
MIT Media Lab's concerns about the cryptocurrency IOTA - dsr12
https://www.media.mit.edu/posts/iota-response/
======
mahemm
It's mind boggling to me that anyone takes IOTA seriously anymore. The fact
that it's in ternary should be enough to convince the more risk-averse
technical people of the folly of its design. More optimistic techies should
have been convinced when researchers showed that its hash function was
trivially broken. Everyone else should've jumped ship when it was revealed
that all of their "corporate partnerships" were made up to pump the coin.

It goes to show that anyone with good marketing can make a killing in the
cryptocurrency world.

~~~
kruhft
What's wrong with Ternary? Other than being obscure?

I'm not happy they seem to be spending more on PR than development, but that
does seem to be the case for most startups these days.

~~~
T4NG
>whats wrong with Ternary The dude just mentioned a bunch of reasons, read his
post

------
amckenna
Take a few minutes to read the blog posts by the creator. Writing aside the
general process and motivation around creating a custom hashing algorithm is
very strange -

"Curl-P was created by following the idea of simplicity. While de-jure I can
say that it was me who created Curl-P, de-facto it was created by a primitive
AI created by me. That wasn’t AI of general purpose; an improved version of
the AI is working on the final version of Curl now while I’m writing this
post. This situation is quite funny because it look unusual, interesting if in
the future we’ll see cases similar to
[https://www.theguardian.com/world/2016/jan/06/monkey-
selfie-...](https://www.theguardian.com/world/2016/jan/06/monkey-selfie-case-
animal-photo-copyright) but with an AI instead of an animal. By the way, there
are a lot of attempts to create a lightweight hashing function, I’d be
grateful if someone confirmed or refuted my observation that Curl-P is winning
this competition.

IOTA was created to be immune to quantum computer attacks, today I have
revealed that it was also created to be immune to attacks from an AI. IOTA was
the very first distributed ledger technology to consider imminent threat from
technologies which look exotic now. NSA already validated our prediction
regarding quantum computers. I think that the both threats (QC and AI) have
equal chances to become real in the near future and I’m confident that in few
years we’ll see confirmations that the prediction about AI was prophetic too.
If someone hasn’t got it yet – IOTA is about the future and it relies only on
those paradigms which pass the test of critical thinking."

\- [http://come-from-beyond.com/time-for-a-paradigm-shift-has-
co...](http://come-from-beyond.com/time-for-a-paradigm-shift-has-come/)

~~~
tuxxy
Honestly, this sounds like the blog of a borderline schizophrenic or
delusional person.

I'm sure he's a very capable developer, but this just doesn't sound... sane.

Edit: Okay, after reading his "About me" page, I honestly am not sure if he is
joking or ill: [http://come-from-beyond.com/about-me/](http://come-from-
beyond.com/about-me/)

"Things started by in the 1980s. I developed a time-machine which was engaged
through a complex series of early ternary devices (very early prototypes of
Jinn). Things have evolved since then, as the latest iteration of this
function is now built into something else (undisclosed).

I went back in time in the mid-eighties to Ancient human times, and
constructed a complex of pyramids using some technology I put together in my
early teens. When I returned, all history of humans with regards to human
development had changed drastically, with this so called ‘mystery creation’ in
Egypt."

~~~
solotronics
interesting, IOTA is the timecube of cryotocurrency

------
seanwilson
Can anyone explain the reason behind the push for ternary? They say that with
special ternary hardware added to IoT devices (which is a big ask), it'll make
their proof of work process more efficient on those devices. Why not just make
the proof of work easier then? It's not like thousands of low power IoT
devices are going to be able to compete against the hash rate of a few
powerful PCs anyway unless I'm missing something.

I've tried asking in other places but I've just had people regurgitating
buzzwords at me... It's quite worrying how easily convinced non-technical
people find jargon when there's so many red flags here. I can't believe some
people are really buying the story that the broken hash function was a
deliberate form of copy-protection to prevent open source copy cats.

~~~
ttt111222333
Apparently ternary is the 'sweet spot' for computing because it's closer to e
(2.7...). We used binary for a while because on / off was the only way we
processed stuff but now we have the ability to do ternary with more accurate
measures of voltage? Something like that.

Apparently ternary makes math easier in terms of signs etc. as well. The below
article explains it better.

[https://dev.to/buntine/the-balanced-ternary-machines-of-
sovi...](https://dev.to/buntine/the-balanced-ternary-machines-of-soviet-
russia)

Given the wealth of experience with binary though I don't think its prudent to
jump to ternary...

