IOTA Tangle: Scalable DAG Ledger

Updated 20 November 2025

IOTA Tangle is a distributed ledger technology built on a directed acyclic graph that enables feeless, scalable transactions for IoT and decentralized applications.
Its tip selection algorithms, including MCMC-based and hybrid approaches, balance security, fairness, and computational efficiency to ensure timely transaction confirmations.
Advanced consensus mechanisms and Sybil resistance techniques, such as on-tangle FPC and Coordicide, enhance the network’s resilience and promote robust operational performance.

The IOTA Tangle is a distributed ledger technology based on a directed acyclic graph (DAG) architecture, developed to address scalability, fee, and throughput limitations inherent in blockchain-based distributed ledgers. Distinguished by its tip-approval protocol, feeless operation, and compatibility with both value and data transactions, the Tangle underpins IOTA’s ecosystem—particularly as redesigned for IOTA 2.0 (“Coordicide”)—and has been the subject of rigorous mathematical and algorithmic research.

1. Structural Design and Mathematical Foundations

At its core, the Tangle is a DAG $G = (V, E)$ whose vertices $V$ represent individual transactions or messages, and edges $E \subset V \times V$ encode direct approvals: when a new transaction $y$ arrives, it must reference and thereby approve a fixed number $m$ (historically $m=2$ ) of existing tips (unconfirmed transactions) by forming edges $(y \to x_1), \ldots, (y \to x_m)$ . The absence of cycles is guaranteed by the temporal ordering: each edge points from a newly-arrived transaction backward to its chosen predecessors (King, 2019, Popov et al., 2017, Sealey et al., 2022).

A key state variable is the set of current tips $\operatorname{Tips}(G) \subset V$ , i.e., vertices of out-degree zero (not yet directly referenced). Growth of the Tangle under Poisson transaction arrivals of rate $\lambda$ , with a fixed proof-of-work delay $h$ , admits fluid-limit analysis yielding coupled delay-differential equations for tip counts. The canonical result establishes that the expected number of tips at equilibrium is $L^* \approx 2\lambda h$ , and the system exhibits exponential convergence to this equilibrium, ensuring self-stabilization under fluctuating load (King, 2019, Kusmierz et al., 2020).

The formalism extends to continuous-time Markov process models, such as level-dependent quasi-birth-and-death processes, enabling analytic calculation of stationary distributions, tip-confirmation times, and throughput as explicit functions of arrival, approval, and impatience rates (Song et al., 2022).

2. Tip Selection Algorithms: Security, Fairness, and Liveness

The consensus-critical mechanism in the Tangle is the tip selection algorithm (TSA). Canonical IOTA deployments have historically combined two independent random walks—Markov Chain Monte Carlo (MCMC)—initiated at genesis and proceeding toward tips. At each step from node $i$ to direct approver $j$ , the walk transitions with probability proportional to $\exp(\alpha\,w_j)$ , with $w_j$ the (recursively defined) cumulative weight and $\alpha$ a bias parameter (Popov et al., 2017, Sealey et al., 2022):

$P_{i \to j}(t) = \frac{\exp(\alpha\,w_j(t))}{\sum_{k} \exp(\alpha\,w_k(t))}$

Small $\alpha$ yields nearly uniform selection (favoring fairness and low orphan rates), while large $\alpha$ sharply prefers heavier branches (improving attack resilience but risking honest orphan accumulation) (Ferraro et al., 2018, Bu et al., 2019).

Recent research has advanced a range of alternative TSAs:

G-IOTA augments the random-walk procedure with a left-behind tip selection to enforce confidence-fairness, guaranteeing that all honest tips receive confirmation within bounded depth (Bu et al., 2019).
E-IOTA randomizes among uniform, low-bias, and high-bias walks per transaction, unifying the security of high- $\alpha$ MCMC and the fairness of G-IOTA, while reducing computational cost and maintaining (or improving) attack resistance (Bu et al., 2019).
Two-Step TSA deterministically filters tips by cumulative weight and conflicts before final random selection, achieving constant-time, minerless security equivalent to classical “51%” resistance (Bramas, 2021).
Hybrid MCMC–Random Selection algorithms guarantee finite-time confirmation for all honest transactions, resolving the “orphan” problem endemic to high- $\alpha$ MCMC-only policies (Ferraro et al., 2018).

The table below illustrates the trade-offs among prominent TSAs:

Algorithm	Security	Fairness	Computational Cost
MCMC (large $\alpha$ )	High (parasite/splitting)	Low (orphans possible)	High (O( $n^2$ ))
Uniform Random	Low (double-spend)	High	Low (O( $n$ ))
G-IOTA	High	High	Higher (3 walks/tx)
E-IOTA	High	High	Reduced ( $\sim$ 10% fewer full walks)
Two-Step	High	Moderate–High	O(1) after initial pass

3. Consensus and Sybil Resistance

Consensus in the Tangle arises by the cumulative weight mechanism: as tips are approved, the descendant count and thus the weight of each transaction recursively increases. Once a message is indirectly referenced by a sufficient fraction of recent tips, its confirmation confidence approaches unity, and its history becomes effectively immutable (Popov et al., 2017, Sealey et al., 2022).

IOTA 2.0 eliminates reliance on a centralized coordinator (milestone issuer) and instead employs Fast Probabilistic Consensus (FPC)—a binary voting protocol, where node votes on conflicts are weighted according to “mana” (reputation) and random thresholds are supplied by a decentralized randomness beacon. This approach prevents classical voting coalitions and Sybil attacks, assuming that adversarial mana fraction $q<0.3$ yields agreement rates exceeding $99\%$ in simulation. Each transaction’s finality is reached after $O(\log N)$ rounds, with N the network size (Sealey et al., 2022).

