Getting started with IOTA

In the previous post we took a first glance at IOTA ledger. Although the plans are great, currently the project is in its incubation phase, with the majority of the most attractive features not yet ready to use. But this shouldn’t stop us from playing with what we already have today.

Before we dig into the code, we need to get connected to one of the two IOTA networks. The “proper” network is called mainnet and there is also a slightly more relaxed one called testnet. As the names suggest, the latter is for test purposes. Each network consists of the multiple nodes that are run by the community. In order to join the network, we either need to run our own node or to connect to the existing node using its public API.

Is node a node?

If we’re tech savvy enough and we have decided to become an active part of the IOTA network, we need to have our node up and running. IOTA’s terminology avoids using “node” name for what they offer now. The only software that is able to run as a part of the network is called “IOTA Reference Implementation” (IRI) – my guess is that it is intended to suggest clearly that the project is still in its infancy and everything might change over time.

IRI is written in Java and is publicly available on GitHub as GPL-licenced open source. Requiring a full Java JRE to run a node is probably one of the reasons IOTA is not yet feasible for real IoT usage. We can choose to run it either from a JAR file provided or – which sounds more appealing to me – using Docker image.

Let’s roll

To build and run the Docker image, type the following:

docker run -d --name iota-node \
  -p 14265:14265 -p 14777:14777/udp -p 15777:15777 \
  -v ~/iota.ini:/iri/iota.ini iotaledger/iri:v1.4.0

We’re creating a container named iota-node for an easy future access. With -p options we’re exposing three custom network ports for external communication. And with -v we’re passing a path to our node’s configuration file that should look as follows:

[IRI]
PORT = 14265
UDP_RECEIVER_PORT = 14777
TCP_RECEIVER_PORT = 15777
NEIGHBORS = [space-separated list of neighbors]
IXI_DIR = ixi
HEADLESS = true
DEBUG = true
DB_PATH = mainnetdb

Here we have the communication ports specified again. They deserve an explanation as its purposes and usage are not obvious and the official docs are not helpful.

The first one – named cryptically PORT – is used to expose our node’s HTTP API. It is useful to configure, orchestrate and monitor our node, but it should not necessarily be exposed to the public internet. We should leave it available from inside the Docker container just for us, but it is not necessary to expose it on our external firewall.

UDP_RECEIVER_PORT and TCP_RECEIVER_PORT are ports that need to be exposed via the firewall – so ensure your router or ISP allows you to configure public traffic over these ports to reach your node. IRI uses UDP by default with TCP fallback – technically, only one of these channels need to be reachable. UDP adds less overhead but TCP in some cases is easier to set up and debug.

Get along with your neighbors

We now have a stranded process running in the void. It’s time to find other nodes we can connect to and sync the state of the Tangle with it. These other nodes are called “neighbors” and we need to maintain a two-way channel between us and our neighbors. As of today, the only way to get some neighbors is to ask the friendly people on #nodesharing IOTA’s Slack channel for a way in. When asked during the European’s daytime, I got some responses in less than an hour.

When you’re already befriended with other nodes owners, you need to give them the publicly available address of your host – most probably looking like udp://12.23.34.45:14777. Note we’re specifying the UDP protocol here and using a corresponding receiver port from our INI file. Our neighbors should give us their addresses, also for UDP protocol (if we decide to use UDP, that is – for TCP, both sides should use TCP protocol and ports, obviously).

To add a neighbor, include its address in your iota.ini file, in NEIGHBORS field, as a space-separated list and restart your node. Alternatively, you can use your node’s HTTP API method to add a neighbor dynamically.

After this is done, try calling getNeighbors to see what’s going on. If everything goes right, the number of all transactions should grow pretty quickly. Now just go for a long lunch (possibly including a dinner) and when you’re back, you’ll be in sync with the network, being a part of IOTA ecosystem. Hooray!

Light Node

There is also the wallet client app (also called “light node”), but its use is restricted to token trading. It requires a connection to the existing node’s HTTP API (this one exposed via port defined in PORT – 14265 in my example). But we’re geeks, we care about tech stuff more than about trading ?.

Speaking of the node’s HTTP API again. If it’s there, we might also use it directly on our own, right? Sure we can. Stay tuned for the next post in the series where we’ll submit a Hello World transaction to IOTA from a Node.JS application.