~~~
jsmthrowaway
With balanced ternary, setting aside a bit for signed words goes away. We'd
stop having to think about signed versus unsigned, and we'd get the full word
width if it were based on trits, regardless of the sign. It makes a lot of
sense. It also has dramatic implications for floating point, I understand,
though I grok that aspect a bit less. If you go unbalanced (I think is the
term?) and let each trit express one of three trinary digits from 0 to 2 in an
integer, then a 64-trit word can make it 11 significant digits further
(3^64-1), and this is a pain point in game engines trying to express
astronomical distances such as Star Citizen. You'd open up a number of cool
primitive data types; I could see a balanced integer being "signed" and an
unbalanced integer being "unsigned/long" for example, and relative pointers
could go backwards without having to do a ssize_t-style dance, etc., etc. Tri-
states give a native word a lot of possibilities.

There's a lot of people thinking in ternary already, and not realizing it.
bool? is ternary: true, false, or null. Think about the implications on error
handling of such a primitive at the logic level. I'm positive that's true, I'm
positive that's false, I'm not sure. It's a pretty powerful way of computing,
and has a lot of implications up the stack.

If you step back and look at the gymnastics we do around boolean logic and
arithmetic in typical, day-to-day programming, being able to express a third
state at the logic level is something you never knew you wanted. New logic
based on unknown values could be expressed -- think about a tritmask, for
example, and what you could express with a number of "don't care" trits. I
certainly see the value in ternary, with the caveat that I know nothing about
IOTA nor how it uses it.

I've seen discussion about "why don't we build 128-bit computers?" and I think
it's a similar thought exercise to "why don't we build 63-trit computers?"
with the added complexity of three-level logic compared to plain word
extension. I gather that a lot of benefits of ternary overlap with what's
going to happen in quantum computing, too, though approaching ternary from a
traditional computing mindset makes it a lot easier to understand for me.

------
ShabbosGoy
> However, later, he offered a conflicting explanation that he didn’t write
> the curl at all, but that an AI wrote it.

Does this guy even know how to code?

Edit: Here’s another gem!

> IOTA was created to be immune to quantum computer attacks, today I have
> revealed that it was also created to be immune to attacks from an AI.[1]

Wow dude, it’s not only immune to Shor’s Algorithm, but an AGI too!

[1] [http://come-from-beyond.com/time-for-a-paradigm-shift-has-
co...](http://come-from-beyond.com/time-for-a-paradigm-shift-has-come/)

------
ola
> The first explanation was that the flaw was intentional—that it was meant to
> serve as a form of “copy protection.” If anyone used this code in their own
> work, he said, the IOTA developers would be able to exploit the flaw and
> damage other systems that were using the hash function.

Is this a common practice in the cryptocurrency community? Seems sort of
pointless to put flaws and bugs in an open source project as copy protection
instead of just keeping it closed source.

~~~
tuxxy
Be rest assured that this is NOT a common practice.

This is clearly someone trying to save face over a practically trivial break
in their hashing function.

~~~
xwvvvvwx
Think about what kind of engineer would try to save face by claiming to have
deliberately introduced a critical security vulnerability into their _payment
system_.

------
BLKNSLVR
All of the other points aside, this is the About Me page of one of the four
founders of IOTA:

[http://come-from-beyond.com/about-me/](http://come-from-beyond.com/about-me/)

Even if this is a joke, and I consider it 99.9% likely to be a joke, if any
startup had a founder that was publishing some like this, venture capital
wouldn't touch them.

I can only conclude that IOTA is a long-term social experiment in 'doing as
much wrong as possible' and yet still being able to turn a profit based on
heavy PR spend and humanity's tendency for "wanting in on the latest craze".

