Scan to download
Home
Article
Flash
Token Unlock
Hot Projects
Specials
Columns
ETF
Knowledge Base
Calendar
Activity
Tools

BitsLab's TonBit discovered and assisted in fixing a critical vulnerability in the TON virtual machine, receiving thanks from the TON official team

Industry Express
2024-11-01 13:42:52
Collection
TON's official gratitude towards the TonBit team is not only a high recognition of their recent vulnerability discovery work but also an acknowledgment of their long-term commitment to blockchain security.

Recently, the official TON team officially thanked the security team TonBit under BitsLab for discovering critical vulnerabilities in the TON virtual machine in their latest version update notes. If exploited maliciously, this vulnerability could lead to resource exhaustion of the virtual machine, system crashes, and subsequently affect the stability of the entire TON network. The TonBit team, leveraging their profound technical expertise, quickly identified the issue and proposed effective solutions, creating a more secure operating environment for the TON virtual machine and further enhancing the overall stability of the TON ecosystem. Image

Discovery and Fix of Critical Vulnerabilities That Could Paralyze the TON Network

The root cause of this vulnerability lies in the risky design of nested operations when the TON virtual machine handles continuations. Malicious contracts can create deeply nested continuation structures, triggering recursive evaluation processes that exhaust the host stack space of the virtual machine. This resource exhaustion attack could cause the TON virtual machine to crash abnormally; simply put, it could lead to all Validators going offline without using a single TON, directly affecting the system's availability.

After in-depth analysis and collaboration with Ton Core, the TonBit team proposed an innovative solution that adjusts the internal jump mechanism of the virtual machine to replace recursive calls with iterative ones, effectively preventing such attacks. This solution has been implemented in the latest version of TON, providing users with a safer and more stable operating experience.

As the Official SAP of TON, TonBit Demonstrates Outstanding Security Assurance Capabilities

It is worth mentioning that TonBit, as the official Security Assurance Provider (SAP) of TON, possesses rich experience and expertise in blockchain security, capable of conducting comprehensive analyses of potential risks in the underlying system architecture and proposing assistance for remediation. The discovery of this vulnerability and the proposed remediation plan not only reflect the technical advantages of the TonBit team in the field of blockchain security but also further prove their indispensable value in ensuring the security of the TON ecosystem.

The TON team specifically thanked the contributions of the TonBit team in their latest update notes published on their official GitHub. Such recognition not only highlights TonBit's important position in the field of blockchain security but also showcases their steadfast commitment to continuously ensuring the stability of the TON network and promoting the development of the ecosystem.

TonBit's Ongoing Security Contributions: Supporting the Healthy Development of the Blockchain Industry

As a security pioneer in the blockchain industry, TonBit is committed to comprehensive protection from underlying security to system architecture. In addition to the discovery of this critical vulnerability in the TON virtual machine, the TonBit team is also continuously conducting in-depth research on the development of the TON ecosystem and blockchain technology, constantly promoting the enhancement of security in blockchain application scenarios. TonBit's expertise is not limited to smart contract detection; they also have rich technical accumulation in network security architecture and user data protection.

In today's rapidly developing blockchain technology landscape, security has become a key factor determining the long-term development of blockchain networks. As the official SAP of TON, the TonBit team, with its expertise in security technology research, product development, and threat warning, is leading a new direction in blockchain security. The discovery of the vulnerability in the TON virtual machine marks another significant breakthrough for TonBit in the field of underlying blockchain security technology. In the future, TonBit will continue to strengthen its technical research in blockchain security, providing more solid support for the healthy development of the entire blockchain industry.

The TON official's gratitude towards the TonBit team is not only a high recognition of their work in discovering this vulnerability but also an acknowledgment of their long-term investment in blockchain security assurance.

About TonBit

TonBit, the security sub-brand under BitsLab, has always been at the forefront of the industry as an early builder and security expert of the TON ecosystem. Since 2021, TonBit has been deeply involved in the infrastructure construction of the TON blockchain and focuses on providing comprehensive security audit services for the TON ecosystem. With over 10 years of experience in cybersecurity, the TonBit team has published more than 20 academic papers related to blockchain security and successfully completed over 50 selected audit projects. As a core security force of the TON ecosystem, TonBit is dedicated to providing developers and users with cutting-edge security assurance and technical support, ensuring the security and scalability of the TON blockchain.

Related tags
BitsLab TonBit TON Virtual Machine Key Vulnerability Security Team
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
banner
Industry Express
Industry Express Recommend some project activities and the latest industry trends.
The Future of Secure Decentralized AI: Mind Network and SingularityNET Announce Partnership to Launch ASI Hub
The Future of Secure Decentralized AI: Mind Network and SingularityNET Announce Partnership to Launch ASI Hub
GOAT Network reshapes Bitcoin's second layer, zkMIPS ecosystem welcomes new breakthroughs
GOAT Network reshapes Bitcoin's second layer, zkMIPS ecosystem welcomes new breakthroughs
Related tags
BitsLab TonBit TON Virtual Machine Key Vulnerability Security Team
Related reading
BitsLab releases groundbreaking security research findings: 2024 Emerging Public Chain Security Panorama Insights
BitsLab releases groundbreaking security research findings: 2024 Emerging Public Chain Security Panorama Insights
Slow Fog: UwU Lend Hacked Analysis
Slow Fog: UwU Lend Hacked Analysis
The Bitcoin Security Lab (BTC Security Lab) is officially established, and the recruitment of early partners has now begun.
The Bitcoin Security Lab (BTC Security Lab) is officially established, and the recruitment of early partners has now begun.
Aggregating MoveBit and ScaleBit, BitsLab focuses on the security and infrastructure of the emerging Web3 ecosystem.
Aggregating MoveBit and ScaleBit, BitsLab focuses on the security and infrastructure of the emerging Web3 ecosystem.
Copyright © 2023
About Us
Media Kit
Apply for a column
Disclaimer
RSS LINK
Recruitment
Qiong ICP No. 2021009392
Qiong ICP No. 2021009392
ChainCatcher Building the Web3 world with innovators
Open the app