Category: Background

Blockchains, Bandwagons and Chances.

Blockchains, Bandwagons and Chances.

We believe that the economy works best when it works for everyone, and this new platform is an engine for inclusionDon Tapscott,  ‎Alex Tapscott in Blockchain Revolution

The majority of active members in Cryptoland share this vision, one way or another. It’s quite rare to see that people are in complete agreement, in unison, when it comes to innovation and possible prospects of a technology.

It seems like the field of Blockchains is such a rare case.

8 years ago, 2009, when Satoshi uploaded his whitepaper for the Bitcoin, nobody knew what a Blockchain is.

Bitcoin? Isn’t that this weird Internet money? A way to buy drugs, anonymity, emancipation, a way past the banks. Who knows.

The last years have shown, that these decentralized peer to peer systems can be helpful in many regards.

We can share information, values or we can make contracts, and no one needs to rely on the authenticity of a signature, made by the contractors, bank employees or whoever is part of the deal.

We also can become millionaires in a blink of an eye.

The Blockchain seems to be an overwhelmingly potential thing, and people start to realize that this piece of technology is here to stay.

We all had this moment when we met old friends and we talked about our career, hobbies, what are you doing right now?

Blockchains

At this point, we do not explain all 1471 cryptocurrencies. We also don’t explain proof of stake, BIP148, hashes, or scalability. But we boil it down to: “a great new technology, that could be beneficial for all of us“.

Yes -eventually, Blockchains or distributed ledger technologies (DLT) will shape the technological landscape of the future for the better.

Over the last years, the great vision of blockchains was dyed in humanity. 

You can easily check for yourself: go to Twitter and look for #bitcoin , #ethereum or #iota and read the first 20 tweets.

It seems like reality in social media channels doesn’t reflect the great vision of a future, built on blockchains, that we all believe in.

Bitcoin is great, who needs Ethereum?

IOTA is a scam, fuck those altcoins!

If I were you, I would invest in Pumpcoin, you heard it here first. 

The homo oeconomicus dominates the majority of communication of Blockchains. We do believe in Blockchains, as long as it is our Blockchain, we invested in.

What hypocrisy.

The reason isn’t really mindblowing.

People know that the cryptocurrency-tsunami of investments will be a stepstone for a new generation of millionaires, and they also believe that the more they communicate and advertise, the higher the chances are that they are surfing straight into the six and seven digit Dollar club.

That, of course, doesn’t tell us anything about the technological perks, the technical quality of the system they are cheering for.

We can replace all those tweets, texts and messages with “Buy ***coin, make me rich, please”.

That works in 99% of all cases. At this point, I recommend you go to Twitter and look for #bitcoin: Link.

And there are millions a day. Cryptocurrency/Blockchains have become “the game of pump“.

The incentive of earning money is way higher than supporting the technology itself.

That leads to the neverending brigading, FUD’ing and lying, regardless of the truth.

It also leads to forks, mining conglomerates, and divided communities.

People create useless forks, they create special vocabulary that sounds meaningful, or they write long, technical blog posts where they compare the old system with their new, better Blockchain with a fancy logo or a quote of a renowned person, that vouches for the upcoming initial coin offering (ICO).

People collect hundreds of millions of Dollars, for a 5 head developer-team.

The innovation, luckily, doesn’t take place in social media channels and is not equivalent to the initial amount of investments. It happens behind closed curtains because partnerships are behind NDA’s, in most cases.

If you invest in Blockchains, invest in the technology, the team, the prospects and the advantages it has over others, despite what social media writes on a Thursday in November.

If you follow social media channels, you may take short-term gains, that are based on emotional market-reactions, but the best strategy is looking for the best tech, your favorized project and to hold onto it. For years, if necessary.

This is not a cheerful article for IOTA, this is just a reminder, that we should not lose the aim for all of this. This is greater than our purse, so let’s not reduce it to a Kardashian’esque reality soap.

