The IOTA network is a distributed ledger that’s designed to support the machine economy. It uses a new cryptographic hash function, Curl, that has no known vulnerabilities and aims to be less vulnerable to quantum computing. Its transactional data structure and settlement logic have also been overhauled to provide faster settlement and lower fees for microtransactions and micropayments than traditional blockchains.
While IOTA is architecturally different from most cryptocurrencies, it doesn’t mean it’s better or worse. It just means it has different strengths and weaknesses.
This post reviews IOTA’s architecture from theory to implementation. It starts with an overview of the technology stack and highlights several architectural decisions that make IOTA unique. Then it analyzes the architecture in more detail by reviewing each component in the stack, starting with Curl, then going through how transactions are generated and validated by node software, how transactions are stored in a distributed ledger, consensus logic, and finally how nodes handle events like syncing with the network.
I hope this post will help you understand what makes IOTA different from other cryptocurrencies as well as its strengths and weaknesses so you can make an informed decision about whether it’s worth investing time or money into exploring further.
In this article I will be performing an architectural review of the cryptocurrency IOTA. The architecture of a system is the structure or structures of a system, which comprise software elements, the externally visible properties of those elements, and the relationships among them. An architecture description is a formal description and representation of a system, organized in a way that supports reasoning about the structures and behaviors of the system.
Architectural reviews are conducted on systems to identify potential risks early in the development lifecycle, to avoid costly rework, and to reduce risk exposure while developing the system. While many architectural reviews are performed by architects who developed or specified the architecture, having an independent reviewer can often be beneficial as well.
IOTA has been under fire for some time due to several cracks in its security model. As such it seems fitting to perform an independent analysis on IOTA so as to ensure that it was designed with security in mind. For more information regarding why IOTA came under fire see this article.
In this post, I’m going to review the architecture of a cryptocurrency called IOTA. I’ll start from first principles, and then we’ll dive into the implementation details.
This post is an overview of the architecture rather than a deep technical analysis. It’s intended to be accessible to anyone with a basic understanding of how cryptocurrencies work, but not necessarily all the details about their inner workings. If you’re interested in the latter, you can find them in my previous posts on blockchain technology and cryptocurrencies:
IOTA validates transactions by having nodes validate two consecutive transactions at a time. These two transactions are chosen randomly by a node. The node broadcasts its choice to other nodes in the network and waits for other nodes to agree that these are valid choices. Once enough nodes have responded with agreement, validation begins.
The goal of validation is to produce something called a “Directed Acyclic Graph” (DAG). A DAG is essentially an upside-down tree structure where each node points directly to its parent nodes and indirectly to its ancestor nodes through those parent nodes. In IOTA, this tree structure is built sequentially as follows:
IOTA is a cryptocurrency designed for the Internet of Things (IoT). To this end, it adopts a new ledger architecture called the Tangle which rejects blockchain in favour of a DAG (Directed Acyclic Graph). IOTA is dominated by three organisations, the IOTA Foundation, DCI and Innogy.
In the following sections I will review the architecture of IOTA with respect to its design goals and its utility as an IoT cryptocurrency.
IOTA is a cryptocurrency aiming to support the growing machine-to-machine economy by providing feeless transactions and data integrity for machines.
IOTA’s primary innovation is a new cryptographic primitive called the Tangle. It is a directed acyclic graph (DAG), similar to a blockchain, but without blocks or miners. Instead, every transaction itself participates in the consensus process.
This frees IOTA from some of the limitations inherent in blockchain-based cryptocurrencies: no miners (so no transaction fees), high scalability, and sublinear complexity with network size (so it feels less like a lottery when trying to confirm transactions).
IOTA is an interesting and important project, but I would not recommend using it in its current form. The design is flawed at a fundamental level with many of the issues arising from the decision to construct an entirely new cryptographic primitive.
IOTA has been marketed very aggressively as a solution for Internet-of-Things systems. My impression is that this marketing has come at the expense of more rigorous analysis of the system’s security properties.
IOTA is a relatively new cryptocurrency (launched June 2016) with an underlying architecture that differs from other cryptocurrencies like Bitcoin and Ethereum, which are based on a blockchain data structure. IOTA is based on a DAG (directed acyclic graph) called Tangle. It is designed to be used for Machine-to-Machine (M2M) transactions between IoT devices.
The following review is written in the form of a series of questions that you might have about IOTA. Some of these questions will apply to other cryptocurrencies as well.
What does it take to create a new cryptocurrency?