A post by Adam Bar

IOTA – a new kid in the cryptocurrency town

At Baltic Data Science, we always try to keep focus on the bleeding-edge technologies and innovations. We are especially interested in cryptocurrencies and its prospective wide usage in the industry, not only as a payment method. We already have some experience with Ethereum and Hyperledger as a Blockchain-based app platform, so we were curious what can IOTA offer.

IOTA’s marketing offerings are very prominent. It calls itself “a backbone of IoT” and promises scalability, decentralization, modularity and the lack of transactional fees. Its primary goal is to enable the “Economy of Things” – an environment in which the IoT devices might conduct secure, verifiable and reliable automated transactions for even the smallest amounts. It is not feasible with other cryptocurrency-based technologies because of the transaction fees that would be possibly larger than the amount exchanged.

What IOTA is (or plans to be)?

First of all, technically speaking, contrary to Bitcoin, Ethereum or Hyperledger, it is not a blockchain-basedsolution, because transactions do not require blocks to be formed nor do they create a single chain of blocks. Instead, each transaction is a separate node in the tree-shaped graph of transactions. Every transaction references two earlier transactions that exist in the tree, confirming its validity (by verifying its proof-of-work). This directed tree-shaped graph in IOTA is called the Tangle.

This way, at least theoretically, the whole system is self-validating and the approval process is decoupled from any authority and decentralized. It is also a way to get rid of the transaction fees – all the nodes participating in the network have the incentive to verify proof-of-works of other transactions because it is required in order to submit own transactions to the network.

Scalability, the next major promise of IOTA, is theoretically guaranteed by the fact that it is not required for the node to know the state of the whole Tangle tree – the tree can grow asynchronously in many directions. The assumption is that the separate branches will be eventually “entangled” together and cross-validated by the future transactions. This idea allows nodes to work in a non-fully synced state – this is especially useful in the context of IoT devices that might encounter being offline for a myriad of reasons.

The current state of affairs

Let’s leave the marketing buzz from the landing page and check how all these promises work in today’s reality. The project itself is quite young – the initial commit of the node implementation is not even a year old (Oct 2016). And while the project is really dynamic, it is still in the very early phase. If you count on any detailed reference or deep-dive instructions – you will be disappointed. All you can find is a theoretical academic whitepaper, coarse and partial definitions of terms, API reference and a vibrant Slack community that serves as an announcement board and the only way to have the node connected to the network. For all the rest you need to either dig through the source code or count on the community on Slack to help you.

It turns out that the other theoretical goals are also far from being met in practice.

Decentralization

The pure IOTA Tangle is vulnerable to the attack that enables verification of invalid transactions by generating large enough sub-branch of the tree consisting of fake transactions so that the branch overweights the original, legitimate transactions branch, making it orphaned and leading to the approval of the double-spending transaction.

As of October 2017, there is a single designated node in the IOTA network, called Coordinator, that ensures the consistent state of the ledger, re-validating all the transactions and periodically generating a “Milestone mark” that is intended to indicate the “correct” branch of the Tangle tree. A Milestone is a special transaction, issued by the designated Coordinator node, which marks all the transactions it directly or indirectly approves as trusted.

The existence of Coordinator makes IOTA not fully decentralized by now and prevents from having a private ledger networks, because its address is hardcoded into the IRI (reference node implementation) and its source is not disclosed.

It is said that the existence of the Coordinator is a temporary measure, until the protocol stabilizes and the network gets a certain size making it unfeasible to take over, but no due date is given.

IoT app platform

The idea of the IOTA system is to be possible to run it directly on IoT devices. It is not yet possible to run the full node on Raspberry Pi, though. However, it should be possible to run the thin client that connects to the external node.

What is important, IOTA cannot serve as an app platform as long as there’s no Smart Contract functionality there. It is planned, but it doesn’t seem to be reasonable to expect it soon.

What next?

Even if the number of ToD’s on the IOTA team’s list is long, there are definitely some parts that can be used even today.

In our next post, we’ll look into the ways we can interact with the Tangle, even in its current state of maturity.

A post by Adam Bar.

IOTA – Hello World

Previously in the IOTA series we’ve looked into the assumptions of this promising cryptocurrency system and we’ve connected to the network with our own node. It’s high time to interact with IOTA programatically.

