The IOTA network has been down since Feb. 12, meaning that, for over 2 weeks, no one who holds IOTA has been able to send or receive any transactions. The IOTA Foundation decided to turn off the IOTA network after $2 million was stolen out of IOTA’s native Trinity wallet. However, IOTA has lost 40% of its value since the network was turned off, equivalent to a loss of $400 million, so almost all of the damage done to the IOTA market is due to the IOTA Foundation’s centralized decision making. This situation is a prime example of how centralization can destroy a billion-dollar cryptocurrency.
A previous article on Crypto.IQ, written a day after the IOTA network was shut down, deep-dived the situation at that time. Essentially, the IOTA Trinity wallet was hacked for $2 million due to being cryptographically insecure, and the IOTA Foundation used the coordinator to turn off the network in order to prevent any further losses and to have time to figure out how to get the stolen money back.
The coordinator is a centralized mechanism controlled by the IOTA Foundation which can shut down the network or reject specific transactions, giving the IOTA Foundation full centralized control.
Supposedly the coordinator is in place to prevent double-spend attacks, but the community and developers have been working to get rid of the coordinator in order to make IOTA truly decentralized. Indeed, a blog post from the IOTA Foundation in early February discussed how progress was being made towards ‘coordicide’, i.e. the elimination of the coordinator. There is even a full page on the IOTA Foundation’s website dedicated to coordicide.
However, the developers have not been able to go through with coordicide despite it being a top goal of IOTA for years, and now the coordinator has caused massive damage via shutting off the network for so long.
Notably, this serious situation began right after a massive fight between the IOTA co-founders, where one co-founder claims he is owed $8 million by the IOTA Foundation. It was revealed that the co-founders are actually fighting over $20 million of IOTA from the initial coin offering (ICO) that was never claimed by investors.
It is unknown if the Trinity wallet hack and subsequent two-plus week shutdown of the network have anything to do with the fight between the co-founders, but the timing is suspicious.
The IOTA Foundation has released a full report detailing what happened, and they blame a third-party service called MoonPay, which was integrated into the Trinity wallet. Apparently MoonPay was hacked, explaining how funds were stolen from the Trinity wallet.
Further, the IOTA Foundation determined that the attacker has been hacking the Trinity wallet since November 27. Basically, the attacker was hacking the Trinity Wallet for months without being noticed.
Regardless, the plan is to have all users migrate their seeds to new seeds so that the hacker cannot steal anymore IOTA when the network comes back online. However, this process is expected to take 10 days, and ‘conflicting submissions’ will have to go through a know your customer (KYC) process.
Additionally, the IOTA Foundation will likely rewind the blockchain to recover stolen funds, which is a serious violation of immutability.
All in all, there is still no announcement yet on when the migration will begin, so it could at least take days, and then once it starts it will take another 10 days. Therefore, it seems quite possible that the IOTA network will continue to be down for another 2 weeks, bringing the total downtime to a month or more, which seems inexcusable for any blockchain or cryptocurrency.
Considering that IOTA has already lost $400 million of market cap in the first 2 weeks since it has been down, it seems likely that major losses will continue over the next 2 weeks, wrecking IOTA investors and users. Then when the network comes back online IOTA may crash some more, since users who have IOTA in their wallets will finally have a chance to sell.
This Situation Would Have Been Far Less Damaging If The IOTA Foundation Did Not Turn Off The Network
The massive losses on the IOTA market beg the question, what would have happened if the coordinator did not exist and the IOTA Foundation did not turn off the network?
There have been plenty of cryptocurrency exchange and wallet hacks in history, and it seems like an extreme and nonsensical measure to turn off an entire cryptocurrency in order to mitigate the damage.
Indeed, $2 million was lost from the Trinity wallet hack, but the IOTA Foundation caused roughly $400 million of losses so far by turning off the network. Basically, a loss for some IOTA users turned into heavy losses for all IOTA users due to the IOTA Foundation’s centralized actions.
If IOTA was not centralized, then the $2 million and maybe a little more would have been stolen, but the IOTA network would have kept running and the Trinity wallet would have been fixed probably pretty quickly. Ultimately, IOTA may have lost 5-10% and then would have recovered, rather than this deep market crash where everyone is selling off their IOTA.
The main problem is that the IOTA Foundation is trying to rewind the blockchain to recover stolen funds, causing 100X more damage in the process. It could be speculated that individuals in the IOTA Foundation personally lost funds, and they are choosing themselves over everyone else, although this cannot be confirmed. However, it is hard to imagine that the IOTA Foundation would go through such great lengths, and cause so much damage, to recover the stolen money if it was not their own money at stake.
Notably, the IOTA Foundation posted a long list of ‘key learnings and takeaways’ from this incident and failed to mention that coordicide at all, indicating that even after all of this centralized damage that they are still not making decentralization a priority.
Ultimately, IOTA had lots of potential and value, since it is the number one directed acyclic graph (DAG) cryptocurrency, making it highly scalable and capable of storing large amounts of data, which is perfect for integrating internet of things (IoT) devices. However, centralization has ruined the value and reputation of IOTA, possibly permanently, and this is how centralization can kill a billion-dollar cryptocurrency.