Ten days ago IOTA reported that funds were stolen from ten of its highest-value users to counter the situation the project shut its network for further investigation.
In the official release, they stated,
“Currently the Coordinator is halted until further notice to investigate reported issues with stolen funds. We ask you to keep the Trinity wallet closed for now until further notice.”
In a progress report, the IOTA group clarified that the issue came from a third-party integration in the desktop app of Trinity – their official wallet for MIOTA tokens. The vulnerability in the framework was exploited by the attacker who stole users’ seeds [digital key passwords] and accessed the wallets.
Pros and Cons of centralization
Pros: Every other day, users holding funds in millions lose their seeds keys, undergo phishing attacks and ever so often get their wallets hacked due to lack of security. Nevertheless, no question of a rollback or re-gaining the assets come in the picture. Except in 2019, when Binance was hacked for 40M USD and CZ thought he could rollback [yup, we still remember that]. However, no matter what rollback is not possible with Bitcoin. The primary reason being its decentralized network that runs with no central point of authority to make decisions. Which is why if you lose your key, you lose your coins.
Funnily enough, centralized cryptocurrencies can actually rollback the chain and write over the ledger to gain lost coins, like Ethereum did when it split into ETC and ETH.
Similarly, IOTA has published multiple steps for remediation plans to get things going.
- Users need to install the latest updated version of the Trinity wallet.
- Users need to change their wallet passwords to new ones.
- Users need to transfer their assets to a safe seed using seed migration tools
Once all the precaution is taken users will be in a position to reclaim their stolen MIOTAs. This will happen through the IOTA team taking a global snapshot of the network which other users will have to validate. Following this, the project will take the help of a third-party to restore what’s lost and credit it back to the users.
Cons: Centralized digital assets are no different than centralized banks. If someone can keep you from using your assets irrespective of what has happened, your assets are managed by them even if its owned by you.
From the past 10 days, the IOTA network has been shut. This limits MIOTA users from using their funds for any purpose. Especially for users that work with MIOTA tokens on a daily basis. One day it works normally and suddenly something goes wrong, to battle it the decision-makers of the project shut down the whole network. You’re stuck with your tokens, unable to convert, trade or use.
Speculations suggest this was also done in order to prevent MIOTA price crash since history repeats itself and dumps usually come in when a particular coin/token has been hacked or used for malpractices [although, this doesn’t show any correlation with Bitcoin anymore].
People have expressed how anxious the network shutdown of IOTA makes them feel:-
Reddit user, gynoplasty Platinum | QC: ETH 344, BTC 301, CC 29 | TraderSubs 254 says:
“No excuses for IOTA, the ability to stop transactions is ridiculous. A lot of what you describe. That’s pretty much a big fear for all cryptos. There’s massive op sec openings for coin theft, network issues, huge selloffs in 24/7 markets. Being decentralized and new, moving fast and breaking things is a scary way to hold your money. But us crypto junkies love the drama. Waking up to the DAO hack, watching prices plummet 30-50% and exchanges freezing transactions. New forks popping up, with different services supporting them at different times. It’s a mess out here in cryptoland.”
Dan Ballard, a Twitterati says,
“This exact same class of coding “issue” is why the IOTA network has been offline for 10 days and counting. The only difference is they were unlucky enough to be loading a .js file from a small github repo that got hacked instead of a font from google”