On the topic of their 'partnerships' with leading technology brands, they're
still listed on the Wikipedia page, so it's obviously a convenient
misunderstanding.

Excerpts from
[https://en.wikipedia.org/wiki/IOTA_(technology%29](https://en.wikipedia.org/wiki/IOTA_\(technology%29):

"With the participation of Deutsche Telekom, Microsoft, and Fujitsu,[8] the
Foundation opened up a data marketplace using IOTA technology.[9] The IOTA
Foundation is also a founding member of the Trusted IOT Alliance, which
includes the companies Bosch, Consensys, and USbank"

"The project gathered participation of over twenty global organizations,
including Deutsche Telekom, Bosch, Microsoft, PricewaterhouseCoopers, Airbus,
Samsung, Orange S.A., Fujitsu, and China's Huawei Group."

I don't have a dog in any cryptocurrency fight, but don't take my word for
anything. Do your own research and determine how they all 'smell'. For me,
IOTA smells pretty bad.

------
kbwt
Pretty surprised that Bosch actually invested in IOTA. The tech seems fishy
even at first glance. Have they not done any research beyond reading the
marketing materials?

------
redka
Some of the points of the article, albeit not new, still stand. The
coordinator and the evident immaturity of the network as well as the tech are
off putting. At the same time I feel like this write-up, and also a lot of the
attitude here on HN, is too harsh, borderline deceiving. The first quote is
backed by links to two articles by IOTA team members. The response conveys the
notion that David intentionally mislead the readers into thinking that IOTA is
formally partnering with the companies he, as the source article reads,
presents as merely participants. The word partner is casually used by the
representatives of the participating companies and that's what the other
linked blog post explains - it's not an admission of wrong-doing as the author
suggests. The third response is also something of a rather unfair nature. By
nitpicking to the concept of free transactions the article accuses IOTA team
of deceptive practices. The response seems like it's trying to not only
downplay the significance of zero-fee transactions but to event present the
current model as the better thing - a notion that seems preposterous
considering the actual dollar value of current bitcoin transaction fees.

------
kruhft
The Spam problem is difficult to solve with IOTA and 'valueless' transactions;
the Tangle is elegant but doesn't seem to be standing up to real world usage
just yet. I'm looking into helping verify the IOTA network by writing a
simulator based on the Tangle WhitePaper to do some stress testing and to see
if the holes can be plugged.

Arguably, it's still Alpha.

------
m3kw9
So now adding the term cryptocurrency to your product to make it look good is
a thing now?

~~~
zaat
Yes, even if you sell iced tea:
[https://www.bloomberg.com/news/articles/2017-12-21/crypto-
cr...](https://www.bloomberg.com/news/articles/2017-12-21/crypto-craze-sees-
long-island-iced-tea-rename-as-long-blockchain)

~~~
zeep
that would sound crazy even on April 1st

------
shiven
Ramblings of a schizophrenic?

[http://come-from-beyond.com/about-me/](http://come-from-beyond.com/about-me/)

Or, it is all a part of an elaborate MIT prank!

------
disappointedrdr
I expect more from the HN community. Are you guys doing your homework before
commenting? Doesn't seem so.

1\. about crypto Every time there is some news about iota here the usual
'don't roll your own crypto' comes up. Yes, I think everyone agrees that doing
that, if you don't know what you are doing, is dangerous. This is especially
the case for you app and web developers. You guys have no business rolling
your own crypto. But think about it, if nobody rolls their own crypto then how
will crypto progress?

Their use case is valid, they need something lightweight for IoT. They are
trying to push the current state of the art. They hired a company to help them
improve their algorithms. [https://blog.iota.org/iota-foundation-hires-
cybercrypt-615d2...](https://blog.iota.org/iota-foundation-hires-
cybercrypt-615d2df79001)

2\. about 'fake' corporate partnerships There is already so much clarification
to be found via google but let me repeat. We had this blog post announcing the
data marketplace: [https://blog.iota.org/iota-data-marketplace-
cb6be463ac7f](https://blog.iota.org/iota-data-marketplace-cb6be463ac7f) where
some quotes from companies can be found. The mass media took this and
interpreted it the way they wanted to. I mean just check headlines in
newspapers etc. They are 90% bullshit. And because of that you give the iota
people so much flack? You denounce them as liars and whatnot. Very
unprofessional. They never themselves said 'we have a formal partnership with
Microsoft'. It's the people writing news articles, writing reddit comments,
doing YouTube videos that interpret things, and other people just accept that
as the truth. Go to the source for information, don't take third party info
for the truth. I know the crypto space has a lot of people manipulating
markets and ripping people off. But having followed the iota people for some
time they, to me, don't seem like ill-natured people.

