- IOTA employed a Bait-and-Switch attack mechanism while limiting the power of adversary nodes and controlling the issue of double spending.
- IOTA said that they managed to attain transaction confirmation times of as low as 1 second.
The team behind the IOTA network recently conducted a performance evaluation of a DAG-based Tangle 2.0 consensus protocol. The team conducted this evaluation in a Byzantine environment in an agent-based simulation model while incorporating the main features of the Tangle 2.0 consensus protocol.
As IOTA explains, the Tangle 2.0 consensus protocol consists of two major components.
- The asynchronous component, On Tangle Voting (OTV).
- The synchronous part, Synchronised Random Reality Selection (SRRS).
To explore the security capabilities of each of these components, IOTA employed an agent-based attack strategy dubbed Bait-and-Switch. In such attacks, the attackers can issue double spends at very high frequencies while keeping the honest nodes in an undecided state.
Our 1st performance evaluation of the #Tangle 2.0 consensus protocol was accepted by @EAI_Social 🥳 . We found that – in a Byzantine environment – even powerful attackers can´t break the protocol nor endanger the liveness of honest transactions.
🔗 https://t.co/tJ7ywgMODI#IOTA— IOTA (@iota) October 24, 2022
In the case of worse weight distribution wherein, all honest nodes have equal weights, the OTV protocol can still resist the Bait-and-Switch attack whenever the adversary node had 20 percent of the total weight. Similarly, the SRRS protocol can further resist the Bait-and-Switch attacks even when the adversary nodes occupy 33 percent of the total weight.
The Adversary model employed by IOTA considers two types of nodes: honest and malicious. As the name suggests, the honest nodes follow the protocol while the malicious nodes try to actively disturb the protocol. The malicious node here is an abstract entity aka an attacker. Explaining why IOTA employed an agent-based attack strategy dubbed Bait-and-Switch, it noted:
In contrast to typical balancing attacks, the Bait-andSwitch attack relies less on keeping the conflict weights symmetrical, but rather the attacker makes the honest nodes chase the ever-changing heaviest (measured in AW) transaction. The attack seems to be most effective in situations where the adversary has the largest weight among all nodes.
Fundamentals of the Tangle 2.0 Protocol
The Tangle 2.0 protocol from IOTA employs the popular UXTO model. Here, transactions specify the outputs of previous transactions as inputs and spend them by creating new outputs. This helps to identify conflicts faster as every output can be spent only once.
The IOTA Tangle 2.0 technology effectively resolves the issue of double-spend by deciding between conflicting spending based on identity-based Sybil protection. Here, each node has a score dubbed weight, which will serve as a Sybil protection mechanism. In this case, the ‘weight’ of the node reflects the voting power and access to the network’s resources.
The total weight value within the network is the sum of the weights of all nodes. The IOTA 2.0 consensus model also follows the two core principles of liveness and safety.
During its test of the Tangle 2.0 protocol, the IOTA team also managed to attain transaction confirmation times as low as 1s. The IOTA report notes:
The experimental results confirm that the protocol can achieve around 1s confirmation time in typical scenarios and that the confirmation times of non-conflicting transactions are not affected by the presence of conflicts.
Related: IOTA is 600M times more energy efficient than Bitcoin and has no fees thanks to Tangle technology