tact-docs icon indicating copy to clipboard operation
tact-docs copied to clipboard

Published 20 hours ago verified publisher icon tact-lang

Cover anti-patterns and possible attacks on Tact smart-contracts

Open anton-trunov opened this issue 1 year ago • 3 comments

Anti-patterns:

  • [ ] on-chain string parsing from a human-friendly format into a machine-readable binary structure -- a dapp frontend should do that and only communicate with its smart contracts using machine-readable structures messages, so we don't impose too much load on the blockchain

anton-trunov avatar Feb 29 '24 22:02 anton-trunov

General guidelines for TON smart contracts: https://docs.ton.org/develop/smart-contracts/guidelines Security tips: https://docs.ton.org/develop/smart-contracts/security/secure-programming

novusnota avatar May 07 '24 12:05 novusnota

Some issues observed in FunC, many could be applied to Tact as well: https://github.com/slowmist/Toncoin-Smart-Contract-Security-Best-Practices/blob/main/README.md

anton-trunov avatar Sep 16 '24 05:09 anton-trunov

A post by CertiK: https://blog.ton.org/secure-smart-contract-programming-in-func

anton-trunov avatar Sep 25 '24 11:09 anton-trunov