As you can see, as new transactions (1 through 7) were added to the Tangle, two branches formed as a result of the conflict caused by the double spend, but the top branch was more favored than the bottom branch. At some point, as the top branch gains in cumulative weight, legitimate nodes using the MCMC tip-selection algorithm will not select tip 7 to confirm. As a result, transactions t, y, 6 and 7 will never become fully confirmed.

The IOTA network incentivizes the propagation of transactions. Each issuer (node) maintains certain statistics, such as how many new transactions it has received from its neighbor. If a neighbor is lazy, it will be dropped. The IOTA team likes to highlight the fact that IOTA is ideal for trading (particular in an IoT environment), because there are no transaction fees, and the network ostensibly offers faster approval times than others. Furthermore, IOTA’s use of Winternitz one-time signatures makes the Tangle resistant to attacks involving a quantum computer.

Simulation

See a simulation of the Tangle

The IOTA team recently published an illustrated introduction to the Tangle. See part 1, part 2 and part 3.

Entities

The IOTA team have created several entities which are briefly mentioned in this section: namely, the IOTA Foundation, the IOTA Data Marketplace, and the IOTA Ecosystem. The IOTA Foundation was officially incorporated in Berlin on November 3, 2017, whereupon it became the first fully regulated, not-for-profit foundation in Germany to be capitalized with a cryptocurrency (IOTA tokens). The IOTA Data Marketplace represents a use case for IOTA that makes it possible to securely store, sell and access data streams. It is currently open for public testing and runs in real time on the IOTA test network. In February 2018, IOTA announced their plans for the IOTA Ecosystem. Due to launch in March, the Ecosystem will serve as a Foundation-led platform and community for developers, startups and hobbyists to share, learn, develop and collaborate on decentralized systems and distributed projects. The IOTA community subsequently donated 20 TI (tera-IOTA) to a fund intended to develop the Ecosystem.

Masked Authenticated Messaging

Last November, IOTA announced Masked Authenticated Messaging (MAM), a second-layer data communication protocol that is currently an experimental module and under peer review. MAM makes it possible to send and receive encrypted data streams over the Tangle. MAM uses a Merkle-tree-based signature, and is described in some depth by IOTA engineer Paul Handy here. For additional information, check out this IOTA Japanese Fan Site deep dive into MAM.

Areas of Concern

This portion of the document summarizes some of the areas of concern that exist within the IOTA community and broader blockchain community. It is up to readers to make their own determinations about the level of concern each topic warrants. Some of these issues are very contentious, while some may become less contentious as the IOTA team is able to publish and run more simulations.

The Controller and Milestones

The Tangle today has a special address called the Coordinator (or “coo,” as the IOTA team affectionately call it). It is controlled by the IOTA Foundation, and it issues transactions called milestones at specific intervals of time. If an existing transaction is approved directly or indirectly by the milestone transaction, then it is automatically treated as confirmed. Additionally, the code for the Coordinator is not open source, so it has not been “peer reviewed” by the community for vulnerabilities. The IOTA team state that they intend to open-source the Coordinator in the near future.

In October, the Coordinator was taken offline temporarily after an unplanned shutdown to protect users from an ongoing attack on the network. When the Coordinator was relaunched, some IOTA users found their token balance was zero and had to go through a claims process to recover their funds.

Opinion: Basically, this means that you should take the whole discussion above about cumulative weight, tip selection and gradual orphaning of conflicting branches with a grain of salt, because it has not been proven in the wild. Instead, the Coordinator’s milestone transaction determines whether a transaction is “fully” confirmed and prunes orphaned branches from the Tangle by issuing snapshots. The IOTA Foundation said it is only using the Coordinator until the network is strong enough to sustain a large-scale attack, but this arguably means that the Tangle is centralized at the moment, and can be (and has been) brought down if the Coordinator is brought down.

Ternary: Hardware Support and Beyond

Once it is mature enough, IOTA intends to return to its trinary hashing function, Curl, in order to make the Tangle resistant to quantum computing. This means that a ternary Curl Hasher (to support IOTA’s Curl) would have to become a standard component in CPUs deployed in IoT environments. Otherwise, IOTA would have to convert binary into ternary in software, which is inefficient and prevents IOTA from benefiting from existing security tools that are designed with binary in mind. Finally, ternary poses a barrier to entry for engineers who are more comfortable and confident working in binary.

Transaction Size

Transactions in IOTA are each 10KB (while transactions in Bitcoin are on average 600B). The large size of these transactions raises questions about the technology’s suitability for IoT devices with limited storage.

Number of Tips

As previously mentioned, the success of the tip-selection algorithm determines the success of the Tangle. IOTA’s Markov Chain Monte Carlo (MCMC) tip-selection algorithm is supposed to incentivize issuers (nodes) to use the preferred algorithm, ensure that the majority of unconfirmed tips (transactions) are confirmed in a timely and fair manner and be resilient against attack vectors.

Because there is no way to force issuers (nodes) to use the recommended MCMC tip-selection algorithm, there is a concern that selfish issuers (nodes) might use a different, greedy tip-selection algorithm that could result in a narrow Tangle, as shown below. This narrow chain would render IOTA ineffective as a distributed ledger, since many sub-chains of transactions would be orphaned and left unconfirmed.