- Brief introduction to the parasite chain (PC) attack as mentioned in the IOTA whitepaper
- Understanding how the PC works and how it enables double spending
- How to determine if an attack is successful or not
Unlike most other distributed ledger protocols, IOTA is not based on a blockchain. Instead, it uses a form of DAG or called the ‘Tangle’. While many see this as a unique factor with tons of advantages such as absence of mining fees and excellent scalability, others are worried about the security of the protocol – especially parasite chains.
What are Parasite Chains (PC)?
Currently, there is active research by the IOTA foundation into parasite chains, and how to combat them. This was thoroughly discussed in the IOTA white paper (subsection 4.1):
“The attacker secretly builds a subtangle that occasionally references the main tangle to gain a higher score. Note that the score of honest tips is roughly the sum of all own weights in the main tangle, while the score of the attacker’s tips also contains the sum of all own weights in the parasite chain.
Since network latency is not an issue for an attacker who builds a subtangle alone, they might be able to give more height to the parasite tips if they use a computer that is sufficiently strong. Moreover, the attacker can artificially increase their tip count at the moment of the attack by broadcasting many new transact that approve transactions that they issued earlier on the parasite chain. This will give the attacker an advantage in the case where the honest nodes use some selection strategy that involves a simple choice between available tips.”
Put simply, a PC attack is an attempt to double spend funds on the tangle. This problem is hard to control as the attacker can easily approve their personal transactions without relying on any other information from the rest of the network. It’s also hard to determine optimal relative position of each PC transaction and whether or not it should be a chain or other structure.
Ways To Determine Whether A PC Is Successful Or Not
Once an arbitrary random walk reaches the last transaction of the PC, it’s likely that the attack is about to succeed. Plus, there’s also a possibility that other users of the network who are not involved in the scam will prefer the PC to the main tangle when a conflict arises.
To check for an attack, you can create a simulation of running a huge number of random walks and count the ones that have reached the PC. For an attack to be a success, most of the incoming transactions need to approve the PC, making it the dominant sub tangle. Otherwise, if the arbitrary walk on the PC only gets 10%, the chances that the attack will be a success is still low.
Meta Title: What You Need to Know About the Parasite Chain and the Risks Behind It