Needless to say, I’m looking forward to times, when exchanges, ICO’s and crypto-industries are regulated by governments. Yes. Governments. They are here to stay anyway. Maybe for taking part in the technical and neutral maintenances of these systems, while they provide 10% of the hashpower for earning parts of the currency.

A self-sustaining task, that would fit the government while people and companies could use these distributed systems for their purposes.  Just an idea of a solution for a disrupting innovation. Same could work with banks. They couldn’t stop the network, but they could become a useful part of it.

We need to accept banks and governments because unregulated systems lead to game-theoretical circle jerking, where everyone works for himself.

Why? Because the image of Satoshi’s vision implied improvement of life, emancipation for the people, we either believe in it, or we reduce that to a flowery phrase that fits right into the buzzword banter of investors.

He didn’t want to create a playground for ludicrous investors, cryptocurrency casino web pages, pump & dump groups or emotional discussions on Reddit, that are solely aiming for changing the sentiment of a cryptocurrency.

What we need is an education for our future. A solid comprehension for the possibilities of cryptocurrencies, not investment wise.

Bitcoin is already used in countless countries. The value of a BTC is over $7000, as I’m writing. Is the value of one bitcoin important? Not for the innovation.

Apart from the price that holds investors captive, Bitcoin is used as a standard currency already. Over 330 ATM all over the world make it possible to use Bitcoin in people lifes on a daily basis.

Currencies are one field, technological advances for the producing industry is another.

These technologies are not just objects of an investment game, they are part of a paradigm shift on a global scale.

Foxconn already communicated that ~300.000 of their 400.000 workers are replaced by machines in the near future. Distributed ledger technologies are on the verge of being used everywhere. 

The World Economy Forum in Davos hosted presentations and discussions for over 2500 managers, thought leaders and scientists.

They debated about networking, big data, robotics, automation, artificial intelligence and the Internet Of Things. Better known as Industry 4.0.

Ask any company, bank, government for the importance and disruptive impact magnitude of distributed ledger technologies. They already know that for years.

The Deutsche Bank released parts of an internal study with an intimidating result: For the first time in industrial times, an industrial revolution will destroy workplaces instead of creating them.

A heavy transformation for industry and society.

We don’t need Tradingview, bots for margin trading, or hashtags with edgy love-declarations for a coin.

We need solutions, to integrate these systems in the financial and industrial infrastructures, to embrace the coming century.

This enabler tech could bring basic wealth for every region on the globe, it could transform the energy sector, revolutionize the sharing or exchanging of value, it could enable a new, stable form of democracy and shift our society from a purely antagonistic, hedonistic, to a thriving, thinking, sustainable society.

We are taking part in interesting times that possibly change the way we live and work on a global scale, forever.

We should accept them as such and use innovation to make it happen, in the best way possible, instead of advertising innovation towards our own pockets.

Don’t get confused in the social media madhouse that chases profits.

 

Explaining Series: Fog Computing in the Internet of Things

Explaining Series: Fog Computing in the Internet of Things

Fog Computing -one of many new trendy terms that we see and read almost everywhere in this field.

What is it? -and how can IOTA enable the perfect fog-computing landscape, the IoT needs?

I give you a short explanation and good sources for a smooth heads-up.


Roundup:

This roundup is an experiment that aims for a better understanding of the greater picture. Some keywords before the actual article are meant as an information-index.

  • Internet of Things (IoT)= Term from the MIT, Kevin Ashton, 1999
  • Fog-Computing = Term from Cisco
  • Fog = Decentralized/Distributed
  • Cloud = Centralized
  • Realm = IoT + IIOT, B2B, M2M, IoE, Smart grids, Smarthome, Smart cities, interconnected world
  • Problem = Unused Sensor-Data, Need for a solution of a distributed network, Costs of cloud-computing, time
  • Application = Evolving Markets, Quality-as-a-service, Machine Communication, Scada
  • IoT Systems = Basically two groups: 1) Identification Group (sensors, data gathering) 2) Computational group (processing, data storage)
  • Limitations until now: Cloud computing (centralized, far away from consumers and devices)  doesn’t fit the requirements of the IoT (distributed, in need of close storage, computational resources, instant processing), Bandwidth
  • Connection Types: WiFi, Bluetooth, ZigBee, 2G/3G/4G/5G, Radio, Z-Wave, 6LowPan, Thread, Wifi, Cellular, NFC, Sigfox, Neul, LoraWan

The IoT

The vision of the Internet of Things is still in the making.

