TASM
TVM bytecode disassembler: converts a cell of compiled TVM code into human-readable mnemonics (PUSHINT, IFJMP, CHKSIGN, HASHCU, etc.). Standard tool for TON smart-contract audit and forensics.
Aliases: tvm assembly, ton disassembler, tasm disasm
TASM (TVM Assembly) is both the format and the tool for disassembling TVM bytecode. It takes a contract’s code:Cell (essentially a binary stream of TVM instructions) and renders it as readable text with TVM op mnemonics: PUSHINT 100500, HASHCU, CHKSIGNU, THROWIFNOT 70, IFJMPREF { ... }, and so on.
What it’s for
- Forensics: to understand what an opaque smart contract with no published source does, you disassemble it to TASM and read line by line. The TAC bridge drain breakdown was built that way — 2399 lines of TASM for the bridge-admin contract.
- Audit: even when sources are public, the auditor checks TASM output against what the sources claim. FunC/Tact/Tolk compilers are not bug-free, and the ground truth is always the bytecode.
- Searching for security markers: grep the TASM for the presence/absence of
CHKSIGN,CHKSIGNU,ACCEPT,COMMIT,RANDOMIZE. A bridge contract that doesn’t contain a singleCHKSIGNis an instant red flag (as proved with TAC).
Tools
@ton-community/disasm— the official CLI disassembler from TON Community.- Tonviewer (
https://tonviewer.com/<address>?section=code) shows a TASM view in the browser for any deployed contract. - Tonscan — same, in the contract code tab.
- Stack-style and continuation-aware: a good disassembler shows not a flat list of opcodes, but nested
IFJMPREF { ... }blocks, which is critical for understanding control flow.
What TASM won’t do
A disassembler doesn’t recover variable names, types, or the source language. Reading TASM requires understanding TVM stack semantics — it raises the entry barrier, but gives you direct access to the real contract semantics.