To answer this question, I think it’s first important to establish the difference between NFTs and the products they grant ownership of. Confused? I don’t blame you.
A relatively new facet of our capitalist society, the language that defines NFTs is still racing to catch up to the present situation. As such, especially in the media, the term NFT has become synonymous with both product and deed.
It can be used to describe whatever has been bought, and the digital certificate that proves you are the rightful and sole owner of the product in question, but we also need to think of them as separate entities.
As you may have started reading with the assumption that NFTs are only the products themselves, let’s discuss if they can be deleted first.
We’ve all accidentally deleted something from our computers or phone and been unable to retrieve it before. That’s the risk of a digital item. One second it’s there, a neuron fires, a wrong button pressed, and the next, it’s gone, obliterated - as though it never existed.
Normally it’s music, family photos, or videos, but what if the thing you deleted cost you millions of dollars?
Much like any other piece of digital data, a digital product can be deleted. As long as there is nothing in the seller’s contract that forbids such an act, as the rightful owner of said digital work, the NFT holder has the right to delete their file.
It’s their prerogative - just like you can buy a painting, bring it home, and burn it in your fireplace.
However, as free as the digital realm is, there may also be restrictions put in place via the ‘gallery’ that sold you the digital work.
For example, Sedition, a company specializing in the buying and selling of digital art, enforces rules that you can only access the art via their app. If it’s a picture, you can look at it. If it’s a video, you can watch it through them, but you cannot download the video and spread it around.
So, hypothetically, even though in this scenario you do legally own the art, as you have to access it through a portal with limitations, the setter of the limitations could make it so that there was no way for the owner to delete it or do, well...anything with it.
On the other hand, if you purchase an NFT from an independent artist that doesn’t have their own professionally designed and managed ‘vault’ that you can visit, preventing the eventual automatic deletion of the file can be tricky.
This is because of data storage standards across certain areas of the web. Take Google Drive for instance. After long periods of inactivity in a certain area of Google's storage service, the data within them will be deleted.
This is fine for organizing our everyday data such as emails, but when someone has paid for a product, it’s not really acceptable. The artist and buyer need access to a long-scale safe haven.
Does such an area of the internet exist? Yes, it does, and it has a really awesome name. Allow me to introduce the InterPlanetary File System (IPFS), a peer-to-peer data storage and sharing network.
Now let’s move onto the true NFTs, the digital deeds of ownership. Out of necessity, there is a way of deleting them, but this act is referred to as ‘burning’ the file.
The reason a ‘move to trash’ function is required for NFTs is largely due to human error on the creator’s part. During the creation, or ‘minting’ of NFTs, the owner of the digital files may well misplace a decimal point or perhaps make a spelling mistake.
The problem is that once a product is minted, the corresponding NFT deed cannot be edited, so the only option is to start over. Let’s take a look at a community NFT marketplace as an example of what this process might look like.
On the NFT auction app, foundation, you can trigger this self-destruct protocol by entering the ‘Creator Dashboard’ of the account you used to create the NFT, and following these simple steps…
- Select the NFT for Burning.
- Click the “...” Settings Icon.
- Select “Unlist NFT” - This will remove the NFT from the marketplace.
- Click on the Settings Icon Once More.
- Select “Burn NFT”.
Do bear in mind; however, that burning a NFT is a one-way process. Once actioned, there is no going back - it's gone for good. Furthermore, altering and deleting data stored on Blockchain is a costly process, so there will be a burning fee involved.
As scarily permanent as this all sounds, it’s important to remember that the digital file that the NFT represents will not be deleted or altered in any way. The NFT deed may feature a link that directs you to the digital product, but the NFT deed does not contain the product itself.
Can NFTs Be Duplicated?
You wouldn’t be the first to puzzle over how the ownership of intangible, digital products would work in a hyper-connected, technology-based society. If said product even pops up on the internet for a few seconds, what’s to stop people who stumble across it from duplicating it, and spreading it across the greater internet? Is that technically theft?
