Header Criticism

This article is a translation of the German IOTA Beginner’s Guide by Schmucklos.

Criticism about IOTA

Note on all criticisms: One should keep in mind that IOTA is in alpha stage. There will still be a lot of development, programming work and a lot of time needed to realize the big version. As a source for these criticisms, I have picked up parts of a forum post by the user Roliok.

The answer to all the criticisms at this early stage, is also a question of one’s willingness to take risks. The higher the risk that the problems cannot be solved the higher the potential return if the problems can be solved. Once there is a finished end product, half the world will already be invested and the potential return will not be as high.

“IOTA does not scale that high and does not currently deliver compelling results.”

This criticism is completely correct. At the current time, the scaling is not yet at the desired level and for the lofty goal in a few years, this will not be enough. At this point in time, however, this performance is not needed yet either and it does not pose a problem, at least not today. The Tangle is still at the very beginning of its development. This will get bigger and also faster with increasing utilization.

IOTA promises unlimited scaling and ignores technical limitations.”

As an extension to the previous point of criticism – it’s also a case of statement against statement. At this point, it definitely doesn’t work yet, but again, only time can tell the final outcome.

“The “address re-use” problem prevents high scaling. The wallets have to check against a list before each transaction to see if the address has been used before and to avoid user errors.With the constant growth of the list, the search will take a longer time and the scalability will never become high.”

This is all a search algorithm issue. This will never be a problem even if we were to assign an IOTA address to every particle in the universe. We are talking about miliseconds in access times, no matter how long the list gets. If such a thing were a problem, you could have a coffee every time before a Google search result is returned.

Update Apr’20: With the introduction of the additional signature scheme Ed25519, previously used addresses can also be reused.

“IOTA doesn’t have a decent wallet.”

This criticism was correct. The new “Trinity” wallet has already been released and has turned out great. There will be more improvements here in the future, like a messenger service.

“IOTA has already been hacked and MIOTA worth about $4 million were stolen.”

This criticism is only partially correct. It was not IOTA itself that was hacked, but various users who used an online seed generator that stored the seed and forwarded it to the site owner. The latter then emptied various wallets with the stored seeds after a few months and captured IOTA worth around $4 million at the time.
Basically, this is a mere user error that has nothing to do with a possible security vulnerability of IOTA. Nevertheless, IOTA has responded by including a seed generator by default in the new Trinity Wallet.

Update Apr ’20: In spring 2020, the Trinity Wallet was compromised via the third-party module Moonpay (the protocol itself is fine). Tokens equivalent to about 2 million € were stolen from various wallets before the IF shut down the coordinator to stop the ongoing theft and secure users’ funds. As a result, the coordinator remained off for nearly four weeks. The Moonpay app was removed from Trinity.

According to the IF, this hack should not have happened in this way. The complete processing of the incident was communicated very transparently, and consequences were drawn immediately. A new senior developer with a focus on wallet security was hired and further security audits (possibly also external) became mandatory. David Sønstebø had initially announced to compensate all victims from his private assets, but then did not do so. This was one of the many reasons why he was dismissed on 10 Dec ’20 after a unanimous decision by the Executive Board and the Supervisory Board.

You can read a detailled report about what happened here.

“IOTA is centralized by the coordinator (also called COO).”

This is currently still a fact and completely true.

To mitigate the problem of a malicious attacker, the IF currently deploys a kind of shield called the Coordinator. The Coordinator acts as a centralized, voluntary, and temporary alternative consensus mechanism for the Tangle.

Importantly, while the coordinator confirms transactions, it cannot break the consensus rules, so it cannot create new tokens or simply steal existing ones.

This fixed rule is stored in each IRI node for the coordinator’s monitoring, so the coordinator’s influence on the Tangle is very limited.

A lot of work is being done to make the system work without the coordinator in a later phase (many more IRI nodes). Occasionally it was already offline in short phases and everything still worked correctly. The IF has published a 4 part blog article on how the coordinator could be turned off. You can find it here.

