Everything you never wanted to know about NFTs
Posted on 2099-03-15, 1 comments, 0 +1's, 2506 views

I'm sure you've heard about NFTs - Non-Fungible Tokens - by now. If you haven't, Beeple selling one for a cool $69 million (nice) is a good indication of why they're the hottest thing on the block right now.

Much has been written about why they're the next big thing - in wasting energy and bringing forth the climate change apocalypse as well as in art collecting. I'm not going to rehash all of that here or try to convince you any viewpoint is the correct one. What I am going to do is shed some light on particular details.

Being an IT guy, it was only a matter of time before someone asked me for information on NFTs. While I've spent quite some time working on projects on the Bitcoin family of blockchains, I'm not nearly as well versed on all matters Ethereum, so I've spent the last week or so brushing up.

What I've found is that while correct information is available if you search well, a lot of information is misleading, wrong, hilariously wrong, or downright badong. This text may even end up being in one of those categories, but as they say, there's no quicker way to get the correct answer than posting the wrong answer on the internet.

Note that while NFTs do hang out on other blockchains, I'm focussing on Ethereum-based NFTs here, and specifically those used for the trade of digital assets such as art right now - the full NFT field is much larger than that.

DISCLAIMER: I am neither an expert on Ethereum nor smart contracts (yet), I am merely presenting my understanding of the subject as it currently is. Some things are undoubtedly wrong. Maybe I'll understand differently next week. Don't take this too seriously, I certainly don't.

Claims about NFTs

Around the web you will find various claims about NFTs, what they are, and how they work. Ranging from proving ownership of digital assets, to being able to guarantee resale royalties, to the extreme of perpetual storage of the digital asset on the blockchain in encrypted form accessible only by the owner.

Before I can touch on the realities of those claims, there's some basics you need to know.

Smart contracts, ERC-721, ERC-1155 and gas

Smart contracts are pieces of code that run on the Ethereum blockchain. Anyone can write and upload them, and interact with them. They live at an address just like your wallet holding your coins does. They also have their own balance and can send and receive money.

Pretty much everything you've heard about that does something cool based on Ethereum is based on these smart contracts - so it is with NFTs.

Smart contracts intended to be used by the general public have a standardized interface, so various tools and platforms can interact with any of them as long as they follow said standard. NFTs tend to follow the ERC-721 or ERC-1155 standard.

Note that even when working with standards, different users of that standard may expect or require specific behavior by contracts implementing that standard.

Performing any action on the blockchain that changes its state or requires non-local computation (i.e. virtually anything useful) needs to be paid for with gas, which (ultimately) comes from your Ethereum balance.

Minting a token is really nothing more than calling one of the smart contract's functions.

If you'd want to mint your own NFT from scratch you'd need to write and deploy a smart contract, and then call on it to actually mint the NFT token. At the current gas and ETH prices, that entire process could be north of $50 USD for your first NFT.

Note that various marketplaces offer ways to do this either cheaper or postponing costs until the NFT is actually sold, but this reduces the amount of control you have over the contract (probably not relevant unless you're a control-freak programmer), and some of them take a higher percentage of the sales price as fee for this service. While making your own NFTs from scratch is certainly possible, most NFTs are minted by marketplace contracts.

To blockchain or not to blockchain

not blockchain

The blockchain is the arbiter of truth. Consensus is reached in a trustless way. The state of the chain is what provides the proof for various claims.

Naturally, the blockchain can't be used as proof for anything that didn't happen on the blockchain.

If you buy ETH with your credit-card and it is sent to a wallet you control the private keys of, what does the blockchain actually prove? Only that ETH was transferred from the seller's address to yours (on-chain). That you used a credit-card to pay for it, or how many USD it was, is something the seller (probably) keeps track of (off-chain), but is not of interest to the blockchain.

When we go into the realm of NFTs as used for art, we'll find a remarkable number of things happen off-chain, are thus not provable or enforced by the blockchain, and a good deal of trust is involved.

