<img src="img/misti.svg" alt="Misti Logo" width="32"/> Misti

Misti is a static analysis tool designed for smart contracts on the TON blockchain written in Tact. It detects errors and pitfalls in your code before deployment.

📌 Note: We actively monitor Tact development and maintain Misti for each release. Tact has stabilized and the development has slowed down; we keep the pulse.

Features

• Code Analysis: Built-in suite of 42 detectors for identifying security vulnerabilities and anti-patterns.
• CI/CD Integration: Integrate Misti into your CI/CD pipeline to ensure continuous code quality checks.
• Custom Detectors: Create custom detectors to solve specific problems in your code or to provide a thorough security review if you are an auditor.

Getting Started

1. (optional) Install Soufflé to enable more built-in detectors.
2. Install Misti:

npm install -g @nowarp/misti

3. Run Misti by specifying a Tact contract, project config, or directory to check:

misti path/to/src/contracts

See Misti Configuration for available options, or Developing Misti for advanced instructions. Blueprint users should refer to the appropriate documentation page.

Resources

• nowarp.io: We are doing other TON Security stuff beyond Misti.
• Scanner: A mass-scan tool that runs static analysis over all the publicly available contracts.
• Documentation: Comprehensive guide on detectors, architecture, and development.
• API Reference: Useful for contributors or developers creating custom detectors.
• Blueprint Plugin: A plugin for the Blueprint Framework to enhance your workflow.
• Community Chat: Join the conversation and get help with Misti-related questions.