IOTA's hash function curl is broken
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
collide collision code Aug 8, 2018
iotutil update license Aug 8, 2018
template collision code Aug 8, 2018
.gitignore init Aug 13, 2017 remove spurious ticks Aug 18, 2018

Vulnerability report on IOTA and code to create collisions

Read our full paper Cryptanalysis of Curl-P and Other Attacks on the IOTA Cryptocurrency.

Read the original report here.

See examples for the original colliding bundles we released in 2017.

See valueattack, collide, and template for the code to create colliding bundles.

Make sure to set your GOPATH and check out this repo to $GOPATH/src/

cd $GOPATH/src/
go get -u
go get -u

Make sure iotaledger is at the right commit:

pushd $GOPATH/src/
git checkout 7e48a1c9b9e904f07e1fc82815e5b302873a6dec
go build