Token data

Your generic ERC-721 NFT smart contract keeps track of which wallet owns which token it minted on-chain, and provides a URI to the token's off-chain metadata.

So what lives on the blockchain as absolute proof? Only that your wallet holds token number X pointing at metadata URI Y issued by contract Z. That is what you're buying.

The metadata which actually describes the digital asset lives on a webserver somewhere, and is thus completely under the control of whomever operates that webserver. Additionally, the contract could be written in such a way that the contract owner can change the URI itself (at the significant cost of gas) - though there may be ways to get previously used URIs out of the blockchain data.

Mostly you're just going to have to trust the metadata stays the same, and your Picasso doesn't suddenly become a Mondrian.

The off-chain metadata format is standardized, and virtually all NFTs contain the same base set of fields, but in the wild you will find many marketplace-specific fields that aren't (but probably should be) standardized.

Generally speaking for the NFTs we're talking about here, it contains an image field pointing to another URI for the image (or GIF, or movie clip, or audio file, or 3D model, or ...). That URI need not point to the same host as the metadata, so there's another point of failure for you. There may be other fields pointing to other URIs but the image field is the standard. The actual digital asset is at this point two hops away from the chain.

What if you'd like to sell whatever digital data which doesn't happen to be a common audio or video file format but also isn't appropriate to just paste in the metadata, and you'd like a preview image with that? There's no standard way to do this.

While these things could be stored on-chain, I'm not saying they should. The cost of storing data on-chain can be prohibitive. While storing a little metadata could be reasonable, most digital assets themselves would be factors(!) more expensive to store that way than what they're ever sold for.

Aaaand... it's gone

What happens when the host serving the asset goes down or removes it? Your asset is gone, unless you made a backup. Whose responsibility is it to keep serving the asset, anyway? Can you expect the artist or the marketplace to serve the asset forever? After all, if you buy physical art, don't you take responsibility for its upkeep?

But even if you made a backup of the asset, how do you prove that backup is genuine? You'd need a cryptographic hash, which is not standardized in the metadata. In the odd case you're reading this but are not familiar with cryptographic hashes and cryptographic signatures, you should definitely look those up right now.

Furthermore, what if the host serving the metadata itself goes down or removes it? Then even if the metadata contained a hash, you still wouldn't be able to prove the link between the token and the asset. You could backup the metadata as well, but where's your hash for that, to prove it's the real metadata?

Enter IPFS. If you've never heard of it, the InterPlanetary File System is a distributed filesystem, which can address files by hash. If the creator of the NFT uses a hash-based link to an IPFS gateway (or a direct ipfs:// URI) for both the metadata and the asset, this can give you the trail of proof you need for your backups.

IPFS does not guarantee the files will stay available, but you could run your own IPFS node and pin the metadata and asset files, which would serve both as a backup (one of three!) and keep the files online. At least you have a reproducible hash of the content.

While IPFS usage is becoming more prevalent for NTFs, it is not standard. Nor is having to parse the hash from URIs an ideal solution. Hosts going down and files disappearing is a certainty if enough time passes, though.

Some liken NFTs to a receipt of purchase. While I'm sure the analogy wasn't intended that way, just like your average physical receipt printed on thermal paper, if enough time passes there's no way to figure out what it was actually a receipt for, unless you properly cared for it.

Unless this trail of hashes (or some form of cryptographic signatures) exists and starts on-chain, you're just going to have to trust the publisher of the NFT (who is not necessarily the artist, it is often a marketplace) to keep the relevant data up and stable.

Scarcity and counterfits

A big talking point of NFTs is provable scarcity. A buyer may feel a piece is valuable because it's a one-off. But how is it guaranteed to be a one-off?

The only thing that can guaranteed be proven is that that contract didn't mint that token more than once. It says very little about the digital asset itself at this point.

A marketplace may use hash-based URIs, hash the URIs, hash URI contents, or all of the above (both for the metadata as well as the actual asset) and prevent obvious doubles from being posted, but such things are not enforced on-chain (and probably cannot be). And the marketplace is unlikely to know of or keep up with all NFTs ever minted. But even if it could be done that way, metadata and most assets can be changed in small ways so they still represent essentially the same data but produce different hashes.