The truth is NFT products are duplicated and shared all the time. A lot of them have already done their rounds on the internet and have become a staple of a certain web-based subculture, inextricable from their online histories.
Take the 2007 ‘Disaster Girl’ meme, for example. The picture shows a young girl giving the camera a sinister smile as a house is burning to the ground in the background.
This hilarious yet slightly unsettling photo is plastered all over the internet, even today, yet the now college senior, Zoe Roth, just sold the rights to the original image as an NFT for $500,000.
Deleting the thousands of versions of this image online wouldn’t just take dedicated teams of people and an army of lawyers slinging out cease and desists for years on end, preventative measures against further reproduction would be impossible to police.
The same is true of the ‘Nyan Cat’ gif featuring a pixelated cat in a pop tart flying through space on a rainbow. Created by Chris Torres over a decade ago, it took the online world by storm, permeating social media platforms.
There’s no way to oust the duplicates that already exist, which means you can’t prevent more duplicates from being made. More to the point, even if there was a way to erase that pop tart-bodied feline from the internet, you’d be undoing its cultural relevance, thereby reducing the value of the gif as an NFT product.
More to the point, duplicates don’t really diminish the value of an original work. Take any classic novel for example. Say after rifling through your Grandfather’s attic, you come across a 1st edition Grapes of Wrath by John Steinbeck. That book is worth a ridiculous amount of money, yet the story itself is ubiquitous.
The exact text has been replicated roughly 14 million times across the world since it was published.
We’ve all probably got some dusty old impression of it somewhere in our house, in a box or perhaps stuffed haphazardly into a much-too-small bookcase, yet most of them, you’d have trouble unloading as a charitable donation, let alone selling for tens, maybe hundreds of thousands of dollars.
This is what an NFT does. It provides provenance of digital work. It’s that tiny bit of text in a book that reads…”First Edition, First Impression”.
Although there will be many that will cringe at this vague artistic comparison between Grapes of Wrath and the Nyan Cat (I apologize), the duplicate issue follows the same principles.
The proliferation of the text throughout historical and popular culture means it will always be relevant. In other words, it means a lot, and despite its popularity, that first edition copy is no less scarce, ensuring its value only grows.
Some sellers of digital products via NFTs will use something known as a smart contract granting them certain aspects of ownership.
For instance, an artist might sell their original digital artwork and retain the distribution rights of the image. They no longer own the source file, but they can make duplicates themselves and continue to sell them digitally or print them and sell them as tangible objects.
Side Note - Don’t worry too much about understanding the ins and outs of smart contracts. All you need to know is that they’re a self-executing digital contract written in lines of code rather than in ink on paper. They automatically keep up to date on the legalities involved in the purchase of an NFT.
In fact, if a seller uploads their NFT to the IPFS so their buyer has constant and secure access to the digital product, the file is automatically duplicated by the IPFS itself. This is due to the original file being copied to the IPFS Blockstore; however, IPFS is currently working on finding an alternative to this.
It’s a large system overhaul, so it may take some time, but once complete, it will cut down on the memory capacity required to store data, while the original file remains unique.
Unless they’re limited by the smart contract or the parameters of the portal they use to access the product, the buyer of the digital work may also be able to make copies of the original. Perhaps they’d like to use an image as the background on their phone, or maybe even print it out to frame and hang on their wall.
So, yes, an NFT product can be duplicated, but what about the NFT deed that stipulates this person alone owns the rights to a digital work?
The short answer is no; non-fungible tokens cannot be duplicated. The concept of selling digital work to individuals is far too ephemeral to begin with. If the deed of ownership could be duplicated just as easily as the digital product, the whole business model would collapse, as no one would know who owned what.
The original artist could verify who they sold their work to, but forgers could simply claim that the buyer sold the NFT on to them, although, this is an unlikely event. There’s much more of a chance that creators of these forgeries would then sell them on to unsuspecting buyers before anyone had cottoned on to the crime.
Don’t worry, though, folks. This simply can’t happen; let’s discuss why.
