Don't Trust — Verify

Scams abound in the token world. People launch tokens that promise one thing and do another. How can you be sure that we won't just take the money and skip town?

You shouldn't trust us. You should verify everything.

For Non-Technical Users

Most people don't need to verify the code themselves. The instructions below are highly technical and require developer tools. Here's what you need to know:

What You Should Do

• Always verify the mint address (see below) — this is the single most important check anyone can do
• Check that community members have verified the code (look for verification discussions on social media, forums, etc.)
• The beauty of open verification is that a few technical people verify, and everyone benefits from their work

Want to Learn?

If you're interested in learning how to verify blockchain code yourself, you'll need to install several developer tools. This is a significant undertaking if you're new to programming:

• Git (version control) — Installation guide
• Rust (programming language for Solana) — Installation guide
• Solana CLI (command-line tools) — Installation guide
• Anchor Framework (Solana development framework) — Installation guide

The instructions below assume you have these tools installed and basic familiarity with the command line.

Check the Mint Address

Protect yourself from copycats. Anyone can mint a look-alike token; only one has the official mint ID.

The only official $TIAC mint is:

T1ACXXh9Xp15oKrh3s9REJnUtrUqbJ4xFEq2fege8Wv

Always compare this exact address before buying, selling, or redeeming. Don't compare just the prefix — don't just eyeball T1ACXX. Compare at least the first 12–16 characters, or copy/paste the entire address. Reminder: after T it's the numeral 1, not the letter I.
Use a block explorer — paste the mint into explorer.solana.com (choose the correct network) and confirm the address and metadata.

Check the Audit Report

The $TIAC smart contract has been audited by Cyberscope, whose reports are recognized by CoinMarketCap for audit badges (see their documentation).

The Cyberscope audit report includes a verified hash (SHA-256 checksum) of the audited program code. This hash can be compared against the deployed on-chain program to confirm that the code running on Solana is exactly what was audited. The technical verification methods below show how to obtain the on-chain program hash for comparison.

Cyberscope Audit Report: [Link will be added when available]

Verified Program Hash (SHA-256):

a628e12427066634e24db6e8f4de4054138efd4f740f2c386218c88a21c156b9

Audit Result: 0 Critical, 0 Medium, 5 Minor/Informative issues (3 acknowledged as by-design, 2 unresolved documentation/technical clarifications with no user impact)

Verify the Deployed Code Matches the Source

We publish a verifiable build so anyone can confirm the on-chain program bytes were produced from the public source code.

Method A (Recommended): Anchor Verifiable Build

1. Get the source at the exact release commit
   git clone <REPO_URL> && cd <REPO_FOLDER>
git checkout <RELEASE_COMMIT_OR_TAG>
2. Run Anchor's verifier from the program crate folder (the lib-name is from Cargo.toml):
   anchor verify -p <lib-name> <PROGRAM_ID> -u <devnet|mainnet-beta>
3. Expected result — The tool reports that the on-chain program hash matches the build and (if applicable) that the on-chain IDL matches the locally generated IDL.

Method B: Manual Hash Match (CLI)

Option 1: Compare Against Source Build

1. Dump the on-chain program bytes
   solana program dump <PROGRAM_ID> onchain.so -u <devnet|mainnet-beta>
2. Build deterministically (inside the program crate folder):
   anchor build --verifiable
3. Compute hashes for both
   shasum -a 256 onchain.so
shasum -a 256 target/deploy/<lib-name>.so
4. Compare — The two SHA-256 digests must be identical. If they differ, you're not verifying the same source/commit or the build wasn't produced in the verifiable environment (toolchain/cluster mismatch is a common cause).

Option 2: Compare Against Cyberscope Audit Hash (Simpler)

1. Get the verified hash from Cyberscope
   Visit the Cyberscope audit report and note the SHA-256 hash of the audited program.
2. Dump the on-chain program bytes
   solana program dump <PROGRAM_ID> onchain.so -u <devnet|mainnet-beta>
3. Compute the on-chain program hash
   shasum -a 256 onchain.so
4. Compare — The hash you computed must exactly match the hash in the Cyberscope audit report. If they match, the deployed program is exactly what Cyberscope audited.

Note: Option 2 is simpler because it doesn't require building from source — you're verifying that the on-chain code matches what was professionally audited, rather than building it yourself.

Extra Safety Checks

• Upgrade authority — The program upgrade authority will be permanently revoked before mainnet launch. You can verify this:
  solana program show <PROGRAM_ID> -u mainnet-beta
  Look for Authority: none. This guarantees no one can ever modify the deployed program. (Note: devnet may retain upgrade authority for testing purposes.)
• IDL on chain — If using Anchor, ensure the on-chain IDL matches the repo's IDL (Method A checks this automatically).

If all the checks above pass, you've verified both the token mint and the exact deployed code behind $TIAC.