Certainly services could be built that specialize in detecting this, but these can realistically only prove that there is a double, not that there isn't.

For renowned artists with high-valued pieces it would generally not be in their best interest to intentionally produce more tokens (in any roundabout way) for the same item than they claimed they would, their reputation and the value of their works would soon suffer. But what about lesser known pieces from lesser known artists? Certainly for a subset of them gaming the system would be more profitable than not.

You're just going to have to trust their word on all of this.

For that matter, how would you even know for sure that the person originally selling the NFT is even the artist? Some marketplaces do verify original sellers' identities or even only work with selected artists, but there are certainly plenty of fraudulent sellers out there!

Of course, it is unthinkable the major marketplaces would turn a blind eye to such practises to maximize their profit. After all, trusting BigCorp to do The Right Thing ™ is what blockchain is all about.

Legality and copyright transfers

I am not a lawyer, so take all of this with an appropriate amount of salt.

At this point having all the following is a rarity, but even if you can prove ownership of a token, and with a chain of hashes and/or cryptographic signatures can prove a digital asset is paired with that token, and can verify the seller was the artist with a cryptographic signature, what does that actually mean for you in court in case of disputes? It will probably vary by country (which is always interesting with international sales), and I suspect generally it will mean very little until laws and regulations catch up or some cases have been tried.

When dealing with a digital representation of a physical asset, things might get murky as well. What if the buyer thinks they are buying rights to the physical asset rather than the digital representation? You might initially compare this to buying a postcard of the Mona Lisa when exiting through the gift shop, which is obviously not a right to the Mona Lisa itself. However, if you pay $69 million for it, suddenly (in some legal systems) rights to the physical asset might have become a reasonable expectation for the buyer, and unless the seller has clearly and specifically stated this is not the case, may see its day in court.

Some marketplaces now allow you to transfer copyright to the buyer by setting a flag in the metadata, allowing the buyer to for example reproduce and sell more copies of the purchased work. In case of disputes this is going to be interesting if you cannot somehow prove the seller even had the legal copyright to transfer to you in the first place.

Private access

That everyone can see and reproduce for free the asset you just paid for (I just screenshotted what you paid for, hurr durr) is a commonly stated downside of NFTs.

For many NFTs, the digital asset is accessible to all, as the image metadata field is public. You can grab the URI from the smart contract that minted the token and visit it. This is also the representation of the token you will see on the various marketplaces.

Some NFTs have started to use the image URI for a preview rather than the actual digital asset in an effort to limit access to the real asset. How to get access to the real asset differs between NFTs (not standardized).

Some of these attempts at keeping the real asset private are better than others. One marketplace attempted to keep things private by making them public. Very secret, much wow.

A common pattern right now seems to be having to go to a website and proving token ownership (for example by connecting MetaMask or logging in to a hosted wallet) before that website serves you the private digital asset. While that certainly works, it again raises questions regarding long-term availability, and provable authenticity of backups.

I have some ideas (because of course I do) on novel ways to approach this, but I'll keep those to myself pending further investigation.


The promise of receiving royalties on secondary sales is a major selling point for NFTs.

One could be forgiven for assuming this process is enforced by smart contracts on the blockchain. While that may not sound like a major leap, the reality is that in most cases these royalties are implemented on the side of the marketplaces.

If you read closely, most of them state that you will receive royalties if the asset is sold again on that platform. The buyer generally pays the marketplace rather than the seller or a contract, the marketplace subtracts its own fees, subtracts royalties and (batch) sends those to the original creator, and sends the remainder to the secondary seller. As is to be expected at this point, none of this is standardized, and it's completely voluntary on the marketplace side to pay the royalties rather than in any way enforced on-chain.

Barring some edge-cases (some NFTs cannot be resold at all or do other nifty things in their contracts), virtually all current NFTs can be resold outside the original marketplace without the original creator receiving any royalties on the sale. This could be done in a private trade, or by listing it on a different marketplace. Some marketplaces may have agreements to respect each other's royalty schemes, but this is not a given.

