On February 12th of this year, the IOTA Foundation announced that their Trinity wallet was attacked via Moonpay, a third-party integration, which caused the loss of 8.55 Ti ($2M) from 50 users. As a result, they shut down the network for almost an entire month before getting it back online.
Unlike Bitcoin and most other cryptocurrencies, IOTA uses “the tangle” which leverages the power of a Directed Acyclic Graph (DAG) as opposed to a blockchain. The Tangle supposedly allows for higher throughput as well as no fees which makes it ideal for supply chain applications.
The IOTA Foundation was eager to launch their newest product, the Trinity wallet. The latter was allegedly a huge step forward in terms of security. Ethan Dietrich, CEO of SixGen affirmed that: “It is clear the Trinity team takes security very seriously and has applied best practices throughout the wallet’s development.”
Unfortunately, as this isn’t the first attack after the release of the aforementioned wallet, it seems there’s more work to be done.
To prevent early-stage attacks, the foundation had created a node called “The Coordinator” through which all transactions have to go through and be approved. In a sense, this communicates that decentralisation is a “utopian” dream and centralisation is necessary at least in the first phase of the project.
While controversial, this node is what prevented the attack from spreading further and affecting more users, as it was shut down and without it, the network cannot process transactions.
While blockchain technology, and in this case DAG, have brought us a long way, there’s more work to be done. Common sense dictates that a supply manager looking to integrate blockchain/DAG technology to their business is unlikely to choose a network that shut down for an entire month for security reasons.
Image Licensed via Shutterstock