Security audits

In addition to optimizing gas usage and reducing fees, the security of the Tact ecosystem is paramount. This includes the safety of the Tact compiler, other Tact-related tools and smart contracts written in Tact.

This page lists various security assessments, audits, and reports for the Tact compiler, Tact smart contracts and other things in the Tact ecosystem.

Tact compiler

2025-01: Security Assessment by Trail of Bits

The security audit for Tact 1.5.0 has been completed by Trail of Bits, a leading Web3 security firm.

By the end, no high-severity vulnerabilities were found. That said, some bugs and points of improvement were discovered and addressed in a new Tact 1.5.4 bugfix release.

The complete report is available on the Trail of Bits GitHub repository, as well as on the Tact website and its repo as a backup:

• Original PDF, Trail of Bits repo
• Same PDF, Tact website
• Same PDF, a backup in the website repo

Upgrade to the newest Tact version: Compiler upgrades.