The brains behind one of the few cryptocurrencies lacking any form of blockchain have launched a competition to find bugs in their new hash function. The IOTA Foundation is offering a share of $220,000 to anyone who can demonstrate weakness within the code.
The new hash function is called Troika. It was engineered by Cybercrypt, a security company based in Denmark.
IOTA Competition: Break Hash, Receive Cash
Hashing functions are a vital component of cryptocurrencies. Their purpose is to change data of varying lengths into strings of characters of a consistent size. For a hash function to be success in a cryptocurrency application it should be impossible to determine the original data from the hash alone.
IOTA’s newest upgrade will feature a completely redesigned hashing function. Developed by Cybercrypt, Troika will need to be bulletproof before it is implemented in the IOTA main net – hence the bounty competition.
According to a report in The Next Web, the IOTA Foundation are inviting all who care to take part to step up and try to break its new hashing function. Those who are deemed successful by Cybercrypt will be rewarded with a share of $220,000 that will be paid in either MIOTA tokens or euros (as the victor chooses).
There are two parts to the challenge. The first invites those taking part to submit an example of two distinct data sets producing the same hash. This is known as a collisions attack.
The second part of the competition is for coders to prove that a message can be deciphered using only a hash. This is called a preimage attack.
Prizes awarded will range from $115 right up to $40,000. Presumably, the more severe the bug discovered is, the higher the payment awarded.
The co-founder and co-chair of the IOTA Foundation, David Sønstebø, stated of the bounty competition:
“We hope that this competition will bring the cryptographic community together on solving security in the Internet-of-Things.“
IOTA’s Security and Centralisation Issues
Recently, IOTA came under fire because it emerged that the risk of the network being compromised is far higher than it is in many other cryptocurrencies. It would only require 33% of the network to be comprised of bad actors as opposed to the 51% needed elsewhere. The solution from IOTA was to appoint a transaction coordinator that would help protect the network from such attacks.
An early investor in the IOTA platform highlighted this as a poor fix since it severely reduced the decentralisation of the network. Limo, as the individual is known, stated:
“… there was and is a single practical point of failure because the coordinator(COO) is a mechanism that, under these conditions, can actively stop the confirmation-rate on the tangle.”
Fortunately for IOTA fans, there is a fix on the way. Troika will likely form part of the proposed update, if it passes the community bounty test of course.
Limo commented again after speaking with two IOTA Foundation members:
“The IOTA foundation has solutions for the coordicide… They are neither approved nor tested, but they are promising concepts that can withstand the first and second logical hurdle.”
If IOTA can successfully implement the planned updates, it may find itself in a much better position to appeal to more of the same high profile users that were attracted to the platform last year.