With the latest development in this interconnected world, new markets are emerging and a variety of requirements are born.

Wearables, smartphones, domestic devices like smart-home solutions for an intelligent household demand an interconnectivity solution that has yet to come.

It’s no secret that almost every company is also working on solutions to make it happen: a world, where data is a more valuable resource than oil. If not today, then in the near future.

This leads to a point, where technical barriers of today hinder progress for tomorrow.

The IoT, a distributed network around the world is more than the Internet.

A mesh-net that is connected with every possible connection type. Where devices work in local clusters, it’s obvious that centralized components, sometimes on a different continent, don’t fit in the greater picture.

Sensors, cameras, smart devices often use ad-hoc solutions to function in their specific field, such as monitoring systems like Scada, that send valuable data to a nearby control center in order to optimize industrial processes.

What if these monitoring systems are working time-sensitive, but the current solutions are slow and on top of that centralized and unsecured. The productivity could be better, employees may work in a more dangerous environment and as a result: the company could face problems.

Connected facilities incentivize industry-espionage and hacks.

Distributed denial of service attacks is a phenomenon of the last few years, where certain malicious parties are attacking infrastructural points in the web, to cripple communication of some systems and special services.

Sometimes as a decoy for a hack, sometimes for political or activist-reasons.

Not rarely, mentionable down times create financial losses or the blockage of regional infrastructure’s hits, next to the target, also other companies that are located in the surrounding area.

A problem of the Internet, not necessarily of the IoT.

Due to the distributed mesh-net characteristics, the IoT is envisioned as a network, that is self-sufficient, in which case it can connect devices of the identification group via many ways, not only one.

An attack on central points is per definition impossible because there is no center in the IoT.

That leads to a natural resistance against DDoS and other downtimes.

Legacy systems vs. new systems

An additional issue of cloud-computing in the IoT would be the costs. Legacy system use to ignore huge amounts of data because there is neither storage no need for them.

New systems in the IoT, with smart solutions, rely on this data, but sending them into the cloud would go beyond the scope of the IoT. Too much information is generated, and real-time analysis, as well as centralized cloud-computing solutions, are conflictive with each other as uploading these huge amounts takes time and money -especially if the cloud-storage is thousands of miles away.

Fog computing, however, creates a bridge-solution for the identification group and computation group: It is about forwarding the computational power to the edge of the network, where data is generated and the results are needed.

The benefits of using Fog computing instead of legacy cloud systems are tremendous.

Varghese, Wang, et. al [2017]. come to the conclusion that. “For an online game use-case, we found that the average response time for a user is improved by 20% when using the edge of the network in comparison to using a cloud-only model. It was also observed that the volume of traffic between the edge and the cloud server is reduced by over 90% for the use-case.

This is just one use case that can be mirrored on many other settings.

In consumer markets, Quality of Service and Quality of Experience are important factors.

Another example would be the transparent customer. When a transparent customer enters a big supermarket, his views and interests could be analyzed within seconds.

Cameras can detect his interest in certain devices or components, and advertisements on monitors along his path can be adjusted to his specific needs. With old legacy systems impossible due to the long processing times between these cameras, a cloud, and computational resources, with fog computing, however, the data can be processed way faster and deliver the necessary information back to the customer, along his way in the mall.

To draw a simplified picture of the fog-landscape:

The distributed mesh-net is growing in height z, if you will, whereas decentralized and centralized networks are growing on the x and y axis. Shorter ways from the data collectors to the computational resources are the result of fog-computing.

