MAIA: Masked Authenticated IOTA Address

A MAM channel in which each message is an IOTA address

10 comments

I am pleased to introduce you MAIA, a protocol based on MAM which allows establishing a fixed address that points to another address [http://maia.trustingiot.com/poc].

MAIA is the acronym of Masked Authenticated IOTA Address. This acronym describes very well what it is, and also sounds good when it is pronounced “MAIA” 🙂

Maybe those who are familiar with IOTA may intuit what MAIA is, but I think it is necessary to contextualize the problem for which MAIA is proposed as a possible solution.

One of the characteristics of IOTA is that when an address is used to transfer IOTAs it should not be reused, and this is good. I think the following image published on Reddit illustrates it brilliantly:

reuse-iota

Another characteristic of IOTA is that it supports cool features such as MAM (Masked Authenticated Message). In general, I could say that MAM allows you to create secure messaging channels on the tangle. If you are not sure about what is MAM or how it works, the best thing you can do is read the following blogpost.

What is MAIA? A public MAM channel in which each message is an IOTA address and which always returns the last message.

maia

Let me tell you a sad story that happened to Alice and Bob.

  1. Alice publishes articles in different blogs and in each of them she includes her IOTA address for donations.
  2. Bob finds an article published by Alice that allows him to solve a problem that has been bothering him for days. He is so happy that he transfers some IOTAs to the IOTA address included by Alice.
  3. One day Alice decides to spend her IOTAs. Before doing the above, she creates a new address and modifies the old one by the new one in all the posts she has published. Once she is sure that she has changed the address in all posts, she spends her IOTAs.
  4. After few days, Bob finds something created by Alice again, but this time it is not a blog, but the pdf of a presentation that Alice made a month ago for a conference. Alice had included in the presentation her old IOTA address which is no longer valid, but Bob does not know it. Bob is so grateful to Alice that he donates some IOTAs to her again and he transfers them to the old address since this is the one that he knows.

What would happen now? It is difficult to know. Perhaps an enough robust wallet warns and/or prevents Bob from making this transaction. Maybe Alice keeps the private key of her old address and she can transfer the IOTAs to her new address before a third person takes them. Or perhaps the donation ends up in the hands of a third person who has designed a software to scan the tangle and take advantage of situations like the previous one.

Let’s make some changes to the story so that it has a happy ending.

  1. Alice publishes articles in different blogs and in each of them she includes her IOTA address MAIA for donations.
  2. Bob finds an article published by Alice that allows him to solve a problem that has been bothering him for days. He is so happy that he transfers some IOTAs to the IOTA address MAIA included by Alice.
  3. One day Alice decides to spend her IOTAs. Before doing the above, she creates a new address and modifies the old one by the new one in all the posts she has published the IOTA address associated with her MAIA. Once she is completely sure that she has changed the address in all posts address associated with her MAIA, she spends her IOTAs.
  4. After few days, Bob finds something created by Alice again, but this time it is not a blog, but the pdf of a presentation that Alice made a month ago for a conference. Alice had included in the presentation her old IOTA address which is no longer valid, but Bob does not know it MAIA. Bob is so grateful to Alice that he donates some IOTAs to her again and he transfers them to the old address since it is the one he knows current IOTA address associated with the MAIA.

Why has MAIA been proposed? Due to the absence of a satisfactory solution for problems like the previous one. There are some solutions, but all of them fail (in my opinion) at some point. Perhaps what comes closest to a satisfactory solution is the use of IOTA cheques, but there are still points to be solved (as I understand it, the creator of the cheque could ‘revoke’ it because he/she knows the private key, and this is something that invalidates the solution in some cases).

I think MAIA is a simple and elegant mechanism to deal with situations which are similar to the previous one. As it is said before, MAIA is only a protocol that uses MAM, and maybe, it can be implemented in about 10 lines of code, so it is not a disruptive or revolutionary idea. It is just the formalization of a solution to the previous problem.

The first version of MAIA is available in its repository. In this first version, it includes a JavaScript library that can be used in both, backend and frontend, as well as some code in order to test it in both cases.

Once the praises of MAIA are sung, I will tell you the negative points.

What happens after a snapshot? Currently, MAIA’s address should be recreated, but in a few weeks, this should not happen (I can only say that the solution is related to permanodes, but that it will not be a permanode 😉 ).

Where can I use MAIA? Currently, nowhere. However, we are developing some tools to automate the use of MAIA that we believe you will like. If you want to do some test, you can do them here (it’s the code used to test MAIA, so be very very very careful with what you do).

I hope you like MAIA. In case you want to donate some IOTAs to support my work, send them to my personal IOTA address:

KIFEHFFMQDPHLHGURUXDZGTJVDZMDLCFSVXXRNXKCIXJZSJNBWULBLQXYSNZNVGIJXVCITXREHUUKCHGDCSEBGYDEB (it is no longer my address, use my MAIA)

Or better yet, send them to my MAIA (we are making changes to the protocol and sometimes the node that we use is down, so for now it is better that we do not take risks :’) ): donation address.

10 comments on “MAIA: Masked Authenticated IOTA Address”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s