ONTON Γ ONIONβs infrastructure is built with user safety, token integrity, and decentralized governance in mind. This section outlines key smart contract, application, and treasury security protocols.
π Smart Contract Audits
| Area | Audit Status | Notes |
|---|---|---|
| ONION Jetton Contract | β Scheduled β May 2025 | Using verified TON audit partner |
| Genesis NFT & Merge Logic | β Code complete β pending external audit | |
| Claim UI & Airdrop Engine | π Internal testing β security audit in May | |
| Staking (via TONStakers) | β Built on audited base infrastructure |
All production contracts will be:
- Open source
- Verified on-chain
- Posted to GitHub prior to TGE
π Mini App & Claim Flow Security
- All claim interactions pass through verified Telegram sessions
- Wallet connections handled via Tonkeeper / OpenMask or QR-verified login
- No private keys ever stored
- Session-based access to claim eligibility (snapshot locked)
Anti-spam and anti-sybil defenses include:
- β One-time claim limitation
- β Event-specific SBT filters
- β Anti-bot pattern detection
π§ββοΈ Treasury & Governance Safety
- DAO treasury held in a multi-sig TON wallet (Foundation + stakers)
- Foundation cannot move community funds without vote execution
- Grants and emissions must go through proposal flow or delegated budget
𧩠Ongoing Measures
- β Emergency pause functions on claim/merge if critical vulnerability found
- π Continuous bounty + open-source bug submission framework
- π§ Snapshot and proposal system independently logged + Telegram-synced
- π§Ύ Legal compliance reviewed per airdrop/claim campaign