Shiba Inu Price Prediction: How High can SHIB Price reach by 2030?
IOTA + AI = How high can IOTA go?
Jaguar Landrover Incorporates IOTA Technology into its Models
Bitcoin Immutability Is A Shared Myth- A Brief History Of Tx Reversals And Chain Rollbacks
You might also like
More from Blockchain
How to Trade ARB on Binance – Quick Guide
How to trade ARB on Binance? In this article, we'll take a closer look at what is ARB and what …
Top 3 Crypto Aggregators To Pick in 2023
To maximime yield and simplify the trading experience, Crypto aggregrators are an unparalleled choice in DeFi. Here are the …
Don’t Miss Buying Cardano at $0.35! Will Cardano reach 1$ now?
Cardano is still hovering around a price of $0.35 despite Bitcoin exploding. Will Cardano prices follow? Will Cardano reach 1$ …