When an NFT is created and a smart contract agreed upon by the creator and consumer, a chain of ownership is created on the Ethereum Blockchain. No matter where that NFT deed goes, this chain will always be traceable back to the original creator, even if it changes hands thousands of times.
Can someone forge the original NFT? Sure. Will it exist in the same space and look identical to the original NFT? Absolutely. Will it be connected to a duplicate of the original artwork that by and large you couldn’t point out as a fake? Yep. But the key thing to remember is that there’s no chain of authentication, so a genuine duplicate of NFT deed cannot be created.
Have you ever bought any signed memorabilia? Maybe a baseball bat with your favorite slugger’s John Hancock scribbled across it? It will have arrived with a photo of the player signing the bat in question, and a certificate of authenticity that states that they signed said bat on X day as part of Y event. This is exactly what the chain is, but digital, and in many ways, far more foolproof.
Some will argue that people could duplicate a digital work, make a very slight alteration, so it's not technically the same NFT, and try to palm it off on a buyer as a new and original piece, but that’s where copyright laws come into play.
A new piece on the market with a striking resemblance to another digital piece of art that has already sold is obviously a forgery. You won’t even need to check the chain of provenance to figure that out.
Can NFTs Be Hacked?
We’ve established that NFT products can indeed be duplicated and that the NFT deeds cannot, but hacking is a whole different kettle of fish. The skillset of a hacker is essentially a skeleton key that fits every locked door in the digital world, and the vault you keep your NFT products in as well as the space that holds the deed itself are no exception.
This ghostly ability to enter supposedly impenetrable digital locations makes hackers one of the most effective and terrifying criminal threats in the modern world. Knowledge of this ever-present danger has led many to ask how they can ensure the safety of their digital items, and while there’s no sure-fire, quick fix, there are some fairly standard measures you can take.
- A Strong Password - Don’t use birthdays or names. Try to make it as nondescript as possible by including numbers and special characters.
- Multi-Stage Authentication - Even a strong password isn’t enough to keep hackers at bay. You’ll need to take advantage of every stage of user authentication a platform affords you.
- Be Wary of Where You Broker the NFT Deal - Negotiations in public online spaces not only draw unnecessary attention to the NFT in question, it can also offer key information that will help a hacker infiltrate your account. If a seller wishes to communicate via Twitter, Discord, or any other accessible location, politely request a more secure forum.
You may also be wondering what a hacker can do once they’ve cracked the lock on your account. Well, unfortunately...whatever they want really. They can do something as minimal as view or listen to the NFT product, they can spend money through your account, or they can lift your entire NFT collection to another location - an act that I elaborate on below.
Can NFTs Be Stolen?
Law surrounding NFT ownership is still a nascent school of thought, and there’s no doubt that if you encounter a problem with missing or altered NFTs, besides contacting the digital service you use to access them, there’s nowhere you can turn for help. It would certainly be a waste of time to phone your local police department and declare something completely intangible has been stolen from you.
Besides, you’d have to give the officers on the case a 2-hour lecture on what NFTs are before any digital ground could be broken.
The unfortunate truth is that NFT deeds can be stolen. Only recently, marketing freelancer, Michael Miriflor, declared via tweet that his Nifty account (a digital art auction) had been hacked - the NFT deeds moved to another account.
To rub salt in the already devastating wound, the intruder then spent over $10,000 on new NFT purchases.
When contacted about the thefts, Nifty pulled some impressive acrobatics to shirk responsibility à la Neo dodging bullets in the Matrix. According to them, as a Gemini-owned company - a well-established cryptocurrency marketplace - they provide the highest possible security protocols currently available.
Rather than accept blame, they announced that the theft of Michael’s and many other users’ NFT deeds was made possible by the absence of two-factor authentication on their accounts, and that “access was obtained via valid account credentials”.
Of course, there is some legitimacy in Nifty’s claims, but it seems to me that the true danger of single-factor user authentication in the realm of NFTs was never communicated by the company. If collectors aren’t aware of the danger, can they really be held responsible for the theft of their NFTs?
