Semantics, headlines that sell and why The Next Web did not find a vulnerability in IOTA

In a nutshell, somebody with absolutely no track record in the cryptocurrency space has deliberately created transactions which are insecure by design. He then forged his own, insecure transactions. The Next Web frames this as research to capitalize on clicks and does a huge disservice to its readers and the community at large.

This could have been an article about journalistic integrity. Or about the growing trend to publish boldly exaggerated headlines to capture the ever decreasing attention span of an Internet audience. It is not.

Recently, The Next Web’s Dimitar Mihov wrote a story about a supposed vulnerability in IOTA, that simply does not exist. As if this wasn’t enough, he implies that the IOTA community ignores his findings.

Before I go into the technical details, there are a few important things to keep in mind:

  1. The Next Web hasn’t done any own research or fact checking. Dimitar’s entire article is based on another publication authored by Joseph Rebstock. Though there is no public record of Joseph’s background in digital ledger technology, Dimitar repeatedly refers to Joseph as being a “researcher”. In fact, in his original post, Joseph himself points out: “I’m not a real trained programmer as you can probably tell from by github here. I would descibe myself as a sripter only.” (including the typos).
  2. The Next Web did reach out to the IOTA Foundation demanding a response within 30 minutes just to then publish 7 minutes after initial contact. This is pretty uncommon even for publications that primarily monetize on rushing stories out in high frequency.
  3. In favour of journalistic best practices, 24 hours ago I’ve reached out to The Next Web, offering to balance their article to make things right. I provided them with a draft of this article. They stopped responding.

Let’s get to the core of the story, that neither Dimitar nor Joseph seem to understand (or willingly misunderstand). As with most things in the crypto space, the devil is in the details and it is somewhat difficult to comprehend if you’re not deeply involved.

Similar to Bitcoin, IOTA uses a scheme known as “unspent transaction outputs”, UTXO. If you want to transfer 10 IOTA from address A to address X, you need incoming transactions (“inputs”) that sum up to at least the 10 IOTA you’re going to transfer to address X (the “output” address).

In many cases, the value of all inputs for the address will be higher than the exact amount you want to spend — you’ve got more money in your wallet than needed. As a consequence, you have to deal with “the change”.

Here is the most important aspect to understand: Due to the nature of IOTA’s quantum immune digital signatures, one always has to completely clear out the spending address.

Let’s say you’ve got an address (A) with a balance of 100. You want to transfer 30 IOTA to a friend (X). The official IOTA wallet will do the following:

  1. Send 30 IOTA from A to X.
  2. Create a new address B for the change.
  3. Send the remaining 70 IOTA from A to B.

This will leave A completely cleared out, 30 IOTA on X and the change on B.

The IOTA wallet enforces these protocol rules, because otherwise, transactions would indeed be vulnerable and it doesn’t need any research to prove so, as the IOTA inventors deliberately designed it like this.

The irony is: IOTA has a completely secure transaction model with no vulnerability at all. It’s enforced by the official wallet which itself is a part of the technology stack. Therefore none of what Dimitar “reported” will work.

But what about the “evidence” and screenshots included in TNW’s post?

This is where it gets subtle. Or manipulative.

Always spending all inputs is one of the essential rules of the IOTA protocol and an explicitly stated, key technical requirement when implementing solutions leveraging IOTA. Think TLS for online banking.

Breaking this rule will expose you to attackers. Consequently all of IOTA’s own components enforce it. The “vulnerability” TNW claims to unveil does not exist if you apply the IOTA protocol.

However, given the open source nature of IOTA, you can leverage low level libraries to purposely circumvent these rules in the same way a bank could decide to offer online banking without enforcing TLS. Except, no bank would ever do so. As no IOTA network client would.

The transactions created without complying to IOTA’s rules will — pretty obviously — no longer be secure. It doesn’t require any research to prove that “if you don’t do IOTA, IOTA won’t work”. (I might sound ridiculous but I’m trying to follow Dimitar’s logic here.)

Going along with The Next Web’s rationale, I could argue to have found a serious vulnerability in the HTTP protocol, because if banks do not leverage TLS, it would leave their customers at risk. I could “prove” this major vulnerability by inspecting an unencrypted HTTP transmission with a network sniffer and showing that I can discover passwords in plain text. No part of the core HTTP protocol enforces TLS and nobody would ever “fix this flaw” to stay within the wording of TNW. I could also argue to have found a vulnerability in cars and prove it, by driving my own car into a wall.

If purposely circumventing essential parts of any protocol would qualify as proof for a vulnerability, every technology would be insecure by definition.

Banks make sure, that browsers use TLS over HTTP in the same way that the IOTA wallet always transfers all funds from an address.

Jospeh used low level libraries to create transactions that do not adhere to the IOTA protocol to then prove, that he was able to compromise these very transactions. In all of the examples he provided, he did not compromise a single transaction that was created adhering to the rules by software provided by IOTA Foundation.

That is not serious research at all and it in no way is a vulnerability of the protocol.

Now, The Next Web might argue, it’s all just semantics. I strongly disagree. Despite its name, TNW is not recognized as an outlet that deals with technology on a deeper level. However, there is a fine line between “not getting things completely right” and publishing a bold headline discrediting a technology on obviously ridiculous premises.

Ultimately, this article might be about journalistic integrity.

Stay safe and let’s innovate using IOTA!

Update, February 25th, 2018:

Meanwhile, Peter Todd, a crypto expert and Bitcoin core contributor confirmed my interpretation of this event:

“Being crazy” is part of the game when working on groundbreaking innovation, I take that as a compliment.