Some discussions and proposals on the subject here and here.

This sort of thing intuitively seems like an ideal match for smart contracts, but it is by no means trivial getting this right. Not to mention doing this entire thing by smart contract may require many more on-chain contract calls which can quickly become very costly.

Sales and auctions

As with royalties, the auctions are usually run by the marketplaces with all or most of the logic off-chain rather than on-chain smart contracts.

I guess it could all be done on-chain, but I make no claims as to if it should.

Fees everywhere

At every corner, there's another fee.

If you want to deploy your own smart contract to mint NFTs, this will cost you a hefty gas fee, as will actually minting the token. Note that one contract can mint multiple tokens.

Alternatively - and as mentioned before - you can use one of the marketplaces' contracts. There are few different variants of these. Some are just as costly as using your own, but take the work (and required expertise) out of it. Others are significantly cheaper, may prevent the need (and cost) for you to create a new contract at all (you'll use a contract the marketplace already has in place), and/or postpone the costs of minting until the time of sale. Some of these can essentially remove all up-front costs, but may result in the marketplace charging a higher percentage of the sales price for their service or the NFT appearing only in specific stores.

Marketplaces tend to charge a percentage of the sales price for their services, ranging between 2.5% and 10% in general. Obviously they will charge it again on resales, for which you may or may not receive royalties.

Transferring NFTs between your own accounts is also not free, and several times the gas cost of transferring ETH.

Excluding the marketplace sales fee, all the fees are directly related to the price of gas (which is needed to transact on the blockchain), which fluctuates with the congestion of the Ethereum network. Right now, gas prices are ridiculously high, and is pricing all sorts of on-chain activity out of the market. From-scratch NFTs at this point pretty much need to sell around the $100 USD area to guarantee break-even. Even with marketplace-based gasless NFTs you wouldn't want to go much lower.

This is breaking a lot of other use-cases for NFTs too, not just these art sales. Improvements to contracts making them more complex, requiring more gas, make little sense in this environment.

There are other blockchains offering NFT capabilities, such as Tezos with FA2, and Enjin's JumpNet may also be of interest. There are dozens more, but of course we're all really waiting to see what DOGE will do.

If the price of gas on Ethereum stays this high long-term though, it would make sense - particularly for lower-valued NFTs - to be minted elsewhere.


This first dive into NFTs both answered a lot of the questions I had, and raised some new ones.

While not all the potential issues mentioned here affect all NFTs in the current hype-space, it certainly seems like long-term provability of ownership and asset authenticity is not something that can be taken for granted, though it can be achieved (in a half-assed way). Being able to trace the path in both directions is virtually non-existent. Scarcity seems provable but isn't quite. Buyer beware.

It shows that the first NFTs were intended for gaming, where a lot of these potential issues don't really exist - the game knows who it can trust.

Lack of standardized multi-file and cryptographic signature support, royalties and other features off-chain and not necessarily porting cross-marketplace; reliance on trust, reputation, and (often) centralized storage and websites. It's all so very un-blockchain-y.

It's almost like they took something designed for a just barely related purpose and semi-randomly bolted all sorts of things to it.

I'm not saying everything mentioned here needs to be solved. Not everything is an actual problem, some NFTs already work around some of these issues, some things mentioned are actually very hard to solve, and some things could be improved but don't necessarily need to be.

I'd like to see some improvements, but no doubt some developers are already hard at work on the next iteration.

Thing may already be well enough for both the average creator as well as the average buyer. I would definitely double-check some things before I spent $69 million (nice) on one particular NFT, though...

Thank you for reading this award-dodging article. Those itching to tell me just how wrong I am, you may commence commenting.

TODO disable comments

One more thing...

TODO publish own NFT which solves all problems and brings world peace; it could all be yours for a small payment of one billion dollars!

Ricardo Torres commented on 2022-04-04 at 13:50:

No puedo descargar la aplicaciĆ³n y me interesa mucho

Sign in with Google to add comments or +1