IOTA Ecosystem

My opinion on IOTA Smart Contract Protocol (ISCP) — security improvement proposal

By Luka Stanisic

First, I want to say, I’m a big supporter of the entire IOTA protocol and in my opinion, this is one of the few projects that try to innovate in this space.

ISCP is IOTA’s take to bring Smart Contracts to their DLT.

Smart Contracts can be thought of as state machines, where the code defines how and when the state is changed. In essence, they make code law. Given a set of inputs (ordered) and following the rules (code) written in the Smart Contract you can deterministically change (update) the state.

There are numerous things to love about ISCP from being able to run multiple chains in parallel which all operate independently from one another while still allowing trustless interoperability across different chains. Each chain can run different Virtual Machines (VMs) from Rust and Go to Solidity VMs (currently, in the future potentially even more). Each Smart Contract chain is governed by a committee of (WASP) nodes. When the committee reaches consensus, they update the state and publish a hash to the Tangle as proof that they’ve reached consensus. The committee uses a leaderless BFT consensus, a variation of the HoneyBadger consensus to come to a randomly sorted list of inputs. Once they agree on the list of inputs and the order, they all independently apply the list to the current state to derive the next state. All honest committee members will generate the same state. Each committee member signs of on the new state and when a supermajority of signatures are collected the hash of the new state gets added to the Tangle. MEV (Miner Extractable Value) is solved at the cost of additional message overhead while reaching consensus on the randomly ordered list of inputs.

ISCP can also be thought of as one of IOTA’s sharding solutions not only for Smart Contracts but also for regular value transactions. Everything is configurable in ISCP. You can have a permissioned set of validators (committee members) or you can have a permissionless and select them from the open market. You can have 0 fees or you can set up your fee structure and charge for your services…

All of this is great, but essentially unusable if you don’t trust the committee because the committee is law (not the code). Code is law only if a supermajority of the committee nodes are honest. Currently, there is no mechanism to punish malicious committees. This isn’t a problem if you run a permissioned set of validators (you already know the members), but this is a problem in the permissionless setting.

You have to understand when you interact with a Smart Contract on ISCP you essentially send funds to the Smart Contract chain that is governed by the committee. Once the funds are sent to the Smart Contract chain the committee controls them. Not you. If they’re honest then yes code is law, if they’re not then they can do whatever they want. Their signatures move your funds on the Tangle (not yours).

You have to ask yourself, what is the point of Smart Contracts if code is NOT law?

The biggest problem in DLTs currently is how do you shard without compromising security.

Global consensus (everyone sees everything) is secure but doesn’t scale.

How can we scale without compromising security?

You might also like
IOTA Ecosystem

IOTA the Ultimate Economic Model and Secure Scaling of Smart Contracts

IOTA Ecosystem

My take on IOTA’s Community Treasury

IOTA Ecosystem

The Tech Behind IOTA — Part 2 (Consensus)

IOTA Ecosystem

Why IOTA?

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

30000
×
×
Ava
IOTA AI
Hi! :-) Do you have any questions about IOTA?
 
AI-generated responses may be inaccurate. Not financial advice.