Abstract
The concept of Non-Fungible Token (NFT) has found many applications with great impact. One of the most appealing uses of NFTs is the possibility of creating and managing an NFT collection where each token regulates the ownership of a digital asset and new tokens can be minted according to some rules.
In this work, we investigate the natural question of whether a digital asset could be duplicated inside a collection of NFTs. Interestingly, while intuitively uniqueness should be enforced by the use of NFTs, we observe that the existence of clones is possible according to the mainstream approaches of Ethereum (i.e., ERC-721 contracts) and Algorand (i.e., ASAs). Moreover, we have scrutinized famous NFT collections that have been built on such decentralized platforms and our findings show that, unfortunately, the uniqueness of a digital asset in a collection (e.g., the guarantee that at most one NFT is generated for the ownership of a specific digital painting) is at risk if the minter (i.e., a single point of failure) is at some point corrupted.
Next, we propose a natural and simple functionality \(\mathcal {F}_{CollNFT}\) abstracting the management of NFT collections that, by design, does not allow clones in a collection. While in general, ERC-721 and ASAs do not securely realize \(\mathcal {F}_{CollNFT}\), we discuss the design of an NFT collection that is compliant with the ERC-721 standard and at the same time realizes \(\mathcal {F}_{CollNFT}\), therefore, guaranteeing by design that even a malicious minter can not introduce clones in the collection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
For instance, this first transaction (0x57f23fde8e4221174cfb1baf68a87858167fec228d9b32952532e40c367ef04e) mints a token on behalf of another user and this second one (0x57f23fde8e4221174cfb1baf68a87858167fec228d9b32952532e40c367ef04e) transfers it from the user, without its authorization.
- 5.
Due to size constraints, usually the digital data of a collectible are stored off-chain and the \(data\_of\_collectible\) should be a unique link to the off-chain representation. This is typically enforced through the use of IPFS links.
- 6.
- 7.
- 8.
This is extremely important since several web3 dapps (e.g., wallets) can be used only on standard mechanisms.
References
Algorand Developer Docs - Algorand Developer Portal (2023). https://developer.algorand.org/docs. Accessed 13 Feb 2023
FIFA+ Collect (2023). https://collect.fifa.com. Accessed 7 Mar 2023
Androulaki, E., Camenisch, J., De Caro, A., Dubovitskaya, M., Elkhiyaoui, K., Tackmann, B.: Privacy-preserving auditable token payments in a permissioned blockchain system, p. 255–267. AFT 2020, Association for Computing Machinery, New York, USA (2020)
Bauer, D.P.: ERC-721 nonfungible tokens. In: Getting Started with Ethereum: A Step-by-Step Guide to Becoming a Blockchain Developer, pp. 55–74. Springer (2022). https://doi.org/10.1007/978-1-4842-8045-4_5
Benet, J.: Ipfs-content addressed, versioned, p2p file system. arXiv preprint arXiv:1407.3561 (2014)
Das, D., Bose, P., Ruaro, N., Kruegel, C., Vigna, G.: Understanding security issues in the NFT ecosystem. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 667–681. CCS 2022, Association for Computing Machinery, New York, NY, USA (2022)
Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th Symposium on Operating Systems Principles, pp. 51–68 (2017)
Grassi, L., Khovratovich, D., Rechberger, C., Roy, A., Schofnegger, M.: Poseidon: a new hash function for Zero-Knowledge proof systems. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 519–535. USENIX Association (2021). https://www.usenix.org/conference/usenixsecurity21/presentation/grassi
Guidi, B., Michienzi, A.: Sleepminting, the brand new frontier of non fungible tokens fraud. In: Proceedings of the 2022 ACM Conference on Information Technology for Social Good, pp. 75–81. GoodIT 2022, Association for Computing Machinery, New York, NY, USA (2022)
Merkle, R.C.: A digital signature based on a conventional encryption function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-48184-2_32
Nabben, K.: You can now clone NFTs as ‘Mimics’: Here’s what that means.“I think I just broke the NFT market." (2023). https://cointelegraph.com/magazine/you-can-now-clone-nfts-as-mimics-heres-what-that-means/. Accessed 24 Mar 2023
Tolmach, P., Li, Y., Lin, S.-W., Liu, Y.: Formal analysis of composable DeFi protocols. In: Bernhard, M., et al. (eds.) FC 2021. LNCS, vol. 12676, pp. 149–161. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-662-63958-0_13
Vitaletti, A., Zecchini, M.: A tale on decentralizing an app: the case of copyright management. In: Submission to the 5th Distributed Ledger Technology Workshop (DLT 2023). CEUR-WS (2023)
Wood, G.: Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Visconti, I., Vitaletti, A., Zecchini, M. (2023). Preventing Content Cloning in NFT Collections. In: Zhou, J., et al. Applied Cryptography and Network Security Workshops. ACNS 2023. Lecture Notes in Computer Science, vol 13907. Springer, Cham. https://doi.org/10.1007/978-3-031-41181-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-41181-6_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-41180-9
Online ISBN: 978-3-031-41181-6
eBook Packages: Computer ScienceComputer Science (R0)