IOTA nodes (or, actually, as the creators of the system prefer to call it – IOTA Reference Implementations) expose an HTTP API that we can interact with and – unlike most of the IOTA’s ecosystem – has an actual documentation available. But while it is indispensable to look into this reference, we’ll rather use the client libraries to talk to our node.

There are three official client libraries out there at the moment and the most mature one is apparently the one we’d like to use – a JavaScript one called iota.lib.js. It is basically a wrapper for the API endpoints.

Talking to node using Node

Let’s start with the empty Node.JS project that we can bootstrap using npm init. Then install IOTA’s library with npm install iota.lib.js --save and jump into the code.

To establish a connection, we need to specify where is our IRI, including the public API port (specified as PORT in the node’s config file or as -p if passed from command line). Note that by default we don’t need any credentials here – that’s why it is important to keep our node’s API port hidden from the external network or configured properly with --remote-auth and --remote-limit-api configuration options to avoid everyone to mess with our beloved node.

const IOTA = require('iota.lib.js')
const iota = new IOTA({
    host: 'http://192.168.1.162',
    port: 14265
})

Now let’s see what our node tells us about itself using getNodeInfo call. All the API calls adhere to the clumsy Node.JS callback passing convention:

iota.api.getNodeInfo((error, nodeInfo) => {
    if (error) {
        console.error('getNodeInfo error', error)
    } else {
        console.log('getNodeInfo result', nodeInfo)
    }
}

What we’ll get in return, apart from the node’s version and footprint information, is the processing state – whether there are any pending transactions to transmit and what is the latest milestone known to our node. This latter value should change every several minutes if our node is in sync with the network.

Where’s my wallet?

Addresses in IOTA can be understood as distinct wallets that can store IOTA tokens. These are long enough strings, so that it’s totally fine to generate it on your own and – in practice – be sure about its uniqueness.

In order to claim the ownership of a given address, we need to have the seed it was generated from – think of the seed as a private key to your box with wallets. The seed needs to be generated securely, probably not using the public websites that does it for you. The easiest would probably be to use macOS/Linux terminal and run:

cat /dev/urandom | LC_ALL=C tr -dc 'A-Z9' | fold -w 81 | head -n 1

Now, the thing we got back, looking similar to FNCWNXJWJIVDGPRWNZYKOMKNIIATPPDKEVCZEWSZTEVIWJFCOUV9PJD9AUCEVQLFEAI9UBUAVQKVEBLKN, is our seed. We’re responsible for storing it securely and privately because it gives a full access to all the addresses (wallets) we’ll create using it.

To actually generate the address we can use to send transactions to, let’s use our API:

const seed = 'FNCWNXJWJIVDGPRWNZYKOMKNIIATPPDKEVCZEWSZTEVIWJFCOUV9PJD9AUCEVQLFEAI9UBUAVQKVEBLKN' // keep it secure!
iota.api.getNewAddress(seed, (error, address) => {
   if (error) {
       console.error('getNewAddress error', error)
   } else {
       console.log('new address generated: ' + address)
   }
})

Spending the tokens

We’re now ready to submit our first transaction, or – how the API calls it – the transfer. Apart from the monetary value (which can be zero), we can attach a message to our transaction. The message needs to be tryte-encoded – we don’t need to care much about it fortunately as we have a helper method for this task: iota.utils.toTrytes.

The code to send our transaction to the IOTA’s tangle is as follows:

const Depth = 3 // constant defined by IOTA - how deep to look for the tips in the Tangle
const MinWeightMagnitude = 16 // constant defined by IOTA - the difficulty of PoW

const transfers = [
    {
        // where are we sending the transaction to?
        address: 'CHNLHJCYBZCYUI9DTHINDDWHNJWFCHQOTGABXFVZQHXF9BROTOIJZJSBXOVKCDGCXZTDDJUVTYBJZYAOH',
        
        // how many tokens are we transferring?
        value: 42,
        
        // do we want to comment on this transaction?
        message: iota.utils.toTrytes('Hello World!')        
    }
]

const options = {
    // addresses of the wallets we're using to fund this transfer
    inputs: ['ZISNLNSKMPDOORSSFRCBGQOPY9BI9SONMTDHJJDWBTTCYLFV9PQ9VSWNI9FHEAEFGROGZ9YHSMZYOGFQG']
}

iota.api.sendTransfer(seed, Depth, MinWeightMagnitude, transfers, options, (error, transactions) => {
  if (error) {
     console.error('sendTransfer error', error)
  } else {
     console.log('transactions sent!', transactions)
  }
})

We need to specify where we send our tokens with message to and which of (our) wallets the tokens come from (if we’re sending non-zero value). In the response, we get a transaction object for each transferobject we’ve submitted.