Concerns can be addressed with IOTA

Whether it’s the data-integrity, optimization or protection of the in-house Research & Development data, companies look for a lasting solution.

When data is stored centralized, hackers usually use social engineering, or phishing attacks to get access to the data.

As centrally stored data would be collected all in once with this method, Fog computing would make it possible to store sensitive information in small packets, distributed, with different passwords/keys/seeds to access them.

IOTA  can deliver a unique solution here. A data-stream, bound to countless seeds, in a distributed network, secured with sophisticated algorithms. Not even quantum computing would be a threat to the hashes.

As you may already know, IOTA is a distributed ledger technology, that enables fee free transactions.

For data-transfer with fog-computing, you wouldn’t even need tokens, the only condition would be to confirm two other transactions before sending one of your own.

A rule that enables true scalability for a billion device network on a global scale.

With Masked Authenticated Messaging, IOTA has an additional option to send and process sensitive data.

Now, a really big hurdle in the IoT is the availability of dozens of connections and different norms.

When devices could be connected in a similar way, the usability would increase. A plethora of standards that are built for the IoT can lead to a fragmentation of the network, as companies want to stick to their standards, to support their product-line or roadmap.

If IOTA would be the standard settlement and data layer, which is free to use, the Internet of Things could be a barrier-less environment with true scalability and data-integrity.

Due to the value of collected data, new markets would come up, that aim for selling this information in real-time.

People would possibly be able to sell their consumer data, each time they enter a shop, with true nano payments.

If data would be collected in the fog, BigChain DB a scalable distributed database for all kinds of data could deliver the necessary infrastructure for customers, institutes, and companies.

A seamless solution for the IoT.

Fog computing is, therefore, the next necessary milestone in the field of the Internet of Everything and a vital part of the vision of IOTA.

 

Video of Dominik Schieners Presentation at the Tech Open Air 2017

 

 

 


Sources:

https://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdf

http://www.springer.com/de/book/9783319576381

https://arxiv.org/pdf/1701.05451.pdf

 

Images:

<https://www.iot-now.com/2016/01/11/40800-connectivity-on-the-edge/>

 

Revealed Business Connections of IOTA

Revealed Business Connections of IOTA

Market capitalization of a cryptocurrency is the best indicator to show which project succeeded the most. 

…this sentence is not true.

After years of pump and dump, history has shown that only real-world adoption counts, that real connections to businesses make a difference.

To give you an idea on how far IOTA has come, I set up a list of known collaborations or business connection of IOTA.

Important: The following list also includes partnerships with members of the Decentralized Identity Foundation(DIF) and Trusted IoT Alliance,

-> so there is not necessarily a direct collaboration.

It’s just a matter of time and NDA’s that this list will grow.

What we already know is incredible, but there are some connections we don’t know yet, and considering what the IOTA foundation already has accomplished, I can only assume that this is just a fraction of what’s behind the curtains.

I, therefore, do not guarantee that this list is complete or that it’s reflecting the reality. 

This list only shows revealed business connections and is not officially approved by anyone

This list will be updated when I get new information:


Accenture (via DIF)

Alpha Venturi (via Foundation)

Augmate

Authenteq (via DIF)

Bayonet (via DIF)

Beth Israel Deaconess System (via Foundation)

BigchainDB (via DIF)

Bitse (via TrustedIoTAlliance)

Blockchain Helix  (via Bundesblock)

Blockstack (via DIF)

Bloq (via DIF)

BNY Mellon (via TrustedIoTAlliance)

Bosch (via TrustedIoTAlliance)

Brainbot (via Bundesblock)

Bundesblock (http://t3n.de/news/blockchain-wirtschaftsstandort-831376/)

Canonical (via TrustedIoTAlliance)

Ccis

Civic (via DIF)

Cisco (via TrustedIOTAlliance)

Consensys (via TrustedIoTAlliance)

Consent (via DIF)

Chronicled

DANUBE Tech GMBH (via DIF)

E7 Ventures (via Foundation)

EU Commission (via Foundation)

