Since the beginning of IOTA, one particular thing has always been the main point of criticism: Coordinator. As the tangle is still in an early stage, the network consists only of few nodes. Thus, an attacker could add a big bulk of nodes and create malicious transactions using those nodes. In order to prevent attackers of taking advantage of this exploit, the IOTA foundation came up with the Coordinator as a security feature. The coordinator is a network node which publishes zero-value transactions at regular intervals. Those zero-value transactions represent transactions that the coordinator digitally signs. A transaction is only valid if the coordinator has confirmed it directly or indirectly with a transaction. IOTA critics use the coordinator as a weakpoint of IOTA, as the instance is controlled by the foundation. Meaning, in the current stage IOTA lacks decentralization. IOTA, on the other hand, explains the coordinator as training wheels till the network is large enough to sustain itself without the coordinator. Last year, IOTA officially announced that they have found a solution to remove the coordinator from the tangle: Coordicide.
The Coordicide Project
The Coordicide project (composed of the two words: "Coord" as coordinator and "icide" as homicide => "killing the coordinator"), will be a new tangle upgrade which will remove the main features of the coordinator. With the help of five modules and three phases, IOTA is working on a smooth and secure transition from the current tangle to the coordinator-free tangle network.
The Coordicide Upgrade from IOTA has a modular structure and contains the following components that ensure its function:
Module 1: Node Identities and Mana
In the current tangle network where the coordinator is still present, each transaction is issued/digital signed by the coordinator. In a coo-free network, each node that issues transactions has to be identified. Therefore, IOTA is working on a "Node Identification" system. As the name already indicates, every node in the network receives a unique identification and signature for transactions and reconciliations. However, relying on node identities makes distributed systems vulnerable to a so-called Sybil attack. In a Sybil attack, the attacker attempts to gain control over a peer-to-peer network by forging multiple fake identities. As a result, IOTA came up with "Mana" to protect themselves from Sybil attacks. "Mana" is a reputation system where "good" actors are being rewarded with a small amount of mana tokens for issuing valid transactions and "bad" actors punished for issuing vicious transactions by losing their mana tokens (reputation) very rapidly. This gives node owners who hold a big amount of amount of mana tokens the incentive not to use their reputation to attack the network, since they will lose their credibility and reputation(mana tokens).
Module 2: Secure Autopeering
The second module is a auto-peering mechanism that aims to prevent malicious nodes from entering the tangle and damaging the network. By letting each node having its own criteria for selecting potential neighbors, outside attacks such as eclipse attacks (aims to attack/isolate a certain node, rather than the entire network) are almost impossible as an attacker cannot influence a node’s decisions in the peer selection process. A simulation of an autopeering process can be seen here.
Module 3: Spam protection and Rate Control
In the current stage of the tangle, a Proof of Work (PoW) based spam protection mechanism is used to control the transactions rate of the tangle network. As PoW based concepts lead to miningraces (nodes compete with each other to receive the mining reward and transaction fees), this can have an bad impact on the environment if the mining is done with IoT hardware which are e.g. not charged with reusable energy. To bypass this inefficiency, the spam protection is being replaced with a rate control system. The rate control system adjusts the difficulty based on various factors such as the number of recent transactions and mana of the node. This prevents network congestion and a reduction in throughput.
Module 4: Proactive Conflict Resolution (Shimmer)
Shimmer is a voting mechanism that serves as an additional layer of security. Voting schemes enable nodes to share their "opinion" with all other nodes within a specific network. If one node disagree with other nodes, a so-called conflict occurs. It comes to a voting state where a consensus is being created to change to nodes "opinion". The aim is that in the end, all nodes share the same opinion. Compared to traditional voting schemes, which don't scale well, IOTA promises that the conflicts are resolved immediately. Depending on the amount of mana tokens a node owns, the weighting is either stronger or lower. In this way, nodes that have proven to be good for the network (good reputation/much mana tokens) can have a greater influence in voting.
Two consensus protocols are currently being researched and developed:
“Cellular Consensus”, which mimics the behavior in a cellular automaton, and
“Fast Probabilistic Consensus”, which gives strong security guarantees using probability theory.
In the cellular consensus algorithm a nodes state is formed, if the majority (more than 50 percent) of the neighbors prefer the transaction. Meaning, the current node looks up the state of his neighbors and changes it owns state depending on how many neighbors dislike/like the transaction. As mentioned in the paragraph above, the process finishes, when each node share the same state. How the consensus is being reached in a cellular consensus process can be seen here.
Fast Probabilistic Consensus
The FPS algorithms shows similarities to the cellular consensus. In the FPS protocol, the voting process is split into separate rounds instead of asynchronously casting votes between neighbors in parallel. In each round every node selects a new random subset of other nodes, and queries their current opinions. Same as in the cellular algorithms, the node state is formed if the majority of the neighbors share the same state. Only difference is that instead of 50%, the FPS algorithm uses a decision threshold to protect themselves from an attacker that wants to delay consensus.
Module 5: Tip selection algorithm
As the name already indicates, the tip selection algorithm decides which transaction is selected for approval. The principals are the same as the previous method: A new transactions needs to validate two previous transactions before being added to the tangle. But the previous method, which used a "random walk" has some flaws, such as that calculating the cumulative weight of transactions was expensive and reduced the scalability of the tangle.The new process prevents valid transactions from falling behind due to a lack of weighting.
There will take three phases which will ensure a secure and smooth transition to the coo-free network.
Phase 1: GoShimmer Prototype
In the first phase, Shimmer is being already tested. As of February 2020, the GoShimmer prototype has already been launched on a testnet and is currently being tested to find possible security risks and errors. In addition, the implementation of a new node software called Bee will begin in this phase. As soon as Go Shimmer has passed all tests, the second phase follows.
Phase 2: Actual testnet with bug bounty program
The second phase heralds the actual test phase. The testnet simulates the current IOTA network and is accompanied by a bug bounty program. This requires a number of honest and malicious actors who uncover possible gaps and security risks in the system.
Phase 3: Transition to the mainnet
As soon as the testnet of the second phase has proven itself and is running stable, the test network will be converted to the IOTA mainnet. The last phase is to transfer the ledger from the existing network to the new network, which then becomes the new mainnet without a coordinator.
Coordicide will be a game changer for IOTA. Secure, scalable and decentralized. Obviously there are still a lot of things to do, but if IOTA manages to finished this upgrade, the blockchain trillema will officialy be solved and critics will be quiet! If you are interested how the development is progressing, IOTA published a new roadmap at the end of last year.
Thanks for reading! Did you enjoyed the post? Let me know :)