NFT: from physical objects to authentication of everything by Metaverse, security should never be ignored

The rise of NFT is both the natural result of Internet and blockchain development and the response to the urgent need of a more convenient way of authentication and circulation of artworks.

Based on blockchain, NFT is more than tamper-proof, open, transparent, and traceable – it is also unique. Its inherent properties as collectibles allow it to be linked to the art world in the first place; but it can also map physical objects such as properties, land, cars, and even virtual assets. A typical example is the trendy Metaverse that has gone viral recently. It is safe to say that NFT can authenticate everything; and everything can be NFT-ed.

Security issues after the NFT emergence

NFT everything will create a whole new world, but the development of any new technology has to go through a process from rough to fine. Security issues such as copyright, repeat sales, theft and storage have already emerged.

1. Copyright

In a world of networking, the ease of access to resources and the availability of deploying smart contracts on blockchains make infringement prevalent, such as the case of Swedish illustrator Simon Stålenhag’s unauthorized work made into NFT. The consequence of this “freedom” in the blockchain is that if the first creator of the NFT is not the actual creator of the physical artwork, then there is a high probability of copyright disputes.

2. Repeat sales

Although most NFTs are currently deployed on Ethereum networks, it is however, not the only public chains where NFT smart contracts can be deployed, so at present there is no way to prevent a creator from deploying the same mapping on different public chains. If two different buyers purchase two NFTs with the same mapping, which one is the unique one?

3. Theft

Like other cryptocurrencies theft on the blockchain, NFT’s theft problem is largely due to the theft of keys and mnemonic phrases. The NFT boom has attracted not only collectors and investors, but also hackers. Hackers steal private keys by implanting Trojan viruses into computers, using malware to record keyboard input and screenshots. Losing the private key almost means losing the cryptocurrencies, so it is recommended to use physical media to back up the private keys and mnemonics, such as copying them on paper with a pen, and then keeping them in a safe. Be careful when taking screenshots or photos, and don’t store them in an internet-connected environment to prevent theft.

4. Storage

NFT provides a new way to transfer value, but whether it can be permanently stored may have not been seriously considered by most users. And data loss cases have occurred in the short time since NFT emerged. Musician 3LAU sold an NFT album for $11 million on NiftyGateway in early March, but the NFT was soon lost.

The reason for this problem is that most NFT tokens themselves are currently stored separately from metadata and media data. Although the tokens themselves are stored on the blockchain, the NFTs store actual contents as a simple URI string in the metadata which is stored on a centralized node. This is a sub-optimal solution for the Ethereum network congestion and the high cost of storage on it. With this approach, metadata and media data can be lost or replaced at any time, and if lost, the NFT becomes worthless even though the token is still stored on the chain.

NFT storage solutions: decentralized storage and multiple backups

Taken together, storage is the most critical of the four security issues mentioned above. Because copyright, repeat sales, and theft, while important to buyers or collectors, do not affect the existence of NFTs and relevant mappings in the world, but only how they exist and to whom the ownership belongs.

For the entire NFT market and even the whole collectibles market, however, storage is a solution to the long-standing or even permanent problems of NFT, which is where the true meaning of NFT value lies.

As we can see from the media data loss case, the root cause of the storage problem is that a programme which seeks to decentralize is using a centralized storage approach.

Decentralized storage and multiple backups are the best solutions to this problem.

1. Decentralized storage

At present, most NFT trading platforms do not specify how the tokens are stored. Most platforms use centralized storage methods, while a few other platforms recommend decentralized storage. Decentralized storage is still new relative to centralized cloud storage. Projects such as Filecoin, Arweave, Storj, MEMO are tackling blockchain-based decentralized storage. They work by slicing the data and storing the fragments on many edge nodes around the world, using blockchain decentralization technology to achieve data integrity and storage reliability; and the failure of any single edge node will not cause data loss. It is much more reliable than centralized storage.

2. Decentralized storage network of IPFS

IPFS is by far the most widely recommended decentralized network and is itself a storage tier for Filecoin. IPFS is a protocol that addresses contents by integrating existing technologies (BitTorrent, DHT, Git, and SFS) to create a peer-to-peer hypermedia protocol that seeks to create a faster, safer, and more open next-generation Internet.

This is the approach recommended by many NFT trading platforms, including Opensea. The famous digital platform Hashmask, which is known for its mask styles, stores all NFTs with IPFS. The Punk platform CryptoPunks does not currently announce how its NFTs are stored, but all the 10,000 NFT images in its SubstraPunks game are stored on IPFS.

3. A better solution: Metastorage

Although IPFS is one of the few solutions, it is actually not perfect. Its advantage is content addressing, but there are still deficiencies in storage. The essence of IPFS is that, if there is a link, there is a “Content ID” (CID) – as long as the data exists, the data can be found; but if the data does not exist, then the link refers to a blank. From this perspective, IPFS is more like a system that “processes data but does not store data”.

Metastorage(www.metastorage.org) is a storage project developed based on MEMO (memolabs.org) and for empowering Metaverse & NFT. Its storage method is “IPFS+MEFS”. MEFS is a file system built upon MEMO, and MEMO is a blockchain-based distributed storage project established in 2017 which is known for its high availability.

MEMO aims at high availability at the very beginning of its design stage – it improves its storage performance from three aspects: space utilization, data verification speed, and data repair performance. And it has found the best balance between security, reliability, and availability. Its innovative data layering mechanism can effectively improve the efficiency of storage space, providing verification certificate within 1 second. And the original RAFI technology can significantly improve the data repair capability.

Metastorage leverages the advantages of both IPFS and MEFS to create a double cycle storage. With only one click, it is linked to both IPFS system and the MEFS system, realizing decentralized and reliable storage and double backups at the same time.

Therefore, relatively speaking, Metastorage with the combination of “IPFS+MEFS” has excellent storage performance and should be paid attention to and used by most of NFT trading platforms and creators.

In the digital age, storage is an ultimate problem that needs to be solved throughout the whole time, and even more so for the NFT world which has high expectations of permanent storage. Storing NFT metadata and media data on a decentralized network and making multiple backups will eliminate the embarrassing case of losing the media data while the ownership remains. And decentralized storage and multiple backups will make it possible to NFT everything.

Disclaimer: The views, suggestions, and opinions expressed here are the sole responsibility of the experts. No Ireland Daily News journalist was involved in the writing and production of this article.