- The Coordinator is currently necessary to protect against double spend attacks on the network but is seen by some as a threat to decentralization
- The IOTA Foundation and community members are working on several potential solutions
- A Coordinator-free IRI has already been running on a Testnet for six months
The IOTA Foundation’s coordinator (Coo) though currently deemed necessary to secure the network, is seen by some as a centralization risk. The organization recently published a series of articles on its official blog post outlining the steps it was planning to take before “Coordicide”, which many in the industry see as a huge step on the road towards complete decentralization.
IOTA is not a blockchain per se but a Directed Acrylic Graph (DAG) that uses Proof-of-Work network security mechanisms similar to a blockchain. Similar enough to leave IOTA vulnerable to double spending.
According to the foundation, this is a serious risk for IOTA since unlike cryptocurrencies like Bitcoin or Ethereum which are backed by thousands of miners, the tangle forces each users to do a tiny amount of proof of work for their own transactions, but without any large miners that defend the network and have a vested interest in remaining honest.
The IOTA Foundation created the network coordinator to prevent the possibility of such scenario taking place primarily with double spends in mind. The coordinator, known as “Coo,” is controlled fully by the IOTA Foundation and issues periodic transactions known as milestones.
The tangle will not confirm any transaction appearing on that isn’t directly or indirectly referenced by a milestone. This may have given the foundation a level of control over the network, but it doesn’t enable transaction history to be changed or user funds to be accessed.
The Coo, according to the Foundation, has done a super job but times and circumstances have since changed. IOTA says that it has now become necessary to first “kill off the coo, “ at least theoretically, to enable the Foundation to allow transactions in terms of priority or be able to freeze user funds by “instructing milestones the interest to ignore particular transactions. This, IOTA says, in the interest of the Networks long-term success. The blog posts state:
“We aim for a system that does not require a central Coordinator, and at the same time, does not lead to security weaknesses.”
The main reason the Foundation believes Coo is a cause for concern lies with the fact that if the coordinator would stop functioning or was taken over by an ill-motived person, it would spell doom and halt all confirmations on the network. Most importantly, though, the need to have milestones confirm transactions don’t work well with the built in scalability of the IOTA network in the long term.
The Foundation hasn’t given a roadmap showing the exact timing for the removal of Coo saying that even though IOTA has plans to eventually retire Coo, they will not be in a hurry. The blog post stated in part:
“The short answer is that the Coordinator can and will be removed when our research team is satisfied that we understand the coordinator-free Tangle sufficiently.”
Once the Coo has been taken out of the way, the Foundation says the next big step is a Coo-free IRI which will not replace the MainNet immediately. The aim is to “enable local instances and global Testnets of a Coo-free tangle that the research team is working on. About the Coo-free IRI project, the blog post says:
“The project requires some major code changes to IRI, as the current codebase depends on references to milestones. The random walk entry point, confidence levels (to replace “confirmation”), ledger validation, and balance calculations all need to be reworked to match the latest specifications proposed by the research team.”
Open source coordinator
The Foundation has announced releasing Compass, an open-source version of the coordinator compatible with the Coo-free IRI. The latest update differs significantly with the Coo that operates on the MainNet and will serve important functions with the hope that Compass will “encourage our community to deploy their own testnets and independently verify and evaluate the technology.”
The Foundation has released code for the upcoming version of the coordinator, which, they say has been in the pipeline since last year and can be found at: https://github.com/iotaledger/compass. It has been on several public testnets for a while already and it should be deployed to the MainNet in about six months.
Before the big switch finally happens, the Foundation will operate the IRI on a battle-tested testnet so they can give it a clean bill of health. The Foundation says they would like to experience at least a 3-months bug-free period that can be attested to by security experts before finally putting it on the Main Net.