Security Audit: Proof of Capital
We've completed our security assessment of the Proof of Capital protocol - a market-making smart contract that protects interests of all holders.
Full report: [link]
We've completed our security assessment of the Proof of Capital protocol - a market-making smart contract that protects interests of all holders.
Full report: [link]
proofofcapital.org
Proof of Capital
Technology for ensuring the value of digital assets
🎉 Misti 0.7 has just landed on NPM!
🔍 More Tact Detectors: StateMutationInGetter, UnprotectedCall and SuspiciousLoop.
⚡ Tact 1.6.1 support: Including new language syntax and features.
⚙️ Improved Tools: Added more Callgraph functionality to enhance contracts audits.
🔧 Fixes & Enhancements: Check out the full changelog.
🔍 More Tact Detectors: StateMutationInGetter, UnprotectedCall and SuspiciousLoop.
⚡ Tact 1.6.1 support: Including new language syntax and features.
⚙️ Improved Tools: Added more Callgraph functionality to enhance contracts audits.
🔧 Fixes & Enhancements: Check out the full changelog.
nowarp.io
Misti
TON Static Analyzer
TON Security Risks: A Static Analysis Perspective
A new blog post dives into security risks in TON, with a focus on automated security tools. It argues for using static program analysis in audits and shows examples of bugs that tools like Misti can catch.
A new blog post dives into security risks in TON, with a focus on automated security tools. It argues for using static program analysis in audits and shows examples of bugs that tools like Misti can catch.
nowarp.io
TON Security Risks: A static analysis perspective | Misti
Smart contracts are unforgiving. A single bug can vaporize millions of dollars. If you're coming from web development, forget everything you know about "move fast and break things" - here, breaking things means actually breaking things. With money. Real money.
🎉 Misti 0.8 has just landed on NPM!
⚡️ More Detectors: New detectors to find possible optimizations introduced in Tact 1.6: SuboptimalSend, PreferBinaryReceiver, PreferSenderFunction, ImplicitOpcode and SuboptimalCellOperation.
⚙️ Improved Integrability: Standartized JSON output for smoother integration.
👩💻 LSP Actions Support: Misti now provides API for LSP code actions, introducing quickfix suggestions for some detectors.
🔧 Fixes & Enhancements: Check out the full changelog.
⚙️ Improved Integrability: Standartized JSON output for smoother integration.
🔧 Fixes & Enhancements: Check out the full changelog.
Please open Telegram to view this post
VIEW IN TELEGRAM
nowarp.io
Misti
TON Static Analyzer
Misti 0.8.1 has just been released.
🔧 This patch release introduces Tact 1.6.6 support and includes minor changes and fixes. Check out the full changelog.
🔧 This patch release introduces Tact 1.6.6 support and includes minor changes and fixes. Check out the full changelog.
nowarp.io
Misti
TON Static Analyzer
🔧 Announcing: OCaml library for FunC parsing: nowarp/ocaml-func
For developers working with FunC, this library provides AST and parser functionality.
For developers working with FunC, this library provides AST and parser functionality.
GitHub
GitHub - nowarp/ocaml-func: OCaml library providing AST and parser for FunC
OCaml library providing AST and parser for FunC. Contribute to nowarp/ocaml-func development by creating an account on GitHub.
Check out our first thread for an overview of Misti: https://x.com/nowarp_io/status/1921501042534908240
Please open Telegram to view this post
VIEW IN TELEGRAM
X (formerly Twitter)
nowarp (@nowarp_io) on X
1/ 🛡 Misti is an open-source static analyzer for @ton_blockchain contracts written in @tact_language: https://t.co/AcjQZdLhrh
Let's explore its capabilities 👇🏻
Let's explore its capabilities 👇🏻
🚀 Introducing Scanner: Mass Static Analysis for TON Smart Contracts
We've released a demo showcasing our static analysis tooling for TON contracts.
🔍 Features:
- ~20 curated contracts with zero vulnerabilities
- Detailed analysis results
- Great for learning Tact development best practices and exploring the tooling capabilities
🛡️ We scan everything for research but only display clean contracts without vulnerabilities publicly.
📊 Check it out: https://nowarp.io/tools/scanner/
We've released a demo showcasing our static analysis tooling for TON contracts.
🔍 Features:
- ~20 curated contracts with zero vulnerabilities
- Detailed analysis results
- Great for learning Tact development best practices and exploring the tooling capabilities
🛡️ We scan everything for research but only display clean contracts without vulnerabilities publicly.
📊 Check it out: https://nowarp.io/tools/scanner/
nowarp.io
Misti
TON Smart Contract Scanner
🎉Misti 0.9 has just landed on NPM!
⚡️ More Detectors: New Tact detectors: DuplicatedImport, TransitiveImport, RedundantBooleanExpression, UnusedMethodArgument and PreferGlobalFunction.
🖥 Improved Github Actions integration: Better user experience via SARIF output format support.
🛠 Custom Tools: Misti now enables users to write Custom Tools, just like Custom Detectors.
🔧Fixes & Enhancements: Check out the full changelog.
🛠 Custom Tools: Misti now enables users to write Custom Tools, just like Custom Detectors.
🔧Fixes & Enhancements: Check out the full changelog.
Please open Telegram to view this post
VIEW IN TELEGRAM