In what could prove a finale to the IOTA debate, a UCL representative, Patrick McCorry, has tweeted: “This is a pretty important message from UCL. I hope other universities swiftly follow suit,” above a snapshot of a UCL disclaimer, which distances the institution from IOTA.
IOTA Appears a Utopian Dream
The statement also criticizes IOTA for its alarming reactions to external criticisms. McCorry is a cryptocurrency researcher at UCL and was also the first person to be granted a Ph.D. in cryptocurrency in the UK.
After researchers from the Digital Currency Initiative at MIT pointed to vulnerabilities in the IOTA project’s code, the staff of around 150 have lanced disjointed statements when addressing criticisms at times.The storm building around IOTA’s technology started in September 2017, and now that academic institutions are digging in their heels on the back of the company’s appalling legal threats against those who pointed out the flaws, it seems the outfit has cemented its pariah status.
The MIT crew studied Curl-P hash function to access data within the IOTA system, a significant cryptographic failing, as cryptographers avoid winging it in the sacred space, rather sticking strictly to established security protocols that work. IOTA shot back, saying the construct was intentional and put in place to inhibit users from pinching and copying their open source software. Every commentator, however, has pointed out how this is illogical, as open source is by nature free to use.
A John Hopkins cryptography professor, Matthew Green, recently tweeted that “The IOTA developers haven’t been able to explain to me why they think their insecure hash function is safe.”
The current escalation and looming ruckus stem from IOTA’s current actions against one of the academics who originally identified weaknesses in the system. Ethan Heilman is a Boston University researcher, currently being threatened with legal action for daring to challenge IOTA on their shortcomings.
The whole affair is anathema to the developer community, geared as it is towards an ethos of collaboration to mutual best effect. The IOTA co-founder Sergei Ivancheglo tweeted earlier this year, referring to Heilman, “He should be scared, there are lawyers working on that already.” Nothing of such a bizarre nature has emerged from the project development space to date, and the threatening tone has shocked UCL.
Flaws persist while IOTA signs big names
Tangle has always been presented as the sleekest and most dazzling technology, doing away with centralization as all blockchains do. The Tangle protocol, however, is optimized to eliminate transaction backlogs and other scaling issues, high fees or any fees for that matter, the whole mining necessity and, importantly, the vast amount of energy consumed by the mining community.
David Sonstebo, another IOTA co-founder, previously told Coindesk that “The obvious thing is that [IOTA] is the first project that went beyond blockchain. Got rid of miners. In the process we solved the main pain points of transactions – no fees.”
Researchers point out that if a resolution comes at the cost of security, it’s no resolution at all. This hasn’t stopped IOTA from signing up Taipei City, Taiwan, Bosch, Volkswagen and other big names as clients.
Now that the security holes in IOTA’s architecture are known, commentators are wondering whether the company’s current distasteful pursuit of researchers and other system analysts will spell its ultimate doom. If that comes about, the investors who have made IOTA’s $5.4 billion market cap a reality might be left very short.
Although IOTA is rolling out its Trinity wallet and other initiatives to present as a comprehensive package with all the answers, the security loopholes remain unaddressed and, as long as researchers remain under threat of legal action for noting their experiences, the company’s real woes may only just be starting.