This quarter, the non-fungible token (NFT) market reached an impressive high of US$10.7 billion in sales volume. Much of the growth is being fueled by mainstream institutions like Visa, Mastercard, Coinbase and Twitter entering the space, offering creators and collectors even more opportunities to showcase and trade digital art. But as the NFT space continues to grow, security issues are becoming ubiquitous and increasingly problematic.
NFTs are being sold at almost unbelievable prices — the biggest sales reaching millions or even tens of millions of dollars. Therefore, it is no surprise that malevolent users would try to disrupt the system to make a quick fortune.
Some of the biggest NFT frauds that have taken place this year include the recent Banksy scam, in which fake Banksy NFTs were listed on OpenSea and selling for nearly US$350,000, and an “Evolved Apes” NFT scam, also on OpenSea, which led to about US$2.7 million being extracted by the anonymous developer behind the hack. The latter was due to a wallet vulnerability for OpenSea users which left them vulnerable and exposed to attackers.
These are not isolated incidents. Last month, US$3 million in Ether was stolen on the MISO token launchpad built on the SushiSwap platform. Earlier this year, valuable NFTs were stolen from Nifty Gateway collectors. While it’s the larger hacks that garner the most media coverage, there is also no shortage of smaller scams that are largely unreported. Clearly, malicious actors have found the NFT space to be lucrative, and they have been taking advantage of technological gaps that exist in the system while showing no signs of slowing down.
What do these hacks mean for the ecosystem? We need to provide a safe environment for creators to list their digital assets, and for users to safely and securely buy and sell NFTs, if the industry is going to go even more mainstream. Sooner or later, nobody will be willing to purchase an NFT for hundreds of dollars — let alone millions — if they cannot be certain that their investment is the real deal.
NFTs have the potential to revolutionize the way we live, inside and outside of the crypto world because of their near limitless use cases beyond just digital art, music, and collectibles. Imagine if everyone had an NFT for their passport or ID — this would be an asset that is unique to each person, and that we could use for travel or to prove real identity to enter a club or conference. However, the current issues with hacks and scams in the space mean that these use cases are not yet feasible, since individuals could lose or have their NFT stolen, just like they could lose a passport or driver’s license. Until solutions are created that permit NFTs to exist without the threat of being stolen or fraudulently reproduced, these NFT adoption methods will not come to fruition.
Much of the focus to date in the industry has been on fixing superficial flaws on many of these digital asset marketplaces. Tech innovators and leaders need to tackle these issues head-on by focusing on the underlying technology in order to promote the long-term sustainability and trust of NFTs. We can do this by creating viable storage solutions that will help avoid losses and manipulation of digital assets.
Existing platforms use storage solutions that work by providing a URL to a third party where the NFT data is housed, which can easily be manipulated. Other popular storage solutions, such as InterPlanetary File System, give the owner of the NFT the responsibility of maintaining it, meaning the NFT data will essentially die with them. Fortunately there is a better way: native storage solutions equipped with the technology to distribute NFT data across the network can provide more robust security while removing the burden from users.
A second area for improvement concerns the issue of duplication in the NFT space. Creating verification systems that can compare digital assets against each other to find duplicates living in the ecosystem and on the entire internet would largely solve this problem. Present-day verification checks are unable to discover the difference between two images that have slight differences — even a single changed pixel is enough for computers to think the two images are different, when the human eye would see them as the same. Verification systems that can recognize that the two images are very similar, and not unique, is a must if we want to meet the potential NFTs have to offer. In terms of future applications of NFTs, if users can verify that concert or plane tickets are not unique because they have visibly been reproduced, albeit with very minor changes, then they can make more informed decisions before purchasing them.
Helping users make informed decisions on NFT marketplaces is part of a larger need for education and accessible resources as the NFT industry continues to proliferate and institutional adoption increases. Letting buyers know what types of red flags to look out for on these platforms can help reduce scams, especially if these users are able to use platform technologies to flag opportunities for fraud. Different platforms also have different verification systems, so offering resources that will help users navigate through these options and pick the safest option may be another step in the right direction.
While scams and hacks are key issues to discuss and resolve, the NFT space has ultimately flourished this past year. It has become a space where creators are given more control over their assets, and can make small fortunes off of them. NFTs are here to stay, and will have important implications on how we live our lives, enjoy art and music, and the way we do business in years to come. These current and future use cases will not be possible without increased security and verification procedures to protect creators and collectors, ultimately allowing them to thrive.