Update: Prof. Serguei Popov from the official podcast on 07/03/2019: Our main task, at the moment, is to get rid of the coordinator and we have already figured out how it works. It’s more or less clear that it will work with the current solutions we have on the table. In the process of exploring the current solution path, some new ideas have come up. These new ideas are currently being tested and incorporated if necessary. We are already on a very good path, so we will probably have a consensus algorithm very soon that will solve many problems.

Update: The plan to shut down the coordinator is in place, see roadmap.

“IOTA is dependent on bitcoin.”

This is fundamentally true and currently applies to every single cryptocurrency.

Since there are hardly any opportunities to buy altcoins in fiat currencies due to regulatory restrictions, most of the trading volume is generated via trading pairs with BTC. MIOTA is therefore 1:1 dependent on BTC – if BTC rises by 10%, MIOTA rises by 10% with it. If the BTC falls by 10%, MIOTA falls by 10%. At the moment, it is therefore impossible in certain phases to develop against the general BTC trend. Only during the sideways phases of Bitcoin MIOTA can develop independently and news have any effect at all.

In the future, however, this will play an increasingly smaller role, as more and more exchanges will offer fiat pairs. In this regard, some exchange heavyweights are in the starting blocks or have corresponding plans. Above a trading volume of about 75% in fiat currencies, you should feel almost no impact from BTC fluctuations.

“IOTA is not free of any fees at all.”

This argument is often made by the “hardcore” critics, as each transaction requires a small proof-of-work from the corresponding client, which, after all, theoretically incurs costs amounting to minimal fractional cents due to the electricity consumed. Formally, this is absolutely correct, but the argument completely misses the practical point. The corresponding device is already “on” and consumes electricity, regardless of whether a small calculation task is added or not. The fact is, if I send 0.00001 MIOTA, then exactly 0.00001 MIOTA will arrive at the recipient. So the definition of free of charge is fulfilled.

“IOTA will have trouble getting enough nodes on the network. Due to the fee-free status and the fact that all tokens already exist, there is no monetary incentive for operators of an “honest IRI node” (which are, after all, the pillars of the entire network) to operate it and, if necessary, to bear the server costs.”

The industry will probably provide solutions out of pure self-interest if it has real benefits from IOTA. This also applies to private users. Those who want to surf the Internet have a router at home.
Appropriate hardware can also ensure that various end-user devices or machines can act as nodes by default.
Swarmnodes could also solve the problem. Every smartphone or car could become a node.
This issue will definitely not be a problem at a later date.

Dispute with MIT Media Labs

The issue was that MIT Media Labs had discovered a supposed bug in IOTA’s hash function Curl-P. Here it is statement against statement, keyword “CFB, copy protection”. I do not want to go into it at all, because I can not really judge it either. On 12/20/2018, a new hash function called “Troika” was released. The hash function is tailored to the ternary platform of IOTA and designed for the requirements of the IoT. There is no date for the implementation yet, they want to wait for the feedback from the cryptography community first.

The arguments of MIT have been refuted in the meantime, however, the original criticisms are still gladly cited, which can definitely be stamped under “FUD” according to the current state of knowledge. Both parties have not covered themselves with glory in the public dispute, and the IOTA team has indicated that it needs a much better external presentation in terms of critical faculties and appropriate reactions. In the meantime, new people have been hired for communication so that we can expect improvement here.

Vulnerabilities in key generation

In December 2017, a case became known in which MIOTA with an equivalent value of about $30,000 was stolen from a user. As part of an investigation into the causes, vulnerabilities in the key generation of IOTA as well as the signature procedure became known, through which for a subset of all addresses (approximately 3%) a signature is already sufficient to calculate the entire private key. Under certain circumstances, these vulnerabilities made it possible to steal MIOTA from other people’s addresses without the owner’s intervention as soon as the owner initiated a transaction from them.

Due to changes in current versions of the IOTA software, these vulnerabilities are no longer exploitable, so we are back to the topic of software alpha phase, problem detected -> problem averted.

“IOTA can never succeed as a currency due to deflation.”

Basically, we are drilled into our heads back in our school days that deflation is a terrible bugbear and should be avoided at all costs. Nevertheless, I have the opinion that this issue will not be a problem for IOTA and will explain this in a bit more detail below, as this criticism or question comes up relatively often and is also not very easy to answer.

