Public chain TON has now established a partnership with popular messaging app Telegram. Telegram will integrate TON’s payment and native applications to promote TON and its ecosystem to its over 800 million users. This article will introduce TON’s new programming language, Tac, its language features, and how to implement security.
Previously, Microcosm Labs discussed how TON+Telegram surpasses WeChat and aims to create a global financial hub. The TON whitepaper analysis also revealed the underlying technology behind the world’s highest TPS blockchain.
Table of Contents:
The Potential of TON with Telegram’s Support
Features of TON’s New Language, Tact
Security of Tact Smart Contracts
Trends or Opportunities? How to View TON’s Future Development
On November 10th, the TON Foundation spoke to developers about the ecosystem and technological development of TON at the TON Gateway event, emphasizing their focus on collaborating with Telegram to bring hundreds of millions of users into Web3. On November 28th, Animoca Brands announced an investment in TON Play game infrastructure, becoming the biggest supporter of TON to support the TON network.
Beosin previously provided a comprehensive introduction and analysis of TON and its ecosystem. Today, Beosin will analyze the new programming language, Tact, introduced by TON, to help developers understand its language features and security practices.
TON (The Open Network) is a decentralized network platform composed of TON blockchain, TON Proxy, TON Storage, and other systems. TON blockchain is the core of TON and is commonly referred to as TON.
Different from public chains like Ethereum, the calls between smart contracts in TON are asynchronous. This design improves scalability because when one smart contract calls a function of another smart contract, the call does not execute immediately and does not need to process all transactions in one block. However, the asynchrony also increases the threshold for developers to develop and maintain applications on the TON chain.
The architecture of TON blockchain consists of the masterchain, working chains, and shard chains, which provide high performance and scalability. TON blockchain achieves its goal of millions of TPS through sharding.
Currently, TON has partnered with Telegram. Telegram will integrate TON’s payment and native applications to promote TON and its ecosystem to its over 800 million active users.
TON has three smart contract programming languages: Fift, FunC, and Tact. Tact is a newly introduced statically-typed high-level programming language in TON, aiming to reduce the difficulty of developing smart contracts and improve security.
Tact shares some language features with JavaScript, supporting asynchronous calls and message-oriented programming.
1. Asynchronous Calls
Tact supports asynchronous calls, allowing smart contracts to execute concurrently without waiting for other contracts to finish. This enhances the performance and responsiveness of the TON blockchain.
2. Message-Oriented Programming
The core idea of message-oriented programming is communication between different objects through message passing instead of direct invocation. This design eliminates coupling between callers and receivers, and objects can subscribe and unsubscribe from messages at any time, making dependencies and updates between objects easier.
This design that reduces dependencies is introduced into Tact contract development. Developers can develop multiple contracts based on MOP and integrate and interact between contracts through messages. This isolates contracts, reduces risks, and simplifies the interaction process, greatly improving the security of contract development.
When using Tact for smart contract development, the security of the contract cannot be ignored. The following are security recommendations for contract development using Tact:
1. Pay Attention to Mathematical Issues
When developers handle mathematical calculations, they need to pay attention to the data types used and the precision of calculations. If the contract encounters integer overflow issues, it will cause exceptions and terminate the current transaction. Developers need to perform integer checks in relevant businesses.
2. Access Control
Tact uses message-oriented programming, and developers need to properly control access to functions involving core business in contracts to ensure that the functions receive the correct messages and are called correctly.
3. Validate Input Messages
Developers should appropriately validate or filter external input in smart contracts to prevent attackers from using forged messages and data for attacks.
4. Control Message Types
Since Tact contract development uses messages for communication, developers may use structures to construct new data types for message passing, resulting in an increase in the number of message types. This may make the codebase messy. Developers need to carefully manage message types.
5. Complexity of Program Execution Flow
Due to the dynamic nature of contracts being able to subscribe and unsubscribe from messages at any time, developers may find it difficult to clarify the execution flow of the application when developing large and complex projects. This may make code inspection and testing difficult, and clear documentation and flowcharts will be helpful for subsequent development and auditing.
6. Thorough Testing
When developers develop contracts, they should use a sandbox for testing, optimize gas consumption, and check edge cases. The sandbox simulates all stages of contract execution: computational phase, actions phase, and bounce phase. It is closer to the execution situation on the real network than Ton-contract-executor. Tact-emulator is another testing toolset provided by the TON official, but there are currently no detailed usage documents.
7. Error Handling
Due to TON’s design, developers need to handle the end paths of the code. Contracts may receive bounced messages, and contracts need to handle these messages correctly. In addition, when handling bounced messages, gas exhaustion needs to be considered, which can also lead to unexpected vulnerabilities.
8. Audit and Security Monitoring
After completing the project development, it is recommended that developers conduct security audits and on-chain monitoring services to monitor the execution status of contracts. Beosin’s EagleEye on-chain monitoring platform provides users with quick project data queries and alerts. Currently, EagleEye supports analyzing whale addresses on the chain, detecting contract risks, and monitoring project social media platforms and on-chain activities, providing comprehensive project information to users.
In this article, we have provided a brief introduction to TON, analyzed the language features of Tact, and provided detailed security practices for Tact smart contract development.
Telegram, as a platform with a large user base worldwide, has tremendous potential. Tact, as a new programming language strongly promoted by the TON Foundation, provides developers with a friendly and concise way to build smart contracts for the TON network. This creates a more convenient development environment for developers and attracts more people to participate in the development of TON ecosystem projects. With more developers joining and exploring, the ecosystem of the Tact language will gradually expand, providing more opportunities for the development of the TON network.
However, it should be noted that the development of the cryptocurrency and blockchain field still faces challenges and risks. Government regulation, market acceptance, technical issues, and others may affect the development of TON. Therefore, for the trends and opportunities of TON, we need to continuously monitor market dynamics, technological advancements, and changes in regulatory environments, and conduct in-depth research and analysis. At the same time, Beosin needs to remind developers to understand the language features of Tact when using it for contract development, pay attention to the security recommendations mentioned above, and conduct security audits after development to detect and fix potential vulnerabilities and risks.
Related Reports:
Animoca Brands partnering with TON: Can it open a new chapter in the blockchain gaming market?
TON Ecosystem Report: Trends and Opportunities, How to Find an Entry Point in the TON Ecosystem
Dubai Gives Green Light! XRP and TON Approved by DFSA for Qualified Companies to Conduct Trading Services
Tags:
Tact
TON
TON Foundation
Programming Language