IOTA’s side tangle tangled entire IOTA network

in #iota7 years ago

Three days after my previous post 1) on IOTA's side tangle (parasite tangle according to Tangle white papper) cryptocurrency exchanges again halt deposit and withdrawal from IOTA's wallets claiming that side Tangle issues were not resolved..

As I mentioned at my previous posting IOTA uses new consensus algorithm Tange different from other blockchain based coins. Tangle is based on DAG(Directed Acyclic Graph) that is also used for Hashgraph, Raiblocks, DagCoin and Byteball. However IOTA is not exactly solely based on DAG.

IOTA is based on Tangle which is based on DAG but modified to support faster and reliable consensus for their transaction confirmation. Tangle is basically the proof of work consensus algorithm for previous two transactions for the current transaction. The approval of these previous two transactions dramatically reduces the workload of IOTA’s proof of work compared to that of Bitcoin.

Compared to the linearity of Bitcoin blockchain IOTA’s tangle is exponential and means bitcoin’s blockchain addition IOTA’s Tangle multiplication. The more IOTA has its users the faster the transaction confirmation speed increases. This is actually genius except that it has never been applied before.

Some cryptocurrency exchanges made another ban on the deposit and withdrawal of IOTA wallets. This time the situation is even more grave than having side tangle. Due to side tangle increasing and trying to become main tangle all transaction of IOTA has been stopped.2) on July 6th.

“Currently the confirmed transaction ratio in iota is practically 0 because someone is stitching the side tangle to the main tangle and this apparently breaks regular nodes ability to select tips…”

A researcher of Open Privacy - A Canadian non-profit society dedicated to researching & building privacy enhancing tools that empower people & marginalized communities said in the article.

Source:

When you try to apply totally new technology you must have had thorough testing and verification process before it goes to live. SegWit of bitcoin has done this and many other cryptocurrencies work on same thing such as Plasma, Lightning Network and others.

The name tangle itself does not give us that much positive impression. What kind of name is the tangle for critical consensus mechanism? Tangle is the verb when you say,

“I tangled my foodstep and fallen into a ditch”

The most critical issue of tangle is however not the name it is they way IOTA developers applied the DAG into tangle. Tangle only verifies two previous transactions at any given time and this makes Tangle really fast in transaction confirmation. The question is that does two previous transaction verification is enough to prevent any adversary?

Why IOTA development team designed and implemented a coordinator as a mitigator to the ‘tip selection’ situation? Doesn’t this mean IOTA face more than expected Tip Selection situation they have anticipated when they design Tangle? This could be why the coordinator were designed and implemented at first.

After reading the recent tip selection algorithm change notice IOTA development team announced 3) just before this side tangle issues happen I became more confused than before because it says that the development team changed the Tip Selection algorithm from simplified weight algorithm to cumulative weight one for their transaction calculation. The original IOTA white paper said so but IOTA development team applied at first simplified weight algorithm instead of cumulative weight algorithm, but why? It is actually answered at the Tangle white paper.4) The white paper says that with cumulative weight transaction calculation there were high possibility that Tangle might have had hacked at the beginning of Tangle network and that’s why they applied simplified weight calculation for transaction and employed coordinator.

Other more critical improvement on tip selection of Tangle is that they make random walker which takes the path of tangle randomly avoid invalid transaction instead of rolling back to previously known safe valid transaction in their past path. But I guess avoiding something could can cause some issue later.

The unconfirmed leftover invalid transaction might have caused the side tangle we have here now. Imagine a hacker exploits this invalid transaction with his or her own side tangle. As the number of invalid leftover transaction increases the vulnerability to hackers would multiplies as well.

Before this improvement the random walker who creates the path of Tangle halts with invalid transaction and prone to make blowballs which are chunks of transactions pointing to a single specific transaction. This often prevents further growth of Tangle network. Consider this blowball as a DoS(Denial of Service) attack on Tangle just like they have at blockchain based coins for your quick understanding.

