Willem Pinckaers, a security researcher, says IOTA’s home cooked cryptography did something that should never happen as it revealed the private key as soon as a transaction is made.
The vulnerability has now apparently been fixed, but the private key is meant to be very, very private, and that it was so easily readable is concerning, especially as researchers say there is more where that came from.
“People are starting to do deep-dives into the Iota crypto code and things aren’t looking pretty. I’m fairly confident there’s more where this came from,” says Matthew Green, a cryptography professor at John Hopkins.
What happened here is somewhat interesting. First, you’re all familiar with private and public keys. Private keys are kept very secret because, like a physical key that unlocks the door, they move your funds.
For the private key to communicate with the public key it uses a cryptographic method called signature that proves you own the private key without revealing the key itself.
IOTA uses something called WOTS for the cryptographic signing method. They do so because they say it’s quantum proof as a random part of the signature is revealed each time a transaction is made. Address re-use, therefore, is highly discouraged.
But an Iotan says three months ago some $26,000 worth of iota was stolen from an address that had made only one transaction. This shouldn’t happen with WOTS, researchers say. It should reveal part of the private key with each address reuse, but not all of it in the first use of that address.
It did in Iota because they use home grown crypto which revealed the full private key in some 37% of transactions before they implemented a workaround.
To understand the workaround, cryptography uses a cooker of sort, called a hash. That cooker takes words and transforms them into different words. For Iota, it did so to get 26 different values, creating a sequence. When that sequence started with 13, about 37% of the time, the private key was fully revealed.
Iota’s workaround was to just send it back to the cooker when the value is 13 so as to ensure that the value is not 13 without addressing the underlying “cooker.” That’s making researchers a bit angry because they’ve been warning since forever to not use home grown crypto.
“The Iota community seems hell-bent on getting the security community to “prove their claims” by developing weaponized exploits. It’s bad stuff,” Matthew Green says.
Cryptographers do not often get the chance to play around with home grown crypto, so now that Iota has given them the opportunity, they’ve been poking holes for some time.
But beyond just the crypto stuff and the centralized coordinating server, Iota’s whole suggestion they are scalable seems to be in question.
Iota, as you might know, uses a tree-chain rather than a blockchain whereby every transaction has to confirm two previous transactions. If suddenly there is a surge in usage, there might not be enough transactions for you to confirm, so you have to wait.
So much for the trillions of Internet of Things (IoT) machines they wanted to serve through their centralized server working on home made crypto, but maybe they’ll get there. Who knows.