IOTA is a public distributed ledger that stores transactions using a directed acyclic graph (DAG) structure known as the Tangle. Designed specifically for the Internet of Things (IoT), it is a cryptocurrency that facilitates secure and feeless microtransactions between machines and devices. ^[2]

Overview

IOTA is a blockchain-based public infrastructure established in 2015 that supports secure, scalable, and verifiable interactions among developers, enterprises, and governments. It features a dual-layer architecture with Layer 1 supporting Move-based smart contracts focused on asset safety and parallel transaction processing. Layer 2 offers compatibility with Ethereum’s EVM and Solidity to leverage existing smart contract tools. IOTA uses a delegated proof-of-stake (DPoS) consensus mechanism to validate transactions efficiently while minimizing energy consumption. Its token, IOTA, can be divided into smaller units called NANOs, and network transactions require gas fees paid in IOTA. The platform aims to enable real-world applications and interoperable digital economies through its flexible virtual machine architecture and multi-chain support. ^[3]

Technology

Tangle

The Tangle is IOTA's foundational technology, characterized by a Directed Acyclic Graph (DAG) structure. Unlike traditional blockchains, where transactions are grouped into blocks and sequenced linearly, IOTA's transactions interlink in a web-like structure. The network employs a Proof-of-Work (PoW) mechanism for its operations.

Instead of relying on centralized mining farms to validate blocks of transactions, each user in the Tangle verifies two previous transactions with minimal computational work before sending their transaction. This means the only 'cost' of a transaction is the small amount of electricity it takes to verify these two past transactions, eliminating the need for transaction fees set by miners.

The Tangle's design, which lacks blocks, allows for immediate transaction validation. Transactions are processed in parallel, leading to near-instant confirmations. In this system, each new transaction confirms two preceding ones, ensuring a decentralized and scalable network. ^{[4] [5]}

Network Resilience

IOTA’s Tangle network is designed to resist quantum computing threats and 51% attacks. Unlike traditional blockchains, launching a successful double-spending attack on IOTA requires not only significant computational power but also full visibility of the network and collaboration with many nodes to propagate malicious activity. Because the connections between nodes are private, the network topology is obscured, making it difficult for an attacker to coordinate such an effort. Even if an attack begins, the network can quickly detect irregularities and respond before damage occurs. ^[3]

Quantum-Resistant

Using Winternitz hash-based signatures rather than elliptic curve cryptography makes IOTA resistant to quantum computing. IOTA employs hash-based functions as they offer greater security against quantum threats. ^[8]

Move

IOTA Move is a smart contract language designed to address performance, scalability, cost, and security issues using an object-based model rather than a globally shared state. This allows parallel transaction execution, reducing congestion and fees. Built with security in mind and influenced by Rust, the Move language features strict typing and compiler checks that catch common programming errors before deployment, preventing vulnerabilities such as re-entrancy and unauthorized asset access. In IOTA Move, native and custom tokens are treated uniformly as objects owned by accounts, eliminating complex approval processes and enhancing user control. Although its developer tooling is less mature than Solidity’s, Move’s safety and error detection enable more secure and innovative contract development. IOTA offers both Move and EVM smart contract options, letting developers choose between Move’s security and scalability or EVM’s familiarity and ease of migration. ^[14]

IOTA Identify

The IOTA Identity framework provides decentralized and verifiable digital identities for individuals, organizations, and devices, functioning as a trust layer within the IOTA ecosystem. It supports IOTA-specific and DLT-agnostic standards, aligning with global protocols for decentralized identity. For individuals, it enables Self-Sovereign Identity, giving users control over their data and allowing selective disclosure without centralized intermediaries.

Organizations can use the framework to meet regulatory requirements like GDPR by delegating data ownership to users and integrating verifiable credentials for processes like KYC and AML. For devices, the Identity of Things assigns each one a unique, verifiable identity capable of proving its functions and logging actions on the IOTA ledger, supporting automation and secure interactions. The framework offers a flexible and interoperable infrastructure for managing digital identity across various sectors. ^[15]

Products

IOTA EVM

IOTA EVM is the first fully EVM-compatible smart contract chain integrated into the IOTA Mainnet, combining IOTA’s scalable and secure infrastructure with Ethereum Virtual Machine (EVM) compatibility. It enables fast, scalable, and composable smart contracts with features such as native randomness, parallel processing, and seamless interoperability using Solidity. The platform supports advanced functionalities like Magic Smart Contracts for cross-chain interactions and bridgeless token transfers, allowing easy conversion between smart contract tokens and native IOTA tokens.

