I only got to page 30 before moving on, but this line is telling:
> In this case you are right, second-preimage resistance is an anti-feature, collision resistance threat is nullified by Coordinator while allows us to easily attack scam-driven copycats. (pg. 24)
The Coordinator referenced is a validation node ran by the IOTA team which currently processes all transactions.
A creator of IOTA said that broken collision-resistance is actually a feature, allowing them to use their centralized node to attack "scammers".
The whole narrative from the start has been decentralized cryptocurrencies; but IOTA it seems is neither decentralized nor a currency backed by secure cryptography.
> In this case you are right, second-preimage resistance is an anti-feature, collision resistance threat is nullified by Coordinator while allows us to easily attack scam-driven copycats. (pg. 24)
The Coordinator referenced is a validation node ran by the IOTA team which currently processes all transactions.