Attaching to the IOTA's Tangle

If we’re lucky, we should be able to get the transaction’s hash property, paste it at one of the online Tangle viewers and see the details of our transaction. It will be most probably in the “Pending” state. This means the transaction was properly attached to the Tangle, although it wasn’t yet validated by other transactions in the Tangle tree and we need to wait a bit. Normally it gets into “Confirmed” state within a few minutes and we can call it a day.

But we might be not that lucky and our transaction might get attached to the part of the tree that will never be validated, either because there were too many tips in the Tangle tree waiting for validation so that it gets “forgotten” by the tip selection algorithm (the tip selection algorithm is biased towards the transactions from the top of the tree) or it happened to get attached to the subtree that yielded incorrect.

In these cases our transaction never goes away from the “Pending” state and we need to fix the problem by “reattaching” our transfers (called “bundle”) to another part of the Tangle tree. In order to do so, we can periodically run the code that might look like:

iota.api.getLatestInclusion([hash], (error, inclusionStates) => {
  if (error) {
     console.error('getLatestInclusion error', error)
  } else if (inclusionStates[0]) {
     console.log('transaction is included (confirmed)! yay!') 
  } else {
     iota.api.replayBundle(hash, Depth, MinWeightMagnitude, (error, replayTransactions) => {
         // ad infinitum...?
     })
  }
})

This procedure might look strange, as we’re actually adding more and more duplicates to the Tangle – replay transaction is a separate transaction. We now probably need to track the “inclusion state” (status) of both the original and the replay transaction. We also need to replay it once again in case it doesn’t get validated within a few minutes. All this comes with the cost of issuing a new transaction, but this is actually beneficial to the IOTA network as a whole because by doing this we’re confirming another pair of transactions. And there are double-spending validation schemes implemented that ensures only one of the transactions will be finally confirmed.

A post by Adam Bar.

UN’s World Food Programme WFP Appoints Baltic Data Science As Partner In Building Blocks Project

Baltic Data Science has formally been appointed by WFP to support them on the scale-up of the Building Blocks project.

We are very proud to announce that we have been appointed by the World Food Programme to continue our technical support to further roll-out the existing Building Blocks platform. At the beginning of the this year, we together with the Munich-based blockchain solutiins firm Datarella started to transform a proof-of-concept into a fully-functional blockchain-based transaction platform in Jordan. The inhabitants receive food vouchers that can be used in the village’s supermarket.

So what are the benefits compared to traditional transaction payments? Thanks to the blockchain technology, our innovative system provides higher transparency of aid accounts for beneficiaries and easy tracking of transaction which helps to lower the effort of bookkeeping for vendors and WFP. The biggest, however invisible, advantage is a minimized risk of fraud or data mismanagement.

We want to thank WFP for their trust and are looking forward to supporting them on their next phase scaling up and expanding the Building Blocks project further into other countries and markets.

If you want to learn more about our services or specifically this project, please contact us at info (at) balticdatascience.com.

About WFP:
The United Nations World Food Programme “WFP”, with its Headquarters located in Rome, Italy is the world’s largest humanitarian agency fighting hunger worldwide. WFP is mandated to deliver the food necessary to save the lives of victims of natural disasters, wars, and civil unrest. On average, WFP reaches more than 80 million people with food assistance in 75 countries each year. About 11,500 people work for the organization, most of them in remote areas, directly serving the hungry poor. WFP is part of the United Nations (UN) System.

About BDS:
Headquartered in Gdansk, Poland, BDS is an international data science and blockchain development company specializing in business-focused solutions. BDS develops data-driven applications (mobile/desktop frontends and backends) for international customers as well as blockchain-based applications.

About Datarella:
Founded in 2013 and with its headquarter in Munich, Germany, Datarella is an established solutions provider in blockchain and big data delivering a broad range of consulting and development services for corporate clients supporting them on digital business transformation and Big Data. Datarella Blockchain Solutions is a full service consulting and development for business applications of the blockchain. Datarella offers cloud storage and computing, machine learning (AI) and predictive analytics.