Please ignore the clickbaity title, the more technically correct question is: Are NFT's not-verified on the blockchain?
*its complicated, let me explain
...Wait... what are NFT's? actually
Simply put: NFT's are a number that unquqly repersents your piece of art.
Its a number.
nft ownership is owning a number that points to something.
But wait whats the problem here? I thought you said NFT's were hackable..
To explain: Bear with me for a Small detour, to explain what Hash functions are...
Are a way to uniquely identify pieces of data, like a password, or a cat gif, etc..
this is a hash function, it's a math function, that takes in data, and spits out a unique number that represents the input data.
The input doesn't have to be text, it can be anything, for example, a gif of Nyan cat
What does this have to do with my nyan cat gif nft?
Well actually alot.
A hash function would allow computers to varify if someone changed the url your nft points.
Are nft's valided by using hashes of your image stored on the blockchain?
Short answer: NO
Long answer: No, the block chain does not store a hash of your image or data, it only has a link to the actual photo or data you want.
What a link points to can be
The big question is:
Who validates that the nft is the original?
Answer is Nobody does.
Same thing happens in the art world. a art expert is the source of truth.
When researching this question it led me to go look up the technical documentation for what defines a nft
To quote the spec for nft's
Take note of : The URI MAY be mutable
The URI MAY be mutable (i.e. it changes from time to time).
This is important, that means the blockchain is not actually
verifying unique photos/data, it's just verifying that the token (aka number) is valid and unique...
This is the format for the data for a nft it has a json field of data for the nft. which here would be a image url that can change.
Here's why the image is not a hash stored in the block chain, the reason is its too expensive to do so.
Alternatives considered: put all metadata for each asset on the blockchain (too expensive), use URL templates to query metadata parts (URL templates do not work with all URL schemes, especially P2P URLs), multiaddr network address (not mature enough)
They use the word '
(too expensive)' meaning its takes too much work to varify that images, thus its not verified at all. 😨😱💀
In a article by Nicholas Juntilla called
The Importance of Image Hashes for Authenticating NFTs they make this statement
"Most of the big marketplaces, OpenSea, Rariable, Mintable, Nifty Gateway, do not save any hash or any identifiable information about an NFT so what you own is a token with a vague generic URL."
BTW, OpenSea is the largest nft platform. hmm. scary.
But is it really that big of a issue?
Well maybe. the issue is what server the url is pointing to.
If a att/acker has access to the server, they can change the nft's data, and no platform or blockchain is the wiser.
What does it mean to own a NFT?
Its buying the wright to say, I own that painting. Which is not the same as 'ownership' of a physical object
Like yes, you "own" it. but what does this asset class actually?
Hacker can change where theurl points too
Why do people buy traditional art?
believe its valuable. Belief + scarcity = value.
Thanks for reading 😎
by oran collins