On April 19, during the Token2049 conference following Pavel Durov’s speech, it was announced that Tether’s stablecoin, USDt, would be introduced on the TON network. As this is a centralized stablecoin, the issuer of such a token must have control over users’ funds to comply with regulatory requirements, such as freezing user funds. In this brief article, I will explain how tokens on TON are structured and what capabilities the stablecoin issuer has.
If you are already familiar with the TON blockchain and the concept of work with tokens, you can skip to the paragraph “Locking Your Funds,” where we discuss the mechanics of the stablecoin, as we will start with the basics in this article.
How Smart Contracts Work on the TON Network
The TON blockchain is asynchronous, and smart contracts communicate with each other through messages. Contracts are written in the TACT and FUNC languages, and the logic written in these languages is quite understandable without detailed study, which we will leverage in reviewing the stablecoin contracts. However, if you want to delve deeper, there are free open-source tutorials available.
Smart contracts on TON do not involve storing large dictionaries within themselves. Instead, it is envisaged to create a master contract capable of “recreating” (the address represents a hash of the initial information of the smart contract and its code, which enables such a mechanism) addresses of related contracts inside itself and thus sending messages to them, changing information in their storage.
This mechanism is called smart contract sharding. Don’t worry if it’s not very clear at the moment; we’ll examine how it works with examples below. For now, just note that in TON, we almost always deal with a group of smart contracts exchanging information with each other.
Sharding allows the business logic on smart contracts to be scalable, but it complicates the design of smart contracts. This should be taken into account if you plan, for example, to migrate the logic of some EVM-compatible decentralized application to TON.
For each smart contract, there are reserved methods for internal and external messages. Typically, the logic describing what the smart contract should do based on the payload of the message is defined inside such methods. It looks something like this:
Like in other networks, TON has smart contract standards. These standards describe the required method signatures of smart contracts and their mandatory logic. Standards enable decentralized applications, such as wallets, to display information and understand, for example, where an NFT contract is and where a token contract is.
Before delving further, let’s take a look at the interchangeable token standard in the TON network – Jettons.
Jettons or How to Store Data Without a Dictionary
In the TON network, jettons refer to interchangeable tokens. A token is a unit of account for a digital asset in a blockchain network. It’s important to note that a token typically doesn’t imply cryptocurrency but rather a record distributed in the blockchain, managed by smart contracts. The smart contract records balances of token holders (the balance of a certain owner’s address), and it also facilitates the transfer of tokens from one account to another.
This raises the technical challenge of how to store balances of tokens from different addresses and efficiently update these balances. This is where sharding comes into play.
We’ll divide the storage logic into several contracts. For each token holder, a separate wallet contract will be issued (specifically for that token, not for Toncoin), which will store information about the balance of that wallet only. Additionally, there will be a master contract that will store information about the token itself, such as its name, symbol, total supply, and more.
Thus, if our token is owned by 1,000,000 different users, exactly 1,000,001 contracts will be deployed. And with different messages, various functions can be executed.
Let’s break down a simple token transfer. So, to transfer tokens from wallet one to wallet two, we’ll need to send a message with the transfer flag to our token wallet, which, upon receiving such a flag, will send the funds to wallet two. Here’s the interesting part: since messages use Toncoin as payment for messages and executing smart contracts (similar to gas in EVM networks), the token wallet two will return the excess back to Toncoin wallet one.
Note that the master smart contract is not involved in the transfer of tokens between wallets at all.
However, if we wanted to do something other than transfer tokens, such as burning them, we would have to send a separate message to the master contract because burning tokens would change the total token supply.
Of course, these are somewhat simplified schemes aimed at providing an understanding of the architecture of smart contracts on TON.
Another small nuance is that it’s often the master contract that deploys wallet contracts.
Locking Your Funds in a Stablecoin
Like a regular jetton, a stablecoin smart contract consists of a master contract and a wallet contract. The first thing that distinguishes a regular jetton from a stablecoin is the storage. A regular jetton stores the balance, owner’s address, master contract address, and wallet code (together with the contract storage, the code allows obtaining the code of the jetton wallet). Here’s a snippet from jetton-wallet.fc (this is the wallet code in FunC language):
A stablecoin, in addition to this information, also stores a Status variable, and it is this variable that allows the locking of your funds.
A message from the admin will change the flag in your wallet, and that’s it. Before describing how this works, let me make a small clarification for the attentive readers: if you compare the storage of smart contracts, you won’t see cells with code in the stablecoin. This is because, since the creation of the jetton standard and the stablecoin jetton, there have been updates to the TVM (TON Virtual Machine). Currently, it’s possible to retrieve the current code of the smart contract through the MYCODE primitive, eliminating the need to pass a cell with the code.
So, when an admin sends a message to the stablecoin contract, it triggers a function that changes the Status variable in your wallet contract, effectively locking or unlocking your funds.
In the proposed standard, the Status variable, if simplified in terms of bits logic, can take three values:
0 – unlocked, you can freely use your funds
1 – the wallet owner cannot send stablecoins
2 – the wallet owner cannot receive stablecoins
Changing this status can only be done from the master contract, with conditions set in the function that processes internal messages:
This works quite simply: the owner of the master contract sends a message with a specific payload to the master contract, and then the master contract changes the status accordingly.
Thus, the issuer of stablecoins can lock the funds of any wallet with this stablecoin. As I mentioned at the beginning of the article, this is necessary to comply with regulatory requirements imposed on the issuer, which typically represent funds that back the stablecoin in a certain fiat ratio. Naturally, such funds cannot ignore the requirements of the government.
But locking your funds is not the only possibility for the master contract administrator – the issuer. Besides that, your funds can be burned or simply transferred.