F6S

Filament (via TrustedIoTAlliance)

Foxconn (via TrustedIoTAlliance)

Freeelio  (via Bundesblock)

Gemalto (via TrustedIoTAlliance

Gem (via DIF)

Gnosis (via Bundesblock)

Harvard Medical School (via Foundation)

Huawei EU (via social Media, rumors)

IBM

ID2020 (via Foundation)

IDEO (via DIF)

Innogy (via Foundation)

Imperial College London

IPDB Foundation  (via Bundesblock)

IRTSystemX

Jolocom  (via Bundesblock)

Ledger

Luxoft

Microsoft

Mooti (via DIF)

Netki (via DIF)

New Mobility Consulting

NewMobilityLab (via Foundation)

Norwegian Centre for E-Health Research(via Foundation)

Procivis  (via Bundesblock)

Olso Medtech (via Foundation)

Oslo Cancer Cluster (via Foundation)

Outlier Ventures

Peter the Great Saint-Petersburg Polytechnic University

R3 (via DIF)

RSA (via DIF)

RSKsmart

Satoshipay

Seedlab GmbH (via Foundation)

SINTEF (via Foundation)

Skuchain (via TrustedIoTAlliance)

Slock.it (via TrustedIoTAlliance)

Sovrin (via DIF)

Taqanu (via DIF)

Tierion (via DIF)

UBUNTU (via Canonical)

UC Berkely

University of Lancaster

UC London

UN (over ID2020/Foundation)

Uport (via DIF)

Whitechapel Think (via Foundation)

World Energy Council (via Foundation)

World Economy Forum (via Foundation)

ZipPower (via Foundation)


 

This list will be constantly updated, so take a look once in a while,

Limo

 

Is a doublespending attack possible with IOTA?

Is a doublespending attack possible with IOTA?

The “inner circle” of IOTAs community and me had a few discussions about this sensitive topic.
A lot of FUD’sters are using everything they can get and frankly, it’s not like we are caring too much about the price, but about the collateral damage that can be done by word of mouth marketing into the wrong direction.

I came to the conclusion, that I personally don’t like to see misinformation, although the long-term success of IOTA won’t be harmed anyway.

Still: too many people read the wrong things, and come to the wrong conclusion, following the questions:

Is there a doublespending threat in IOTA?

Is it true that a single GPU can outperform the overall hash power to carry out a doublespending at will?

This wrong assumption states that the technology IOTA can be manipulated to the benefit of a single person or a maliciously acting hacker group.

People eventually come to the question: Is IOTA safe to use?

We get to that answer.

First of all, let me ask you a question:

 

Is there any currency, asset, system, good, piece material on earth that can’t be misused or manipulated in any way?

Let’s not look at a baseball bat or a frying pan but at a few currencies.

We live in a world, where the global economy relies on the decision of the Federal Reserve, not to alter the key interest rate to their benefit, otherwise, the consequences can be harmful to everyone on the planet.

Same applies to the European central bank, The People’s Bank of China, the Bank of Russia and a few more.

Central coordinated institutes, that literally print money as they like, and change the key characteristics of its value.

A horror for blockchain and distributed ledger believers.

I’m not even referring to the possibilities of fraud and scam for third-parties that are not under the direct protection of these central institutes because a bank robbery can happen everywhere, anytime and no one can prevent that from happening again in the future.

Statistically spoken, it’s pretty sure that even today, somewhere on earth, a bank will be targeted.

Fiat money, on top of that, can be copied and counterfeit money can be found in every single city.

That also applies to the biggest Blockchains like Bitcoin, Ethereum, Litecoin etc.

Doublespending in Bitcoin

The Consensus-model in Bitcoin relies on synchronicity, mining, and the block validation by the nodes in the network.

Theoretically a great and secure system.

But if attackers would get control over 51% of the hash-rate (majority attack), delivered by miners (image above), they can doublespend as they like, because:

 

“Since the attacker can generate blocks faster than the rest of the network, he can simply persevere with his private fork until it becomes longer than the branch built by the honest network, from whatever disadvantage.

