I've been researching IOTA lately, and I've developed a list of 3 core questions that I'd like to have answered about IOTA.
IOTA is a cryptocurrency that was founded a few years ago and rose to prominence during the great crypto bull market of 2017. Its proponents bill it as an ideal distributed ledger technology for Internet-of-Things (IoT) applications, since it's designed to have no fees and to run well on small low-power devices.
At first glance, it's a deeply intriguing system. The designers seem to have based their entire work on the premise that blockchains are the wrong tool to use to build a decentralized ledger; rather, you should use a Directed Acyclic Graph (DAG). A key concept of a DAG-based cryptocurrency is that transactions aren't bundled into blocks. Instead, each transaction sits all by itself in the database. Apparently there is some work that's shown that DAG-based cryptocurrencies can have some advantages over blockchains; I won't get into any of that here.
In IOTA, the main database (network of transactions) is called the "Tangle." It's a web of interconnected transactions. See this figure:
Each box is a transaction, and note how each box has arrows pointing to the left to two other boxes. These arrows represent "approvals." Every transaction in IOTA has to choose two previous transactions to approve, and then you hope that eventually some other transaction will choose your transaction to approve. In the Tangle whitepaper, a lot of work goes into specifying how new transactions should choose old transactions to approve, and then there's a second technical paper that argues further about why users might choose a particular attachment algorithm over some other one.
Confirmation in the Tangle
Fundamentally, your transaction in the Tangle is considered to be confirmed if a lot of newer transactions approve it (directly or indirectly). "But," you say, "how many is a lot?" Well, this is where some people start being tempted to get skeptical of the Tangle's security: "a lot" means exactly that. "A lot." There isn't really a number; it's just that the deeper you are in a popular branch of the Tangle, the more likely it is that your transaction is considered to be "confirmed."
This could sound a bit flaky, but give it a chance: it's analogous to the concept of "confirmation" in Bitcoin. A transaction in bitcoin is popularly considered to be confirmed once 6 blocks have passed. However, there isn't anything magical about 6 blocks. A wildly lucky (or extremely wealthy) selfish miner could mine on a competing fork, outpace the chain that your transaction is on, and cause your transaction to un-confirm. But the deeper you are in the bitcoin blockchain, the less likely this is to happen and/or the more this attack would cost. It's roughly the same in IOTA: the deeper you are in the Tangle, the more likely it will be that your particular branch of the Tangle is irreversible.
Right now, the Tangle is being coordinated in a centralized fashion by the IOTA Foundation (IF). What this means is that every couple minutes, a special transaction goes into the Tangle that says "here is a list of all IF-approved transactions. You may consider these approved." Unlike many in the crypto community, I'm not a decentralization maximalist, so I don't think this is evil. But it does raise the question: Why is it necessary? Bitcoin didn't need a coordinator to bootstrap itself; why does IOTA need one? Marketing materials from the IF seem to indicate that eventually, the coordinator will be shut down and the Tangle left to evolve on its own. However, I haven't seen much that says when this might happen. Granted, I've only been looking into IOTA for the past week or so.
My Questions About IOTA
I'm a total newcomer to IOTA. I don't have a long or short position on it. If it's a good system, I want in; if it's not, I want to stay out. With that in mind, here are my questions. If they sound skeptical, that's because I'm a well-practiced skeptic -- it's not because I'm out to destroy IOTA.
- What is the plan for shutting down the coordinator? To me, IOTA isn't really interesting if it requires a centralized coordinator permanently. Does the IF have a formal justification for why the coordinator is needed, or some kind of formal reasoning for how they'll be able to tell that the coordinator can be safely shut down? In other words, If the Tangle is fragile when it's small, why should we expect it to be robust when it's big? I'm not saying that I don't think this is true, but some formal analysis would be nice.
- In the equilibrium paper, why should we think that "almost symmetric" equilibria are an interesting class of equilibria? It seems to me that a much more interesting place to start would be to ask whether the reference policy is a Nash equilibrium strategy. That is, suppose everyone is using the reference policy. Can one of those individuals switch to some other policy and be better off? I think it's fairly obvious that they can: a single individual is trivially better off using a policy which deterministically confirms the transactions with highest probabilities under the reference policy. If my reasoning is correct, this means that the situation where all nodes use the reference policy is not a Nash equilibrium. Should this trouble me? Should it trouble me that no mention is made of this in the paper entitled "Equilibria in the Tangle?"
- When you attach a transaction to the Tangle, it might not get confirmed. This isn't really a problem. Just wait to see if it's confirmed quickly, and if not, you can just reattach it again somewhere else. If it doesn't get confirmed that time, just wait a little while, and then reattach. As far as I can tell, this is the official way to deal with a transaction not getting confirmed quickly. My question is this: Wouldn't it be smarter for me to modify the software so it does all of these "reattachments" simultaneously? In other words, "why wait?" It's pretty clear that a single node could decide to improve his confirmation times by spamming the network with multiple identical copies of each transaction. Of course, even if this is a good strategy for me, it makes life worse for everyone else. If I submit 3 copies of the same transaction, only 1 can be valid in the long run -- so if anybody else attaches to one of my 2 invalid ones, their transaction (even if it was attached honestly) is invalidated by my selfish spamming. Then they have to reattach their transaction somewhere else, which gives them an additional incentive to use my selfish-spam software. A vicious cycle ensues. What am I missing?
Are there any IOTA fans here? What other questions should I be asking?
EDIT: I also posted the questions on the Iota subreddit: my post.