IOTA Ledger Apps used by Norway’s Bank

A memorandum of understanding (MOU) have been sighed by DNB ASA (Den Norske Bank), Norway’s largest financial group, and the IOTA Foundation (IOTA)
01 June 2018   2525

DNB and IOTA will collaborate to explore applications of the IOTA Tangle, a “third-generation” distributed ledger (DLT). The 2 parties will be partnering to find new business models relatively to their respective industries. The head of DLT at DNB, Lasse Meholm, declared that one goal of the project is better understand the technology and to let those at the bank who work with customers find opportunities for new use cases. 

Among other things, the technology is designed to handle hundreds of thousands of microtransactions per second. We will not let go of the market associated with this ecosystem that arises around these transactions.
Lasse Meholm
Head, DLT at DNB

The representative of IOTA, one of the founders, David Sønstebø, reported that he believes this could soften the relationship Norwegian banks have on the crypto industry.

I hope and believe it. The IOTA Foundation will contribute to separating useless crypto-projects from the serious ones.
David Sønstebø
Founder, IOTA

DNB ASA, Norway’s largest bank and one of the biggest in the Nordic countries had previously been studying blockchain technology through the R3 consortium. As reported by local news E24, DNB also has several ongoing projects with different technologies including Ethereum, Hyperledger, and EOS.

Blockchain technology is being used by the financial institutions around the world.   For instance, Canada’s central bank, Toronto Stock Exchange operator TMX Group, and non-profit organization Payments Canada, recently finished tests showing that blockchain technology is efficient for instantaneous securities settlements.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   1018

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.