No amount of confirmations can prevent this attack; however, waiting for confirmations does increase the aggregate resource cost of performing the attack, which could potentially make it unprofitable or delay it long enough for the circumstances to change or slower-acting synchronization methods to kick in.

Bitcoin’s security model relies on no single coalition of miners controlling 
more than half the mining power. A miner with more than 50% hash power is incentivized to reduce their mining power and reframe from attacking in order for their mining equipment and bitcoin income to retain its value.” (Bitcoin Wiki)

 

That means if a person would able to compromise these 5 mining-farms: AntPool, BTC.TOP, Bixin, BTCC Pool, F2Pool, it could generate blocks and validate them with an equivalent number of nodes.

Until then, the honest miners are urged to change the mining pool if the hash rate is too big. We entrust them with this decision, but the reality is that no one can be stopped from building the biggest mining-farm and take over if he has the resources.

I don’t say it’s easy, I just say it is possible. Yet, no one freaks out or hinders Bitcoin from rising in value.

Critical voices, however, are increasing, because this “centralization” is not in accordance with Satoshi Nakamoto’s idea of a decentralized system.

In my opinion, mining acts as a Damocles’s sword, because the incentive to earn money for the security won’t work forever, especially when the scaling issues increase even more. Let alone the transaction fees.

But at this point, I won’t talk about the other big problems like scalability due to rising difficulty and block-size, but let’s keep that in mind.

To sum up: there is no 100% guarantee that money can’t be lost, and there is no 100% secure system.

Before I make a statement about IOTA, let’s look at the basics.

IOTA

IOTA as a DLT also relies on synchronicity, proof of work for confirming transactions, a peer to peer, fully decentralized (later also distributed) network.

It’s targeting the Internet of Things, that has a few relevant differences in terms of network topology compared to the Internet. The former has mesh-net capabilities, that inherits some natural connection barriers and lots of different connection types.

These connections (image below) can be Bluetooth, Radio, GPS connection, 5G, TCP, FTP, HTTP, or even carrier-pidgeons with WLAN-repeater if that benefits the mesh-network.

Built on a directed acyclic graph, the Tangle,  IOTA has a few more differences to Blockchains and their field of application.

There is no mining, no difficulty, no blocks, no permanent hash-rate, no decoupled consensus.

Consensus lies solely at the users, that have to approve 2 other transactions before they can send one.

To set up a node, the system demand that you look for neighbor nodes via mutual tethering.

People that see the advantage of setting up a full node, instead of using a light node, are therefore bound to mutual tethering. They manually have to look for neighbors IP’s in order to become a part of the network.

Usually, people use the #nodesharing channel in the slack for mutual tethering.

Doublespending in IOTA

A doublespend is a successful attempt in winning the race (time) in confirming a transaction that uses the same balance that was promised to the original receiver but will be also sent to a second receiver to scam the former one.

While doing so, you pretend to complete a transaction, and it shows as confirmed in your wallet, but with time and the race about getting more weight, the transaction becomes invalid, in favor of the second transaction you did simultaneously.

That means, you could trade and receive the equivalent in value for your iotas of that doublespend transaction, but after a short time, you possess both: your own funds back plus the traded asset of your business partner.

This would also mean: IOTA doesn’t work, people never had 100% guarantee that they are in possession of their funds or of the traded assets they gave for iotas.

And as a result: IOTA would certainly fall in value, people and companies would lose trust and in the end, IOTA certainly would suffer from a lasting destroyed reputation.

This attack could be used in the common markets, to short IOTA and to perform a big doublespending, to make a big profit from the reaction of the markets.

A successful FUD attack. Is that so easy like a few self-claimed experts postulated?

No. Here is why:

What conditions have to be set up to attempt a successful doublespending?

