User:Rbreakle/sandbox

IOTA is an open-source distributed ledger and cryptocurrency designed for the Internet of things (IoT). It uses a directed acyclic graph to store transactions on its ledger, motivated by a potentially higher scalability over blockchain based distributed ledgers. IOTA does not use miners to validate transactions, instead, nodes that issue new transactions approve two previous transactions. Transactions can therefore be issued without fees, facilitating microtransactions. The network currently achieves consensus through a coordinator node, operated by the IOTA foundation. As the coordinator is a single point of failure, the network is currently centralized.

IOTA has been criticized due to its unusual design, of which it is unclear whether it will work in practice. Acknowledging poor technical decisions in its initial implementation, IOTA has been rewritten from the ground up for a network update that launched on 28 april 2021. Controversial decisions as a ternary encoding and quantum proof cryptography were left behind and replaced with established standards.

History
The value transfer protocol IOTA, named after the smallest letter of the greek alphabet, i was created in 2015 by David Sønstebø, Dominik Schiener, Sergey Ivancheglo, and Serguei Popov. Initial development was funded by an online public crowdsale, with the participants buying the IOTA value token with other digital currencies. Approximately 1300 BTC were raised, corresponding to approximately 500,000 USD at that time, and the total token supply was distributed pro-rata over the initial investors. The IOTA network went live in 2016.

IOTA foundation
In 2017, early IOTA token investors donated 5% of the total token supply for continued development and to endow what later became the IOTA foundation. In 2018, the IOTA Foundation was chartered as a Stiftung in Berlin, with the goal to assist in the research and development, education and standardisation of IOTA technology. The IOTA foundation is a board member of International Association for Trusted Blockchain Applications (INATBA), and founding member of the trusted-IoT alliance and mobility open blockchain initiative (MOBI), to promote blockchain and distributed ledgers in regulatory approaches, the IoT ecosystem and mobility.

Following a dispute between IOTA founders David Sønstebø and Sergey Ivancheglo, Ivancheglo resigned from the board of directors on 23 june 2019. On 10 december 2020 the IOTA Foundation Board of Directors and Supervisory Board announced that the Foundation officially parted ways with David Sønstebø

DCI vulnerability disclosure
On 8 September 2017, researchers Ethan Heilman from Boston University and Neha Nerula et al. from MIT's Digital Currency Initiative (DCI) reported on potential security flaws with IOTA's Curl-P-27 hash function. The IOTA foundation received considerable backlash in their handling of the incident. FT Alphaville reported legal posturing by an IOTA Founder against a security researcher for his involvement in the DCI report, as well as instances of aggressive language levelled against a Forbes contributor and other unnamed journalists covering the DCI report. The Center for Blockchain Technologies at the University College London severed ties with the IOTA Foundation due to legal threats against security researchers involved in the report.

Attacks
As a speculative blockchain and cryptocurrency-related technology, IOTA has been the target of phishing, scamming, and hacking attempts, which resulted in the thefts of user tokens and extended periods of downtime. On Januari 2018 more than 10 million USD worth of IOTA tokens were stolen from users that used a malicious online seed-creator, a password that protects their ownership of IOTA tokens. The seed-generator scam was the largest fraud in IOTA history to date, with over 85 victims. In Januari 2019, the UK and German law enforcement agencies arrested a 36-year old man from Oxford, England believed to be behind the theft.

On 26 November 2019 a hacker discovered a vulnerability in a third party payment service integrated in the mobile and desktop wallet managed by the IOTA foundation. The attacker compromised over 50 IOTA seeds, resulting in the theft of approximately 2 Million USD worth in IOTA tokens. After receiving reports that hackers were stealing funds from user wallets, the IOTA Foundation shut down the coordinator on 12 February 2020. This had the side-effect of effectively shutting down the entire IOTA cryptocurrency. Users at-risk were given seven days to migrate their potentially compromised seed to a new seed, until 7 March 2020. The coordinator was restarted on 10 March 2020.

IOTA 1.5 (Chrysalis) and IOTA 2.0 (Coordicide)
The IOTA network is currently centralized, a transaction on the network is considered valid if and only if it is referenced by a milestone issued by a node operated by the IOTA foundation called the coordinator. In 2019 the IOTA Foundation announced that it would like to operate the network without a coordinator in the future, using a two-stage network update, termed Chrysalis for IOTA 1.5 and Coordicide for IOTA 2.0. The Chrysalis update went live on 28 april 2021, and removed its controversial design choices such as ternary encoding and Winternitz one-time signatures, to create an enterprise-ready blockchain solution. In parallel Coordicide is developed, to create a distributed network that no longer relies on the coordinator for consensus. A testnet of Coordicide was deployed late 2020, with the aim of releasing a final version in 2021.

The Tangle
The Tangle is the moniker used to describe IOTAs directed acyclic graph (DAG) transaction settlement and data integrity layer. It is structured as a string of individual transactions that are interlinked to each other and stored through a network of node participants. The Tangle does not have miners validating transactions, rather, network participants are jointly responsible for transaction validation, and must confirm two transactions already submitted to the network for every one transaction they issue. Transactions can therefore be issued to the network at no cost, facilitating micropayments. To avoid spam, every transaction requires computational resources based on Proof of Work (PoW) algorithms, to find the answer to a simple cryptographic puzzle.

