ExVulExVul
Back to Blogresearch

TON Blockchain: Tolk vs FunC Security Comparison

Comprehensive security analysis comparing TON's new Tolk language with the established FunC for smart contract development.

ExVul Research Team

ExVul Research Team

Security Researchers

April 202514 min
#TON#Tolk#FunC#Language Security
TON Blockchain: Tolk vs FunC Security Comparison

Introduction

TON blockchain has introduced Tolk as a modern alternative to FunC. This analysis compares the security implications of both languages for smart contract development.

Language Comparison

FeatureFunCTolk
Type SafetyWeakStrong
Memory SafetyManualAutomatic
Error HandlingBasicAdvanced
Developer ExperienceLow-levelHigh-level

Security Implications

Tolk's improved type system catches many vulnerabilities at compile time that would only be discovered at runtime with FunC.

func_example.fc
;; FunC - Type confusion possible
() recv_internal(slice in_msg_body) impure {
    int value = in_msg_body~load_uint(64);
    ;; No compile-time check if 64 bits is correct
}
Type Safety

Tolk prevents many common FunC vulnerabilities

Migration

Consider migrating existing FunC contracts

Audit Focus

FunC contracts need more rigorous auditing

Related Articles

Continue reading about blockchain security

View all articles