Integrated with LayerZero for cross-chain connectivity, IOTA EVM aims to create a unified Web3 ecosystem, supporting common EVM tools like MetaMask and HardHat, while maintaining high network uptime and strong security, audited by Zokyo. It is a foundation for scalable, efficient, and secure smart contract execution with modularity and built-in randomness for oracles, facilitating tokenizing real-world assets and seamless multi-chain interactions. ^{[16] [17]}

Rebased Mainnet

IOTA Rebased is the upgraded IOTA mainnet that introduces a thoroughly reworked and optimized foundation for decentralized applications on the IOTA network. This update includes new tools and resources such as an improved wallet and dashboard for asset management, developer SDKs in Rust and TypeScript, node APIs, a command-line interface, and support for the Move programming language. Additional features include the IOTA Gas Station for simplified token use, self-sovereign identity solutions, and blockchain explorers for real-time transaction tracking. The upgrade also introduced the IOTA EVM Bridge and EVM Explorer to enable interoperability between IOTA’s Layer 1 and other networks, marking a significant milestone in the project’s scalability and cross-chain functionality development. ^[18]

TWIN

TWIN is a decentralized digital infrastructure built on IOTA technology to enable real-time, verifiable data sharing across global supply chains. It supports scalable, interoperable trade ecosystems with features like Self-Sovereign Identity, Digital Product Passports, and alignment with international standards such as Gaia-X. Designed to enhance transparency, trust, and efficiency, TWIN uses open modular infrastructure, distributed ledger technology, and smart contracts to facilitate secure data exchange and compliance in trade networks. It powers projects like TLIP in East Africa. It supports broader initiatives, including border trade and fresh produce supply chains, aiming to create a globally connected network of interoperable trade ecosystems. ^[19]

IOTA Token

The native asset of the IOTA network is called IOTA. At the launch of IOTA Rebased, 4.6 billion IOTA tokens were migrated from the previous Stardust network, and 767,000 new tokens are minted each epoch, resulting in a flexible total supply that changes according to inflation and fee burning.

IOTA tokens serve four main functions: staking to participate in delegated proof-of-stake, paying transaction fees for network operations, acting as a liquid asset for value transfers and smart contract use, and enabling governance through on-chain voting on protocol matters. ^{[6] [7]}

MIOTA

MIOTA (Mega IOTA) is a unit of IOTA's cryptocurrency. 1 MIOTA is equivalent to 1,000,000 IOTA. It is commonly used to represent larger amounts of IOTA in a more manageable way. ^[10]

Token Distribution

IOTA's token supply was fixed at launch, with a total and maximum supply of 2.78 million MIOTA created in a single Genesis transaction. The network does not rely on mining, so no new tokens are generated or mining rewards are distributed. The project’s founders and developers did not pre-allocate tokens for themselves; instead, they participated in the crowd sale like other users.

Following the sale, the community donated some of their tokens to establish and fund the IOTA Foundation, which now oversees the project’s development. Tokens were later made available on exchanges for broader public access. ^[10]

IOTA Foundation (IF)

In 2017, early IOTA token investors donated 5% of the total token supply to support ongoing development and establish the IOTA Foundation. In 2018, the IOTA Foundation was officially chartered as a Stiftung (or foundation) in Berlin. Its primary mission is facilitating IOTA technology's research, development, education, and standardization. The IOTA Foundation is a board member of the International Association for Trusted Blockchain Applications (INATBA). Additionally, it's a founding member of the Trusted IoT Alliance and the Mobility Open Blockchain Initiative (MOBI). These associations aim to encourage the integration of blockchain and distributed ledger technologies in regulatory frameworks, the IoT ecosystem, and the mobility sector. ^[3]

Shimmer Network

The Shimmer network was inaugurated on September 28, 2022, as a platform for testing and validating forthcoming innovations within the IOTA protocol. This network replicates the IOTA protocol and operates exclusively using its native token, SMR. Any enhancements to the IOTA protocol are first trialed on the Shimmer network before being integrated into the IOTA mainnet.

