IOTA is vulnerable to replay attacks but has no intention of fixing the flaw
"Still, it is worth noting that, while the vulnerability is similar to the signature issue previously disclosed by Neha Narula from the MIT Digital Currency Initiative (DCI), this is a newly discovered flaw.
The good thing, the author highlights, is that the glitch is relatively easy to eliminate.
IOTA developer Lewis Freiberg has since confirmed the issue is indeed authentic in a statement on Reddit. Still, the developer downplayed the severity of the vulnerability, adding that the company has no intention of tweaking the core architecture of the network to “accommodate this edge case.”
In any case, the decision not to patch the exploit is odd – especially because both Rebstock and Freiberg agree it is a pretty “simple fix.”
I’m not afan of the way IOTA goes about things at all,never could convince myself to invest.