Mana accrues based on value transactions and decays over time, serving both as an access-control and voting-weight mechanism. On-Tangle FPC, an ongoing research direction, aims to further unify voting and DAG traversal by embedding vote data in approvals (Sealey et al., 2022).

4. Performance, Scalability, and Operational Metrics

IOTA Tangle’s DAG architecture obviates the block interval and block size limits of chain-based ledgers. Transactions can be issued as soon as local PoW completes, and high concurrency is natively supported: empirical results on IOTA 2.0 (“Nectar DevNet”) demonstrate up to 1000 transactions per second (TPS), with confirmation latencies of 10–12 seconds under load, and transaction energy consumption $<$ 1 J (Sealey et al., 2022). The system maintains a bounded tip pool (expected $2\lambda h$ ), and, under high arrival rate, mean confirmation latency decays as $O(1/\lambda)$ (King, 2019).

Comparison of Tangle and canonical blockchains:

Metric	IOTA 2.0	Legacy IOTA	Bitcoin	Ethereum
TPS	$≤$ 1000	$<$ 35	$\sim$ 7	$\sim$ 20
Latency (s)	10–12	$\sim$ 60	$\sim$ 600	$\sim$ 120
Energy/tx (J)	$<$ 1	$<$ 1	$\sim$ 10⁶	$\sim$ 10³
Fees	0	0	$\ge$ \$0.50 \| $\ge$ \$1

The elimination of transaction fees is directly enabled by the absence of miner incentives and the lightweight PoW attached to message submission (Farahani et al., 2022, Nakanishi et al., 2021). Network-wide performance is moderated by rate-control protocols and principal–agent mechanisms that assign PoW difficulty and transaction weight to users based on their computational capacity (Gupta et al., 2022).

5. Attack Models and Security Mitigations

The Tangle has been the target of extensive statistical and adversarial analysis, focusing on double-spending, parasite-chain, splitting attacks, and the risk of orphaned transactions.

Parasite Chain Attacks: In a parasite-chain double-spend, an adversary secretly builds a fork anchored at an earlier transaction, releasing it to race against the main Tangle. MCMC-based tip selection with sufficient bias parameter $\alpha$ ensures random walks favor the heavier (honest) branch. Parasite chain detection schemes have been proposed based on the statistical distribution of approver counts, flagging suspicious subgraphs whose structure diverges from the Poisson law established for benign TZAs (Penzkofer et al., 2020).
Splitting Attacks: An attacker balances conflicting sub-Tangles, sustaining them by flooding low-weight tips. Security proofs for E-IOTA, G-IOTA, and Two-Step TSAs formalize conditions under which such attacks fail, typically requiring adversarial rate $p_a$ to exceed the honest high- $\alpha$ approval fraction (Bu et al., 2019, Bu et al., 2019, Bramas, 2021).
Orphan (Left-Behind) Attacks: High- $\alpha$ tip selection may cause honest tips to be indefinitely orphaned, undermining fairness. Hybrid algorithms (e.g., G-IOTA, E-IOTA) interleave fairness-restoring steps with security favoritism to guarantee bounded orphan counts and confirmation in finite time (Ferraro et al., 2018).

Security defenses benefit from design parameters—mixing strategies, reattachment timeouts, mutual supervision mechanisms—that limit the risk of both undetected adversarial activity and honest transaction loss (Bu et al., 2019).

6. Smart Contracts and Layered Architectures

IOTA Tangle supports smart-contract platforms (ISCP), layered atop the L1 DAG. L2 smart-contract chains (SC chains) interact with the Tangle for anchoring, interoperability, and payment settlement, with mainnet transactions operating as a scalable, feeless trust anchor (Farahani et al., 2022, Sealey et al., 2022). Brokers’ SC chains in decentralized marketplaces function as mixers and anonymity layers, issuing invoices, matching decryptable requests, and routing payments in a privacy-preserving fashion. Smart contracts are implemented in WebAssembly (WASM) or via EVM shims, administered by committees whose consensus can be anchored on the Tangle and executed with predictable gas requirements, facilitating IoT-scale, fine-grained economic activity.

ISCP sub-chains can process “many hundreds of TPS” per chain, while cross-chain anchoring leverages the scalable, feeless properties of IOTA L1 (Farahani et al., 2022).

7. Research Directions and Open Challenges

Active research into the IOTA Tangle encompasses several theoretical and practical domains:

On-Tangle FPC and Embedded Consensus: Integrating voting directly into approval semantics to minimize network overhead and achieve scalable, synergistic data–consensus multiplexing (Sealey et al., 2022).
Oracle Integration: Secure oracle networks (“Oracle Distributed Networks”) for trusted IoT data feeds and aggregation, with DAG anchoring for data provenance (Sealey et al., 2022).
Sharding and Horizontal Partitioning: Partitioning strategies for message processing across parallel sub-Tangles, with mechanisms for cross-shard finality and recursive stamping (Sealey et al., 2022).
Formal Security under Adversarial Models: Proving liveness, safety, and robustness guarantees under asynchronous communication, adversarial mana distribution, and fluid IOTA-Tangle dynamics (Müller et al., 2022, Sealey et al., 2022).
Privacy Extensions: Implementing zero-knowledge proofs, confidential transfers, and privacy-preserving state transitions directly on or above the DAG structure (Farahani et al., 2022).

IOTA Tangle continues to serve as both a practical platform for scalable, fee-less ledgers and a rich source of algorithmic, stochastic, and game-theoretic research, with applications across IoT, access control, decentralized marketplaces, and reputation-based consensus (Farahani et al., 2022, Sealey et al., 2022, Nakanishi et al., 2021).