3\. about ternary Similar to point 1, keep an open mind. They have a hardware
startup working on ternary hardware for IoT. So arguing that emulating ternary
on binary is shit makes no sense. That's not the purpose for iota. Iota is for
IoT. The project is kept under wraps so we don't know much about it and now
you might say, why believe them? Well, no proof but, if you think about Bosch
investing a large sum in iota and knowing they tried their tech for the last
your, don't you think they vetted it and thought it could have potential?
Bosch is a huge company with LOTS of experience in hardware. I am pretty sure
they got a look at the ternary hardware, too. Instead you guys think you are
better than Bosch in making decisions, even you have none of the info Bosch
has. Ridiculous.

4\. coordinator There is not much to say here. If I say 'in the future there
won't be a coordinator' you guys will just say that won't happend. Anyway,
think about how decentralized Bitcoin is.. got it? Not much. Pretty much
centralized. 2-3 companies having most of the mining power. So why cry about
the coordinator? No idea.

I wish for this community to be a bit more open and forward thinking and not
just regurgitate things like 'don't roll your own crypto'.

------
zerostar07
Response three is quite the bullshit. every transaction in every coin uses
some kind of computing power already, even without the confirmation part. what
kind of computer is not powerful enough to handle iota? I don't know the exact
numbers, but i read even internet routers can do it.

I have no stake in iota at all, but this response makes one wonder

~~~
phoneboy
why? please add some comment.

~~~
ringaroundthetx
because the fees thing is very semantical

people have an abundance of computational power and can process IOTA
transactions

there is no lowered balance of IOTA for performing this or sending more IOTA
to a destination

the article goes on about how the computational power is a fee for no other
reason except to discredit the IOTA devs

would be stronger if that point was removed, it isn't a point of contention
and can be explained elsewhere

~~~
kogepathic
_> the article goes on about how the computational power is a fee for no other
reason except to discredit the IOTA devs_

Well _someone_ has to buy hardware and pay for electricity to run the
computers.

Computational power is _not_ free, unless you're running a botnet or
something.

 _> people have an abundance of computational power and can process IOTA
transactions_

And they get in return... ?

A warm fuzzy feeling for having paid money for hardware and electricity so
someone else can put something on a blockch-- whoops, I mean a "Tangle."

~~~
ringaroundthetx
yeah but I didn't ask you or anyone about that, or say that it wasn't a form
of a fee, I was explaining what the grand parent comment saw as obvious as it
was obvious to me too.

------
whataretensors
1\. > IOTA’s relationships with top-tier companies continue to be nebulous.

Not a big deal to me.

2\. > IOTA network relies on the “coordinator”

And it's planned to be removed in the future.

3\. > while IOTA users do the proof of work on their own devices, per
transaction

Because of that proof of work can be rethought and built into cheap hardware
for IOT.

4\. Security vulnerabilities

I'm pretty accepting of software having bugs at the beginning, even stupid
obvious ones.

~~~
tylersmith
> I'm pretty accepting of software having bugs at the beginning, even stupid
> obvious ones.

Even cryptographic security bugs intentionally placed by the lead developer?
[https://gist.github.com/Come-from-
Beyond/a84ab8615aac13a4543...](https://gist.github.com/Come-from-
Beyond/a84ab8615aac13a4543c786f9e35b84a)

~~~
UncleEntity
> Remembering how quickly Nxt protection was disarmed I was keeping in secret
> the fact of existence of such mechnism in IOTA.

Not to mention they don't even learn from their past mistakes...

Though I find it perfectly reasonable to protect ~2 billion dollars through
hidden backdoors published on github.