Burning and Transferring Your Funds
If we look into the master contract jetton-minter.fc (which is the master contract) and examine how the status change is implemented, we’ll find a branch called call_to in the function handling internal messages. In this branch, you can send a command to any wallet with stablecoins to perform a transfer of stablecoins, burning, or precisely changing the status, which we discussed in the previous section of the article.
Thus, the master contract administrator can indeed manage your funds. It’s essential to note that if the administrator tries to steal your funds without regulatory pressure, it would discredit the stablecoin. Since all transactions in the blockchain are visible, such a precedent would quickly spread across Telegram channels within a couple of days, reaching all users who would then avoid using such a stablecoin. This incentive system restrains the stablecoin issuer from abusing technical capabilities.
But that’s not all.
The Mechanism of Code Replacement in this Master Contract
As the title of this section suggests, yes, such a thing is possible – complete replacement of the master contract’s code. It looks something like this:
From the message that comes into the contract, new data for the storage and new code will simply be taken.
Thus, the creators of the stablecoin can change almost everything in it. This is a reality faced by cryptocurrencies forced under regulatory pressure to create mechanisms for blocking, as well as leaving the possibility to change everything if something goes wrong.
How to Protect Your Funds in the TON Blockchain?
To safeguard your funds in the TON blockchain, it’s crucial to observe several basic precautions:
- Use Secure Wallets: Only utilize trusted and secure wallets for storing your cryptocurrency assets on the TON network. Refer to community and expert recommendations to select an appropriate wallet.
- Store Private Keys Securely: Never share your private keys with third parties and ensure they are stored in a secure location, such as hardware wallets or encrypted offline storage.
- Beware of Scams: Be vigilant against fraudulent schemes, such as phishing websites, scam messages, and fraudulent projects. Never provide your personal data or private keys on unreliable resources.
- Verify Addresses Before Transactions: Carefully verify the addresses of recipients and senders before conducting any transactions to avoid accidentally sending funds to the wrong address.
- Keep Software Updated: Regularly update your wallet software and operating system to ensure protection against known vulnerabilities and maximize security.
- Learn Smart Contract Features: If you plan to interact with smart contracts on the TON network, ensure that you fully understand their operation and security mechanisms to avoid potential threats.
- Enable Two-Factor Authentication: Where possible, enable two-factor authentication for your wallets and accounts to provide an additional layer of protection against unauthorized access.
Adhering to these measures will help safeguard your funds in the TON blockchain from potential threats and maintain their security.
Conclusion
Exploring the technical aspects of stablecoins on the TON blockchain reveals a nuanced understanding of how funds can be managed and secured within this ecosystem. From the intricacies of smart contract sharding to the mechanisms of locking, burning, and transferring funds, users gain insights into the inner workings of their digital assets.
Despite the capabilities of stablecoin issuers to control funds, regulatory compliance and user trust remain paramount. Users must remain vigilant and adopt best practices to safeguard their funds, including using secure wallets, storing private keys securely, and staying informed about potential scams.
While stablecoins offer stability and utility within the blockchain ecosystem, their success hinges on maintaining user trust and compliance with regulatory standards. By understanding the technical mechanisms at play and implementing robust security measures, users can navigate the TON blockchain with confidence and protect their assets effectively.
FAQs
1. What is TON’s Stablecoin? TON’s stablecoin refers to USDt, a stablecoin introduced on the TON network by Tether during the Token2049 conference. Unlike native tokens, stablecoins are pegged to the value of traditional fiat currencies to maintain stability.
2. How are Smart Contracts Structured on TON? Smart contracts on the TON blockchain are written in languages like TACT and FUNC. They facilitate asynchronous communication between contracts through messages, enabling the execution of various functions based on message payloads.
3. What is the Role of Sharding in TON Smart Contracts? Sharding allows for the scalability of business logic on smart contracts by dividing storage and processing tasks among multiple contracts. While enhancing scalability, sharding also introduces complexities in smart contract design.
4. How are Funds Locked in TON’s Stablecoin? The stablecoin smart contract includes a Status variable that can be manipulated by the master contract administrator to lock or unlock funds. This mechanism allows the issuer to comply with regulatory requirements and manage user funds as needed.
5. What Security Measures Should Users Take on the TON Blockchain? Users should use secure wallets, store private keys safely, remain vigilant against scams, verify addresses before transactions, keep software updated, and understand smart contract features to protect their funds on the TON blockchain effectively.
6. What Are the Risks Associated with Stablecoins on TON? While stablecoins offer stability and utility, users should be aware of potential risks, such as regulatory compliance issues, issuer control over funds, and the possibility of code replacement in master contracts. Staying informed and adopting robust security practices is essential for mitigating these risks.
7. Can Stablecoin Issuers Block User Funds? Yes, stablecoin issuers have the capability to block user funds by changing the status variable in the wallet contract. This action is often taken to comply with regulatory requirements or in response to specific circumstances deemed necessary by the issuer.
8. What Are the Implications of Code Replacement in Master Contracts? Code replacement in master contracts allows for significant changes to the stablecoin’s functionality and operation. While this flexibility enables adaptability to regulatory requirements and technical improvements, it also introduces potential risks if misused or exploited by malicious actors.
9. How Does Token Transfer Work on the TON Network? Token transfers on the TON network involve sending messages between wallet contracts. These messages contain instructions to transfer tokens from one wallet to another. Toncoin is used as payment for messages and executing smart contracts, similar to gas in other blockchain networks.
10. What Should Users Do in Case of Unauthorized Access to Their Funds? In case of unauthorized access to funds, users should immediately take action to secure their accounts. This includes changing passwords, revoking access from suspicious devices, and notifying the wallet provider or platform support team for further assistance. Additionally, affected users should monitor their accounts closely for any unusual activity and consider reporting the incident to relevant authorities.
