UCL to Terminate Cooperation With IOTA Foundation

This is a response to the legal threats made by IOTA foundation against cybersecurity researchers
21 May 2018   1291

Patrick McCorry, a security researcher at the University College London (UCL), published an official statement that emphasized that researchers should not be victims of lawsuits because of the results obtained and added that other universities and colleges must follow UCL and discontinue communications with funds that threaten researchers with lawsuits. This is reported by CCN.

UCL Centre for Blockchain Technologies is no longer associated with the IOTA Foundation. In relation to recent news report, we reaffirm our support for open security research, as a prerequisite for understanding the assurances provided by any blockchain technology. It is inappropriate for security researchers to be subject to threats of legal action for disclosing their results.

UCL Statement

In February Ethan Heilman of Boston University, along with a group of researchers from the Digital Currency Initiative (DCI), published a report describing the lack of IOTA hash function called Curl. The report, entitled "IOTA Vulnerability Report: Cryptanalysis of the Curl Hash Function Enabling Practical Signature Forgery Attacks on the IOTA Cryptocurrency,", says that the encryption used by IOTA makes the network vulnerable to counterfeiting of signatures and theft of funds.

Almost immediately after the release of the report, IOTA co-founder Sergey Ivancheglo said in social networks that a group of lawyers is working on a lawsuit against researchers. Dan Guido, CEO of the security research company at Trail of Bits, commented that e-mails sent by the IOTA Foundation showed that the company is not mature enough and does not show any motivation to eliminate the detected vulnerabilities.

In turn, the IOTA Foundation claims that it has never threatened researchers and that it encourages research on the cryptocurrency. At the same time, although Sergey Ivancheglo is co-founder of the IOTA, he does not participate in the work of the IOTA Foundation at all. This was confirmed by Ivancheglo himself, who in his blog wrote that the conflict that has arisen is personal, between him and Heilman.

From the point of view of the IOTA, the UCL response is based on the misinterpretation of the participation of IOTA co-founder Ivancheglo in the IOTA Foundation. IOTA co-founders are not part of the Fund, and the IOTA Foundation is open to research and constructive criticism.

IOTA Team to Fix Serious Mainnet Bug

At a certain point, the bug in IRI caused an actual shutdown of the main IOTA network, it was unavailable for more than 15 hours
30 December 2019   218

The developers of the IOTA crypto project this Monday announced the release of an updated version of the software for the basic implementation of the IRI v1.8.3 node, after a failure in their main network.

At a certain point, the bug caused an actual shutdown of the main IOTA network, while the rate of processed transactions dropped to zero. According to user observations, the network was unavailable for more than 15 hours.

There is an edge case where IRI didn't account for a transaction that was shared between two distinct bundles. Once it marked it as "counted" in one bundle, it was ignored for the next bundle. This lead to a corrupt ledger state.

GalRogozinski @ GitHub

Developer, IOTA

By the time of publication, the problem was resolved. Note owners need to restart their clients using the latest software version.