Neha Nerula is the Director of Digital Currency at MIT Lab, as part of the MIT Digital Currency Initiative, a cryptocurrency-focused research community at MIT. Nerula formerly worked as a software engineer at Google.
All coin and product reviews by expert Neha Nerula.
We found that IOTA’s custom hash function Curl is vulnerable to a well-known technique for breaking hash functions called differential cryptanalysis, which we then used to generate practical collisions. We used our technique to produce two payments in IOTA (they call them “bundles”) which are different, but hash to the same value, and thus have the same signature. Using our techniques, a bad actor could have destroyed users’ funds, or possibly, stolen user funds.
The digital currency space is still new, and we are confident that robust, useful technologies will continue to emerge and gain adoption. But the fact that none of IOTA’s partners raised these concerns about a glaring vulnerability in a ~$2B cryptocurrency, or spoke about the other red flags, is worrisome.Full review