In many respects, it’s like leaving the door to your home unlocked before you go to work. Someone can just walk right in and take whatever they want. But in this digital scenario, the homeowners were convinced their doors were in fact locked up tight.
So, who’s to blame? The problem is that as it stands, no one really knows. We’re all sort of figuring it out as we go.
Nifty should certainly put more effort into spreading awareness of the dangers of digital theft. Then again, as two, even three-factor authentication is required for online banking, Nifty account holders should already understand the importance of multiple security measures for digital spaces that hold capital.
The real tragedy of these crimes is that victims cannot reclaim their NFT products because there’s simply no way of doing so. The only exception to this is if the thief failed to remove the NFT from the marketplace.
In this scenario, the marketplace has full control of the NFT, and all stolen artifacts can be returned to the owner’s account.
So, why is there such a lack of options for victims of NFT theft? Well, NFTs are largely a decentralized phenomenon, which essentially means there’s no true governance or policing authority.
The NFT marketplace has developed as a counter-cultural movement to cut out the middlemen in the sales of art, which is amazing. It means that creators will receive almost 100% of the profits of the sale.
However, the elephant in the room is the relative lawlessness that new structures outside the established order have to survive in order to thrive.
At first, the solution seems clear: set up at least a partly centralized body or bodies that can prevent these crimes and help victims reclaim their NFTs. But how exactly this can be achieved is a fiercely debated topic.
One idea doing the rounds is that there should be an auto-lockdown protocol embedded in the structure of the Blockchain. CEO of Blockade Games, Marguerite de Courcelle, describes this as a “kill switch” in the Blockchain matrix that would automatically shut down access to the digital art via the NFT deed, essentially rendering the NFT deed useless.
However, many have already expressed dissatisfaction with this solution as it may be too easy to influence. What’s to stop someone claiming their NFT was stolen by the rightful owner. The owner is then punished by having access to their NFT product restricted.
Others reject the notion that there should be a solution at all, as it will inevitably cause different kinds of corruption. Say, for instance, that there was some kind of policing and insurance policy in place for NFTs. What’s to stop someone with buyer’s remorse claiming that their account was hacked and the digital product purchased by the intruder?
The flaws in the system resemble the many-headed Hydra of Greek mythology. For every head that Hercules severs, two more grow forth to take its place. The more you think about fixing the security issues of the NFT market, the more problems arise as a consequence.
What a lot of people fail to realize is this prospective overhaul isn’t just a practical matter, but one with many moral implications too. As Managing Editor of CoinDesk Reports, Adam B. Levine, eloquently states in an episode of his podcast, “you don’t want the guy who cheated, to win, but on the other hand, you don’t want to completely break the game because someone cheated”.
The general idea is that centralizing too much of the NFT market will effectively destroy what makes it so special in the first place. The question then isn’t “what can be done about NFT theft?” but, “what should be done about NFT theft?”
You’d be forgiven for thinking that in the event of a theft, a new NFT deed should just be created once again re-certifying the original buyer’s ownership, but remember when I said that the original NFT cannot be duplicated?
This is actually a huge problem in the event of outright NFT theft, as a ‘new’ original cannot be created, and the current incarnation can only be deleted by the thief who now has control of the NFT. So, the irony is that one incredibly secure aspect of NFT deeds becomes the very reason they’re so unstable in the face of a slightly different crime.
Another area of the NFT economy that still needs to be hammered out is the theft of digital work before it’s minted. For example, imagine that you posted your digital artwork on Facebook or Instagram.
Some nefarious character could then duplicate your art from these sources, create their own NFT deed for the work, and sell it before you have a chance to. As theirs is the first official documentation, and a social media post isn’t exactly proof of creation, it can be a tricky situation to navigate.
In summation, it’s clear that the NFT ecosystem is still in significant flux. Having exploded onto the scene and attained global recognition in such a short period, there are bound to be some teething issues.
It’s the wild west out there at the minute, but the major players in the NFT auction game are working on solutions that work for everyone. It may take years to implement them, so make sure you do everything in your power to safeguard your art, purchases, details, and money when you immerse yourself in the new digital age of ownership.