diff --git a/README.md b/README.md index 797e914..cede862 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,9 @@ This is by far the simpler option if you want to use the standard Jetton code. Y 1. Make sure you have a TON wallet with at least 0.25 TON balance. Supported wallets include [TonHub](https://ton.app/wallets/tonhub-wallet) and [Chrome Extension](https://ton.app/wallets/chrome-plugin). -2. Use your web browser to open the site: https://ton-defi-org.github.io/jetton-deployer-webclient +2. Use your web browser to open the site of the deploy form: https://jetton.live + + > Safety Notice: The form is [open source](https://github.com/ton-defi-org/jetton-deployer-webclient) and served from [GitHub Pages](https://ton-defi-org.github.io/jetton-deployer-webclient) 3. Fill in the information about your Jetton in the form - choose a name, ticker and image. @@ -51,3 +53,16 @@ This is much more complicated and will allow you to change the actual behavior o 9. Prepare at least 0.25 TON for deployment fees. 9. To deploy the token, run in the root repo dir `npm run deploy` and follow the on-screen instructions. + +  +## Protect yourself and your users + +Don't forget that we're dealing with programmable money here. Jettons are tradable and users may end up paying real money for them. It is our responsibility as a community to keep everybody safe. + +1. **Never deploy smart contract code that you are unable to review** + + Make sure you understand what you deploy. We went into a lot of effort to make sure everything is open source. The smart contract code that is deployed is available in this repo, you should review it and see that it's compatible with the [official standard version](https://github.com/ton-blockchain/token-contract/tree/main/ft). The HTML form that performs the deployment is [open source](https://github.com/ton-defi-org/jetton-deployer-webclient) as well and served from [GitHub Pages](https://ton-defi-org.github.io/jetton-deployer-webclient) so you can have confidence the source you see is what actually being served. + + 2. **Revoke admin role in the Jetton as soon as possible** + + The Jetton code allows a special admin role (the deployer wallet address) to mint new tokens for themselves. This functionality is necessary for the initial launch because that's how new Jettons enter circulation. Once you're finished with minting you must revoke your admin permissions by changing the admin to an empty address. A blockchain ecosystem is designed to be trustless. You should never take responsibility for your user funds, you don't want a misplaced key on your behalf to permit theft from other people! Revoking the admin role will guarantee that nobody will ever be able to mint new tokens in the future and crush your Jetton price.