Are NFTs Safe to Buy?
For all the applause and accolades that have trailed NFTs as unique digital assets that represent something rare and valuable, it is surprising that not much has been said about the safety of this class of digital assets.
NFTs can sometimes command huge fees. We have seen this already with collections like the Bored Apes and CryptoPunks. To this effect, it is important that we discuss the vulnerabilities of NFTs and how safe they could be.
- Keeping an NFT safe is largely dependent on the security of the issuing project
- NFT marketplaces also have some roles to play in safeguarding NFTs.
- The smart contract of an NFT could also be compromised.
The Role of the Issuing Project
We typically know NFTs to exist in multiple formats, such as images, audio files, and videos. But when a collector acquires an NFT, what they really purchase is not the NFT itself but the unique identifier that is attached to the NFT.
It is impossible to store images on the blockchain, so unique identifiers in the manner of web addresses are linked to the NFT. Therefore, when a user clicks on the NFT, they are redirected to the location of the NFT itself. This unique identifier is what is stored on the blockchain.
An NFT project comes into the equation as the real holder of the NFT file. NFT projects store NFTs via Inter-Planetary File Systems that they hold. Therefore, it is important that they secure these files at all times as a breach could result in the loss of valuable user assets.
In other words, your NFT is as secure as the NFT project, and if for any reason the project goes out of existence, so will your NFTs.
NFT Marketplace Security
For all the campaigns about decentralization, centralized platforms like Opensea and Rarible are still popular marketplaces for users looking to acquire premium digital art. The most important point here is that NFT marketplaces hold the private keys to all digital art on their platforms, and in the event of any breach in their security, hackers can successfully cart away with several NFTs.
Smart Contracts Vulnerability
Hackers could also look to exploit the smart contracts of an NFT project. Most blockchain projects are built on open-source programs where the underlying codes can be viewed by anyone. This also means that hackers could seek to exploit the codes by searching for weak areas they can capitalize upon.
The Bored Ape Yacht NFT has fallen victim to smart contract exploits in the past, where more than $3 million was lost. Aku Dreams, another NFT project, fell to a smart contract exploit that cost it around $34 million. MonoX Finance is yet another NFT project that reported lost $31 million to smart contract vulnerabilities.
There is little a collector can do to prevent the loss of their NFT. Securing NFTs mostly rests on the shoulders of the platform issuing the collection, while NFT marketplaces must also do their bit to ensure the security of their platforms. Conclusively, the safety of an NFT is as good as the security measures put in place by the NFT project and the NFT marketplace.