TON Blockchain’s Tact Language Has Security Risks – CertiK Audit Veronika Rinecker | usagoldmines.com

CertiK has raised concerns about security risks in Tact, the programming language designed for developing smart contracts on the TON blockchain, as detailed in an audit released on Thursday.

The findings have raised concerns about coding practices and the potential risks associated with the language’s implementation.

Security Risks Found in TON Blockchain’s Tact Language – CertiK Audit

Tact, designed in 2023 to simplify development, enhance performance, and bolster smart contract security on the TON blockchain, has been found to have several vulnerabilities.

CertiK compared Tact to its predecessor, FunC, identifying frequent mistakes that developers make when using the language.

These errors can lead to transaction failures, loss of funds, and exploitable security gaps.

One of the key concerns highlighted in the report is Tact’s strict address format.

The format’s inconsistencies with existing standards, such as TEP-74, could result in failed transactions or lost tokens, similar to sending a letter to an incorrect address.

CertiK also flagged challenges in managing concurrent operations.

While the TON blockchain avoids vulnerabilities like reentrancy, which is common on Ethereum, its unpredictable transaction order could enable attackers to exploit timing differences, creating vulnerabilities akin to man-in-the-middle attacks.

Another area of concern is data serialization. CertiK noted that developers need to explicitly organize data within smart contracts.

Failure to do so could result in misinterpretations and unpredictable program behavior, comparable to assembling furniture with incomplete instructions.

The report also highlighted potential errors in Tact’s handling of numbers, which could lead to glitches if developers are not vigilant.

CertiK further emphasized the importance of managing “gas,” the fee required to execute blockchain transactions.

Improper estimation and control of gas usage by developers can cause transactions to fail midway or potentially drain funds from a contract.

Crypto Hacks in 2024: $1.5 Billion Lost Despite a Decline

Beyond the vulnerabilities in Tact, the broader crypto ecosystem continues to grapple with major security challenges.

According to a report by Immunefi, nearly $1.5 billion has been stolen in crypto-related incidents in 2024, despite a 15% drop in stolen funds compared to the previous year.

November alone saw over $71 million in digital assets vanish, bringing the year-to-date total to over $1.48 billion across 209 incidents.

One notable incident in November involved meme coin trading terminal DEXX, which suffered a private key leak.

The exploit affected at least 900 users, with the majority losing less than $10,000, while one user suffered a loss exceeding $1 million.

In the same month, Delta Prime, a DeFi protocol operating on Avalanche and Arbitrum, experienced its second major exploit of the year.

This incident resulted in a $4.8 million loss, following a $6 million hack in September.

The post TON Blockchain’s Tact Language Has Security Risks – CertiK Audit appeared first on Cryptonews.

This articles is written by : Nermeen Nabil Khear Abdelmalak

All rights reserved to : USAGOLDMIES . www.usagoldmines.com

You can Enjoy surfing our website categories and read more content in many fields you may like .

Why USAGoldMines ?

USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.