Blowballs occur when a large number of transactions reference a single specific transaction, which typically turns out to be a milestone. This prevents the Tangle from growing organically, by “trapping” incoming transactions inside of the blowball.

Source: https://blog.iota.org/new-tip-selection-algorithm-in-iri-1-5-0-61294c1df6f1

Make things more clearly I simplified here what happened to this new tip selection algorithm titled IRI 1.5.0.

The IRI 1.5.0 has changed fundamental logical ground of IOTA’s Tangle when it faces the side tangle and how they overcome it according to IOTA development team’s blog on this.3) Many developers have had not been fully understood what they have done including the development team which brought this change.

From bitcoin blockchain we already know that from time to time forks can happen with adversaries in case of 51% attack however the way Bitcoin blockchain handles this situation is crystal clear however little is known about how IOTA Tangle deals the situations like this.

The secrecy IOTA employed to their Tangle is clearly risk to all IOTA users and this needs to be addressed before everything else.

A lot of people does not still understand how IOTA’s Tip Selection works and how Tangle deals with side tangle. Even IOTA’s detailed document on this 4) does not have actual source code of the algorithm. Most of this feature is still secret that IOTA does not want to reveal to public and seems to be the cause of IOTA’s tangling.

With the change of transaction calculation from simplified weight to more computing consuming cumulative Tangle supposed to be slowed down however IOTA users find it is OK5) then what caused this? This might have be caused by random walkers avoiding invalid transaction. Before this Tip Selection algorithm change invalid transaction was instantly nullyfied by rolling back to known safe valid transaction the algorithm used to have but now the algorithm ignores it and removes it from the list of approvers. This might make a lot of invalid transactions in limbo until they gets destroyed by something. Does IOTA have that something?

With a lot of invalid transactions simply avoided by random walker algorithm hackers can exploit the vulnerability of these transactions by making a lot of sidetangle or parasite chains.

My thought happened to tangle around here.

FYI, the justification of Tip Selection is described well in Tangle white paper and I have here the extrait of it.

In other words, the input flow of “honest" transactions should be large compared to the attacker's computational power. Otherwise, the estimate (12) would be useless. This indicates the need for additional security measures, such as checkpoints, during the early days of a tangle-based system.

When choosing a strategy for deciding which one of two conflicting transactions is valid, one has to be careful when using cumulative weight as a decision metric. This is due to the fact that cumulative weight can be subject to an attack similar to the one described in Section 4.1, namely the attacker may prepare a double spending transaction well in advance, build a secret subtangle referencing it, and then broadcast that subtangle after the merchant accepts the legitimate transaction. A better method for deciding between two conflicting transactions might be the one described in the next section: run the tip selection algorithm and see which of the two transactions is indirectly approved by the selected tip.

  1. https://steemit.com/iota/@cryptovader/iota-s-burden-of-unproven-technology
  2. https://www.trustnodes.com/2018/07/09/iota-bug-brings-network-nodes-problem-unsolved
  3. https://blog.iota.org/new-tip-selection-algorithm-in-iri-1-5-0-61294c1df6f1
  4. https://blog.iota.org/on-the-tangle-white-papers-proofs-airplanes-and-local-modifiers-44683aff8fea
  5. https://hackmd.io/s/Skow-8Hb7#
Sort:  

WARNING - The message you received from @tatausahamb is a CONFIRMED SCAM!
DO NOT FOLLOW any instruction and DO NOT CLICK on any link in the comment!

For more information about this scam, read this post:
https://steemit.com/steemit/@arcange/phishing-site-reported-autosteemer-dot-com
https://steemit.com/steemit/@arcange/phishing-site-reported-autosteemer-dot-club
https://steemit.com/steemit/@arcange/phishing-site-reported-autosteem-dot-info

If you find my work to protect you and the community valuable, please consider to upvote this warning or to vote for my witness.

Get free votes! toolsfree[DOT]info/votes