  • Getting an “omnipresence in the tangle with “bad” nodes, formed as a sub tangle (or parasite chain).
    Your transactions need to be confirmed/referenced by these other nodes. The gained weight competes with the (older) weight in the main net.
  • At some point, this parasitic chain needs to be synchronized back with the main tangle to approve their confirmation.
  • Therefore, your transactions need more weight than transactions of already confirmed transactions in the main tangle.
    This attack needs to be conducted very fast. 

How can you achieve these conditions?

  • Mutual tethering: For this purposes, it can only work when you own a full node and you need to find a substantial number of neighbors manually per mutual tethering.
    Becoming an omnipresence with mutual tethering is almost impossible.
  • In coordinator times: get control over the coordinator.
    Is that possible? No. Except you are David Copperfield. It’s as realistic as finding an entry to Fort Knox. We know there is a way, but we don’t know where.
    If we leave out a few logical barriers and you would get control, the coordinator could be shut off in a second. Another node would act as the coordinator then, as long as we don’t have the Monte Carlo Random Walk algorithm integrated.
  • You have to find the transaction that you want to doublespend in time (before it is confirmed by the main net if you are looking for a specific one)
    Even with the tangle-explorer, you would need to execute your attempt in a matter of seconds before it gets confirmed.
    Since IOTA is getting faster, the more users are using it, the confirmation-timings of a few minutes as of today, are decreasing even more
  • You have to deal with the network topology (Mesh-network)
    A successful attack of any kind needs to overcome the natural barriers of different connections and connection types.
    That leads to an unknown variable, you cannot calculate your variable t as long as you don’t know every connection, latency, delay, and bandwidth.
    Since time is of the essence in a race attack, you have a factor x in your attack vector.
  • To increase the weight of your transaction, you need to perform proof of work.
    Even if you have hundreds of GPU’s, it takes time and costs money. PoW while trying to win a (time-sensitive) weight race it not the best condition from the beginning.

To get a deeper understanding of a double-spending attack:


Please read Winstons comment about that:

 

In blockchains, as we all know, the most well-known attack vector is the “51% attack”. Research has been done in the years since that theoretical attack was postulated, and it was actually found that it would only take 34% of network hashing power to carry out the attack. So right off the bat, there is a fundamental public misunderstanding of this attack vector (people think that it requires having the majority of the network hash rate when it actually only requires 34% of it). But the exact percentage is semantics anyway – let’s move to how this attack applies to IOTA.

As you continue in this article, you’ll notice that “34% attack” is not actually “34%* attack”.

The most crucial first step to understanding all of this is that IOTA mesh net topology. This differs greatly from all other blockchain protocols. Mutual tethering and the future of IoT connectivity are the factors that make IOTA a mesh net, which has some very implications for network security, the most important of which is how this topology strengthens network resiliency against the 34%* attack.

IOTA mesh net: Each full node only sees one tiny part of the Tangle – through their handful of neighbors. No one has a list of all IPs of all nodes.

Now, let’s address the 34%* attack in IOTA. Because blockchains are not in mesh nets, the 34% attack in blockchains just means that if you get enough hash power, you can successfully conduct the attack. Percentage of network hash rate is the only variable in the block chain 34% attack. However, in IOTA, there are THREE variables required for this attack.

1. X percentage of network hash rate
A sufficiently large portion of the network hashing rate (“X%” [any number]. We’ll establish the multivariate “gradient” concept later in this writeup): Just like in Bitcoin, the attacker would have to achieve a certain very large amount of network hashing power in order to overtake the network. But this is NOT the only variable in IOTA as you can see. There also isn’t an “all or nothing” network takeover in IOTA. This idea probably requires an entire article in and of itself, but suffice to say that 34%* attacks only take down layers of the Tangle, requiring an exponentially stronger 3 variable attack to propagate deeper and deeper into the Tangle.

2. Omnipresence
Seeing the entire network topology at once. “Having an overview of the network
To deploy attack resources properly and efficiently, an attack would need to get a broad overview of every full node connection in the Tangle. This is obviously impossible since every connection is kept private, and no entity is able to map the network.