The IOTA Stardust Tokenization Protocol upgrade was introduced, coinciding with the launch of the Shimmer network. This upgrade underwent community validation and testing on the Shimmer network.

The compatibility of the Shimmer network and the Stardust upgrade framework on the IOTA protocol allows it to become scalable and useful as a multi-chain architecture. Developers can leverage these functions to build decentralized smart contracts that retain composability. Given that Shimmer operates on Tangle distributed ledger technology (DLT), transactions run on its network using its native token, and NFTs are also feeless and scalable. ^[11]

Controversies

Partnership Criticism

In November 2017, reports suggested IOTA had partnered with several major companies, including Microsoft. However, it later emerged that this was not a direct "partnership" in the traditional sense. Instead, Microsoft and several other companies participated in a data marketplace pilot developed by IOTA. Following the misunderstanding and the clarification, IOTA faced criticism from some quarters of the cryptocurrency community and media outlets. ^[5]

Curl Controversy

IOTA uses the SHA-3 Proof of Work (PoW) cryptographic algorithm to securely store its transactions, similar in concept to Bitcoin's SHA-256 PoW, though the mechanics differ. However, unlike many traditional cryptocurrencies, nodes in the IOTA network don't receive MIOTA tokens as rewards for their efforts. This approach has raised concerns regarding users' motivation to operate nodes without such incentives.

IOTA originally implemented a hashing function called Curl. However, after vulnerabilities were pointed out by researchers from MIT and Boston University in 2017, IOTA transitioned to using other, more widely accepted hashing functions. The debate following the vulnerability discovery emphasized the importance of thoroughly vetting and peer reviewing cryptographic algorithms before widespread adoption. ^[2]

Trinity Wallet Hack

In February 2020, the IOTA Foundation announced a security breach affecting its official desktop wallet, Trinity. The compromise stemmed from a vulnerability in a third-party library used for QR code generation, leading to unauthorized access and theft from some users' wallets.

The IOTA team promptly advised users to change their passwords and bolster their account security. Additionally, they introduced a patched version of the Trinity wallet to address the vulnerability. ^[20]

E-Krona

In September 2017, Sweden's central bank, Riksbank, announced its investigation into using digital currencies through the E-krona project. The initiative emerged from concerns over the country's diminishing use of banknotes and coins, especially as digital currencies and payment methods continue to evolve technologically. The project aims to determine whether the krona should be issued electronically, termed "e-krona". Of 33 proposals submitted to Riksbank, only 19 organizations were chosen for dialogue. The IOTA Foundation was among these selected organizations. ^{[6] [7]}

Investments

Bosch

In December 2017, Robert Bosch Venture Capital GmbH (RBVC), the corporate venture capital company of the Bosch Group, made a significant investment in IOTA by acquiring IOTA tokens. The collaboration aimed to elevate the technology's adoption and push the IOTA ecosystem forward. ^[12]

ITIC

In January 2018, IOTA announced a partnership with the International Transportation Innovation Center (ITIC) to build a global alliance of smart mobility testbeds for autonomous vehicles. The partnership intended to establish a global ecosystem of smart mobility testbeds based on open-source protocols and IOTA's distributed ledger technology. ^{[13] [14]}

Tangle EE

The IOTA Foundation partnered with the Eclipse Foundation to launch the Tangle EE (Enterprise Edition) Working Group on February 11, 2020. This collaboration was formed to support enterprise adoption of IOTA’s Distributed Ledger Technology by providing a platform for organizations to build applications and explore industry-wide solutions.

Tangle EE focuses on enterprise needs, particularly around the application layer and protocol-level discussions. It currently oversees two main Eclipse projects: Tangle Identity, which implements decentralized identifiers and verifiable credentials; and Tangle Marketplaces, which builds data-centric and exchange-based digital marketplaces using IOTA's infrastructure. ^[8]