Inspectors

Inspectors serve as an additional layer of security in the TON Teleport BTC system, acting as a safeguard in case of potential vulnerabilities or unexpected issues. Their role is secondary and precautionary, designed to monitor the system and halt its operation if necessary. Inspectors do not interfere with minting or burning processes; their sole authority is to temporarily pause operations for further investigation.

Multiple Inspectors can operate simultaneously, and any single Inspector can pause the system using a 1/n multisig threshold mechanism. This ensures that the system is not overly reliant on any single Inspector. If an Inspector pauses the system without a valid reason, TON validators can review the situation, modify the Inspector’s access, or even remove their key through consensus, ensuring that only reliable and trusted Inspectors remain in the system.

Inspectors can perform various checks, such as verifying UTXO states, monitoring Bitcoin client status, and validating conditions during mint and burn operations. The protocol does not impose strict limitations on how Inspectors should implement these checks, which adds flexibility and security to the system.

Developers have full freedom to choose the specific logic for each Inspector, ranging from automated checks to manual validation methods. This flexibility allows Inspectors to address a wide range of potential issues, making it possible to adapt to the unique requirements of each deployment scenario.

To carry out these checks effectively, the system introduces timeouts (e.g., 5–10 minutes) at critical points, giving Inspectors the necessary time to analyze data before transactions proceed. If an Inspector detects an issue, they can pause the system, triggering a halt until the TON validators address the problem, apply necessary updates, or, if no issues are found, simply allow operations to continue without modification.

If an Inspector pauses the system, TON validators have the authority to resume operations by addressing the detected issue, implementing necessary updates, or simply confirming that it is safe to proceed. This ability to respond to Inspector-initiated halts ensures that the system remains operational and resilient, while still being protected against unforeseen bugs or vulnerabilities.

Inspectors do not diminish the trustless nature of the system, as their maximum authority is limited to temporarily halting operations. This precautionary measure is significantly less critical than potential fund loss due to undetected bugs. Ultimately, the core trust of the system lies with TON validators, who maintain control over updates and operations through a consensus-driven governance model, ensuring system stability and integrity over time.