  • Deflation is always a danger or risk for an economy. But not for the currency itself – it can exist without problems even with a rising value. Cryptocurrencies are decentralized and recognized worldwide – so there is not even an underlying economy that is influenced by this or that can influence the respective cryptocurrency in a big way the other way around.

  • Premined tokens (like IOTA) are actually not a declining currency per se, but a static one. Only losses caused by human error (loss of the private key or transaction to a wrong address) will cause the stock of currency units to decrease. This will no longer play a role in the future, as we escape the alpha status and “idiot-proof” systems are developed that factually prevent such losses. The units that disappear then will be minimal and will no longer have any impact. So it is enough to have a static currency. At this point, perhaps a small leap of thought to cryptocurrencies with programmed inflation: depending on how strong the demand for a cryptocurrency is, the stronger the price increases. If this causes the price to rise more than currency inflation now (which will be quite realistic over the next few years), then these are also “deflationary currencies” for a (very) long period of time.

  • At some point, the majority of buyers of a (successful) cryptocurrency will “buy” it for daily use rather than as an investment. The ratio of “users” and “investors” will therefore gradually shift further and further in the direction of the users. Consequently, more and more coins will be thrown onto the market by investors as an opposite movement to rising prices in order to realize the profits. New investments are de facto hardly taken up, since a currency with a market capitalization of several trillion and a daily trading volume of several billion hardly offers any prospects for “noteworthy” returns. Here, almost all other forms of investment would then be better suited and investors turn away from IOTA. The time of actual use begins.

  • Due to the point just mentioned, the psychological attitude of cryptocurrency holders is also shifting. Deflation is basically just a psychological problem – people do not want to give away any advantage they might have in the future. For this reason, he puts off new investments and purchases because he will get more for his money in the future. However, since cryptocurrencies will in all likelihood not replace fiat currencies (on the contrary, these will quite certainly continue to form the basis for our “financial coexistence”) but only supplement them and possibly shift some of the payment transactions, this line of thought no longer plays a role in the “cryptocurrency replacement solution”. Currently, no one thinks about whether he waits half a year longer for the order from the U.S., because you might then get 1.24$ instead of 1.22$ for a euro. There will always be something else that will allow me to buy more with my money in the future than is currently the case.

  • Incidentally, this little game can also work today with an inflationary fiat currency with investments in government bonds, savings accounts, stocks, gold or even exotic things. The relationship at the end remains the same. The nominal price has not changed now in this case. Here, however, my existing money supply then increases until the purchase (that would be the interest effect), instead of me having a saving by the price decreasing (that would be the deflation effect). In the end, however, after buying the product in the future (after investing the money with interest), I have exactly the same amount of money left as I would have if the price had gone down (if I had just held the currency itself). Most people just don’t get that.

  • Deflation only becomes a problem when it hits the base currency itself. That is, the currency in which prices are quoted, in which my salary is paid, within which life takes place. I have my doubts that this base currency will be a cryptocurrency.

  • If I use cryptocurrency for the purpose of simplification and/or independence from centralized systems, I don’t want a monetary gain. I want to make a “time gain” or an “independence gain.” If simply no one cares that deflation exists, then everything still works as usual.

“IOTA does not deliver. No JINN, no Qubic and the ternary vision was also completely discarded.”

With the departure of CfB from the IF (among other things because of the lack of viable concepts), the IF has decided to put the great ternary vision on the sidelines for the time being.

Qubic with its computation model QCM (Qubic Computation Model) is primarily a ternary dataflow program and designed for ternary hardware, such as the ternary JINN processor. Its development was stopped for the time being towards the end of 2019. In addition, at the beginning of the year, the IF together with its partners decided to support binary hardware in the medium term and solve the current problems from the industry. Accordingly, the Core protocol must also be adapted in many places so that binary systems are also optimally supported. In the long term, all options for ternary hardware support are still open.

Many aspects from Qubic are nevertheless converted, just no longer with the original approach. Everything is now adapted to the new orientation. The implementation of smart contracts, outsourced computations and Oracles is still targeted. I’m always surprised that no one understood Qubic before and now everyone cries out just because Q is put on ice. Q is now open source, all data and the PoC for a second layer application have been published and can be further developed.

Original source