3. Y percentage of omnipotence
Being paired with a certain % of all full nodes in the network.
Neighboring with a sufficiently large portion of the network (Y% omnipotence): The attacker must be able to push their massive amount of hashing power (X% of the network’s hash power) through the tangle _suddenly_ (a non-sudden attack is not an attack, so suddenness *is a sub-category of this 3rd requirement).

For example: An attacker needs X% of network hashing rate and is paired with Y% of all neighbors in the Tangle. It would greatly help to be able to have an overview of every connection in the network in order to optimize the attacker’s attack propagation, but this is impossible so it can be ignored henceforth.

Let’s say that X = 25% and Y = 15%: The attacker would bring down a small number of “edge nodes” (the nodes that the attacker is connected to). This is where the “gradient” concept comes into play. The combination of X and Y will determine what percentage of edge nodes are taken down in the attack, and thus the effectiveness of the attack. X can be 99%, but without sufficient Y, the attack can only bring down a very small percentage of edge nodes (around Y%!). The edge nodes and nodes surrounding some of those edge nodes would be overwhelmed with the attack and restart or just blacklist the attacker so that their nodes can become functional again. The low latency nature of a mesh net means that there is a gradient of attack that depends on X and Y.

Now let’s say that the attacker wants to propagate their attack deeper into the Tangle. X = 40% and Y = 20%: The attacker would bring down many more edge nodes and be able to propagate the attack deeper than the attacker in the first example above. The bigger/better the X & Y combination, the deeper the attacker can propagate the attack into the Tangle. This would theoretically require exponential increases in both hash power AND neighbor finding & maintenance to make marginal increases in Tangle attack depth, making the Tangle orders of magnitude more resilient to such attacks than the non-mesh net topology block chains.


What about accidental doublespendings, performed by users of the GUI?

The latest release 2.3.1 has a doublespending warning implemented, to warn users of the GUI not to spend the same value again:

Conclusion

 

People claim that IOTA is unsafe because there is a theoretical threat of a doublespend.

There is also a theoretical threat with Fiat money, with Bitcoin, Ethereum and every other asset in the world.

There is even a theoretical threat of getting killed by an asteroid in 25 minutes.

No system is 100% safe. “100% safe” is almost nothing in the scientific world, most of the time it’s about significance.
And IOTA is significantly safer than FIAT currency, and also significantly safer than blockchains, once the network is big enough to provide the Monte Carlo Random work tip selection.

Until then, the coordinator protects the network from 34% attacks.

To perform a successful majority attack, one had to overcome the impossibility of becoming an omnipresence in the tangle, per mutual tethering.

He also had to outperform the hash rate of the network, he had to win the weight race against the confirmations of the main network and he had to find a suitable transaction for a doublespending before it confirms.

The mesh-net characteristics would hinder him from getting access to every part of the network and furthermore, would increase his latency.

All these efforts for a system, that supports micro-transactions.

So if people want to send big amounts of money, they should use many small transactions instead of a big one.

Unlike Blockchains, with IOTA, this is possible.

 

I conclude that there is a tiny, statistically insignificant chance of falling prey to a doublespend.

In reality, there is none considering that it’s almost impossible to arrange the needed conditions.

 

I suspect that Blockchains have a bigger problem than IOTA once the miners have full control over a chain.

Up to this point, nobody was successful in attacking the tangle, in fact, the CTPS (confirmed transaction per second) were increased as an attacker tried to slow the network down in mid-June.

Thanks Winston, for your insights!

If you find an attack vector, please talk to the IOTA foundation and try to prove your point, otherwise be careful with FUD-connected claims: They are mostly wrong and aim for moving the price.

 

 

Have a nice week,

Limo


 

 

 

 

 

Pictures:
miners: https://bitcoinworldwide.com/mining/pools/
mesh-network: http://thembsgroup.co.uk
doublespend warnings: https://blog.iota.org/gui-wallet-release-v2-3-1-f84d1160845d
featured image: https://www.tcmworld.org/testimonial-fork-in-the-road/

 

Advertisment ad adsense adlogger