- The IOTA Foundation continues to work under high pressure to find a solution to the current situation.
- A new version of the IOTA Trinity wallet is still in progress and a plan for the re-launch of the IOTA Tangle is being worked out.
For more than four days now, the IOTA Tangle has been at a standstill and is no longer processing value transactions. Already on February 12th it became known that an anonymous hacker has exploited a weakness of the IOTA Trinity wallet to rob wallets with large balances in the range of more than 40 Giga IOTA. As a result, the IOTA Foundation reacted very quickly and “shut down” the coordinator.
Fortunately, this central component of the IOTA Tangle, which will be eliminated with the upgrade to Coordicide, has allowed the IOTA Foundation to prevent a larger number of transactions. Currently, there is still an explicit warning against the usage of the Trinity wallet. IOTA owners should under no circumstances open the Trinity wallet and enter their seeds.
As was announced yesterday evening (UTC), the IOTA Foundation made significant progress Saturday. Dave de Fijter explained via Discord that the IOTA Foundation is working on a solution for the relaunch of the Tangle:
We have also remediated the vulnerability in Trinity. The upcoming Trinity update will not function as a final transition tool, as we are still working on bringing the network back to full operation. If you have Trinity installed on your computer, we highly recommend you upgrade to this version when released.
Dominik Schiener added that a Trinity update will be released:
We will release a new Trinity version tomorrow with the fixes implemented. It’s not yet the full transition tool, but it’s the first step towards fully going back to operations.
Regarding the stolen funds, it was said yesterday that a new analysis tool was developed to track the stolen IOTA in real time:
We continue our work with law enforcement, our in-depth analysis of exactly what happened, together with a remediation plan to the secure funds of Trinity users. We are building a new analytics toolset (utilising our permanode) that tracks funds in real time. This tool will help support the ongoing investigation.
In the latest statement from today (12:10 UTC) it was said that the new Trinity version will allow IOTA owners to open their wallet and check their account balance. A specific release date has not yet been announced:
The new Trinity version is currently in progress. This version will be first and foremost, safe. We have identified the vulnerability and it has been removed from the wallet. This version will allow you to open the wallet and check your balance and transactions.
When released, we ask that if you see any unusual activity on your accounts to contact the Discord mod team or IOTA Foundation members directly. Please be aware that there are unfortunately active imposters posing as IOTA Foundation personnel on our Discord. Therefore it is important that you directly initiate contact yourself with the IF or mod team.
Regarding the relaunch of the IOTA Tangle, the IOTA Foundation explained that a specific plan still needs to be approved internally:
In the meantime, we are internally validating the full remediation plan before getting full sign off. Once we have signed off on the plan we will share further details publicly.
Again, we appreciate your patience right now. We are doing everything we can to resolve this incident in as secure and smooth a way as possible.