Leaked emails between IOTA developers and researchers have landed the cryptocurrency in hot water.
Nerd fights are the the background radiation of the cryptocurrency universe, but occasionally a beef becomes so acrimonious that it bubbles over in public. A recent spat between famous cryptographers and a digital currency called IOTA was one such beef.
For example, security researcher Nicholas Weaver from UC Berkeley wrote that the IOTA team were “drooling idiots” in a tweet on Sunday, and Johns Hopkins cryptography professor Matthew Green tweeted that people should “avoid the IOTA project—with your brains and your money.”
But wait, you may be asking, what is IOTA and why are a bunch of really smart people very mad about it?
IOTA is a cryptocurrency that’s been around since 2014 and is designed for micro-transactions between machines in the Internet of Things. IOTA is the tenth-largest cryptocurrency with a roughly $5 billion market cap. It doesn’t use a standard blockchain like most cryptocurrencies, but instead uses a Directed Acylic Graph (DAG) it calls “the Tangle” among other attempts at innovation. For example, IOTA infamously used an in-house algorithm called Curl instead of the well-studied algorithms that underprin other digital coins.
Last July, Ethan Heilman, a Boston University researcher affiliated with MIT’s Digital Currency Initiative, informed the IOTA team in an email that he and his colleagues at MIT had discovered “serious cryptographic weaknesses” with the current implementation of Curl in IOTA. (IOTA says it reached out to the DCI team months earlier.) After disclosure, the IOTA team disputed the vulnerabilities’ existence. This is all pretty much in the public domain already; Heilman and his colleagues (including Neha Narula at MIT) published their work in September, and ahead of the vulnerability disclosure in August IOTA changed their algorithm from Curl to the well-documented Keccak algorithm.
Emails between the IOTA team and Heilman and Narula were leaked to the IOTA-focused blog The Tangler over the weekend, and reveal that the initial July email from Heilman resulted in a correspondence that stretched into September between DCI researchers and IOTA developers. It got ugly.
In July, Heilman and the DCI researchers disclosed an alleged vulnerability in Curl that, they said, would effectively let anyone forge IOTA transactions. The IOTA developers wrote back that the researchers had misunderstood Curl, saying, for example, that the possibility of finding cryptographic collisions—the point at which a cryptographic function is generally considered broken—was intentional. According to IOTA cofounder Sergey Ivancheglo, the “practical attack” demonstrated by the DCI researchers only works in a limited number of improbable situations that would affect a negligible number of IOTA users, mostly thanks to a closed-source and centralized solution called the “Coordinator” that helps secure the network. Because the Coordinator is closed-source, Heilman and the MIT researchers couldn’t account for its effect on their attacks. The IOTA team also complained that the flaws identified in Curl by the DCI team were actually “anti-scam copycat mechanisms” in case someone tried to steal IOTA’s code, somehow.
The emails reveal that the teams failed to arrive at a consensus regarding the nature or reality of the vulnerabilities in Curl. Eventually, the conversation degenerated to insults. IOTA co-founder David Sønstebø accused Heilman of “pushing this for his own gain,” asked Narula if she was sober, and wondered “what kind of academic rushes to the press before peer review?” Narula wrote on August 5, “If anyone personally insults a member of my team, we will have to cease communication.”