IOTA supports both value and data transfers. A second layer protocol provides encryption and authentication of messages, or data streams, transmitted and stored on the Tangle as zero-value transactions. Each message holds a reference to the address of a follow-up message, connecting the messages in a data stream, and providing forward secrecy. Authorised parties with the correct decryption key can therefore only follow a datastream from their point of entry. When the owner of the data stream wants to revoke access, it can change the decryption key when publishing a new message. This provides the owner granular controls over the way in which data is exchanged to authorised parties.

IOTA token
The IOTA token is a unit of value in the IOTA network. There is a fixed supply of 2,779,530,283,277,761 iota tokens in circulation on the IOTA network. IOTA tokens are stored in IOTA wallets protected by an 81-character seed, similar to a password. To access and spend the tokens, IOTA provides a cryptocurrency wallet. A hardware wallet can be used to keep credentials offline while facilitating transactions.

Coordinator node
IOTA currently requires a majority of honest actors to prevent network attacks. However, as the concept of mining does not exist on the IOTA network, it is unlikely that this requirement will always be met. Therefore, consensus is currently obtained through referencing of transactions issued by a special node operated by the IOTA foundation, called the coordinator. The coordinator issues zero value transactions at given time intervals, called milestones. Any transaction, directly or indirectly, referenced by such a milestone is considered valid by the nodes in the network. The coordinator is an authority operated by the IOTA foundation and as such single point of failure for the IOTA network, which makes the network centralized.

Markets
IOTA is traded on digital currency exchanges such as Bitfinex, and listed under the MIOTA (megaIOTA or units of 1,000,000 IOTA) ticker symbol. Like other digital currencies, IOTA’s token value has soared and fallen.

Applications and testbeds
Proof-of-concepts building on IOTA technology are being developed in the automotive and IoT industry by corporates as Jaguar Land Rover, STMicroelectronics and Bosch. IOTA is a participant in smart city testbeds, to establish digital identity, waste management and local trade of energy. In project Alvarium, formed under the Linux Foundation, IOTA is used as an immutable storage and validation mechanism. The privacy centered search engine Xain uses IOTA as a trust anchor for its aggregated AI model.

On 11 February 2020, the Eclipse Foundation and IOTA Foundation jointly launched the Tangle EE (Enterprise Edition) Working Group. Tangle EE is aimed at enterprise users that can take IOTA technology and enable larger organizations to build applications on top of the project, where the Eclipse Foundation will provide a vendor-neutral governance framework.

Announcements of partners were initially critically received. In 2017, IOTA released the data marketplace, a pilot for a market where connected sensors or devices can store, sell or purchase data. The data marketplace was received critically by the cryptocurrency community over the extent of the involvement of the participants of the data marketplace, suggesting that "the IOTA Foundation was actively asking publications to use Microsoft’s name following the data marketplace announcement.". Izabelle Kaminska criticized a Jaguar press release: "our interpretation is that it's very unlikely Jaguar will be bringing a smart-wallet-enabled marketplace any time soon."

Criticism
IOTA promises to achieve the same benefits that blockchain-based DLTs bring - decentralization, distribution, immutability and trust - but remove the downsides of wasted resources associated with mining as well as transaction costs. However, its design is unusual and unclear whether to work in practice.

The security of IOTA's consensus mechanism against double-spending attacks is unclear, as long as the network is immature. Essentially, in the IoT, with heterogeneous devices having varying levels of low computational power, sufficiently strong computational resources will render the tangle insecure. This is a problem in traditional proof-of-work blockchains as well, however, they provide a much greater degree of security through higher fault tolerance and transaction fees. At the beginning, when there is a lower number of participants and incoming transactions, a central coordinator is needed to prevent an attack on the IOTA tangle.

Critics have opposed role of the coordinator for being the single source of consensus in the IOTA network. Polychain Capital founder Carlson-Wee, says "IOTA is not decentralized, even though IOTA makes that claim, because it has a central "coordinator node" that the network needs to operate. If a regulator or a hacker shut down the coordinator node, the network would go down." During the Trinity attack incident, the IOTA foundation shutdown the coordinator to prevent further thefts, thereby demonstrating that the network is not decentralized in its current state. In October 2017, a vulnerability was discovered that put the IOTA tokens of certain users at risk by partially revealing the private key specific addresses. After patching the vulnerability, the IOTA foundation transferred potentially compromised funds to addresses under its control, providing a process for users to later apply to the IOTA Foundation in order to reclaim their funds

IOTA has seen several network outages as a result of bugs in the coordinator as well as DDoS attacks. During the seed generator scam, a DDoS network attack was abused leaving initial thefts undetected.

Last year the IOTA Foundation announced that it would like to operate the network without a coordinator in the future, but implementation of this is still in an early development phase.