![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
Cryptocurrency News Articles
TonBit, TON Blockchain's Primary Security Assurance Provider, Demonstrates Commitment to Safeguarding the TON Ecosystem
May 21, 2025 at 05:03 am
Silicon Valley, USA, May 21st, 2025, TonBit, a subsidiary of BitsLab and TON Blockchain's primary security assurance provider, has once again demonstrated its commitment to safeguarding the TON ecosystem by identifying and responsibly disclosing a vulnerability within the TON Virtual Machine (TVM).
Silicon Valley, USA, May 21st, 2025,
TonBit, a subsidiary of BitsLab and TON Blockchain’s primary security assurance provider, has announced the discovery and responsible disclosure of a vulnerability in the TON Virtual Machine (TVM). This finding, which has been officially acknowledged by the TON Foundation, showcases BitsLab and TonBit's commitment to safeguarding decentralized networks.
The vulnerability discovered by TonBit is the non-atomic state transition vulnerability in the RUNVM instruction. An attacker can exploit the moment when a sub-VM exhausts its gas to corrupt the parent VM's libraries and induce subsequent call failures, ultimately causing contracts that depend on library integrity to behave abnormally.
In the link below, TonBit retains the original technical details to present the full discovery and verification process for developers, aiding the community in gaining an in-depth understanding of the issue and boosting awareness of similar risks.
Technical details of this vulnerability: https://www.linkedin.com/pulse/tonbit-once-again-discovers-vulnerability-ton-virtual-machine-jt0oc/
This discovery highlights the deep expertise of TonBit, a subsidiary of BitsLab, in security research within the TON ecosystem. TonBit immediately submitted the technical details and mitigation plan to the TON Foundation and assisted in completing the remediation. Now, the vulnerability is fully patched.
TonBit and BitsLab recommend that all developers promptly update their dependency libraries once the official patch is released. At the same time, they incorporate more rigorous library-integrity checks and gas-management logic into custom contracts to prevent similar issues from being maliciously exploited. BitsLab and TonBit will continue to uphold the principle of “responsible disclosure” and, together with the community, fortify the Web3 security perimeter.
This finding further cements TonBit and BitsLab's "security-first" ethos within Web3. By adhering to rigorous disclosure protocols and engaging transparently with ecosystem stakeholders, TonBit and BitsLab continue to set industry standards for ethical blockchain research and Web3 ecosystem security.
About TonBit
TonBit, a core sub-brand of BitsLab, is a trusted security expert and early builder within the TON ecosystem. Serving as the Primary Security Assurance Provider (SAP) for the TON blockchain, TonBit specializes in comprehensive security audits, including Tact and FunC language audits, ensuring the integrity and resilience of projects built on TON. Officially endorsed by TON, TonBit has successfully audited several high-profile projects such as Catizen, Algebra, UTonic, Ton Batch Sender, TonUp, PixelSwap, Tradoor, Miniton, Thunder Finance, and nearly 20 other projects on TON, showcasing its expertise in securing TON-based solutions.
About BitsLab
BitsLab is an organization dedicated to Web3 ecosystem security, aiming to become a respected security authority within the industry. The organization operates three sub-brands: MoveBit, ScaleBit, and TonBit, focusing on infrastructure development and security auditing across multiple blockchain ecosystems, including Sui, Aptos, TON, BNB Chain, Starknet, and Solana. BitsLab specializes in auditing a wide range of programming languages, such as Circom, Halo2, Move, and Cairo.
As a leader in blockchain security, BitsLab has provided security auditing services to several projects, including Aptos, Tether, UniSat, and Nervos CKB. Having delivered over 400 security solutions, the company has audited over 400,000 lines of code and safeguarded $8 billion in assets for over 2 million users. BitsLab has identified critical vulnerabilities in several well-known projects and remains committed to advancing Web3 security while fostering the healthy growth of emerging ecosystems.
Contact
Media Teamhan@bitslab.xyz
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
-
-
-
-
- A faction of Senate Democrats expresses opposition to a Republican-led stablecoin legislation, citing concerns about the modified version.
- Jun 09, 2025 at 06:30 pm
- A group of nine Democrats, who have previously backed crypto-friendly laws, voiced their concerns over the GENIUS Act, popularly known as the stablecoin bill.
-
-
-
-