NFT Exploits Need A Countermeasure And Unique Certification May Be The Answer
NFT exploits, hacks, and thefts remain a pressing issue in 2023. Moonbirds co-founder Kevin Rose fell victim to an exploit draining his wallet. Over $1,1 million in NFTS were stolen, and secondary markets aren't always equipped to handle with stolen assets.
Kevin Rose Suffers A Setback
Being an NFT collection creator and co-founder doesn't mean people cannot make mistakes. Although Kevin Rose is at the forefront of the NFT industry, he, too, can be hacked. Rose fell victim to one of the many phishing scams targeting non-fungible token investors. It appears he signed a smart contract, allowing the hacker to transfer high-value assets from his wallet.
Social engineering attacks remain a powerful tool to trick users. The attack specifically focuses on generating signatures deemed valid by the OpenSea NFT marketplace. Although access was revoked with the help of Revoke Cash, the exploit initiated a bulk asset transfer. As a result, Rose lost various personal NFTs, including Art Blocks, OnChainMonkey, and one Autoglyph. It is estimated the total stolen holdings amount to over $1.1 million.
In addition, the MetaMask team was notified of this phishing attack and rolled out code to block the website from attempting to trick users. However, there is no recourse for Kevin Rose. Although OpenSea has a policy for stolen items and "flags" them, it leaves much to be desired. More specifically, culprits can easily bypass these restrictions, as became apparent multiple times in the past week.
These developments cast a dark shadow over the non-fungible token industry. While users buy digital artwork and experience true digital ownership remain subject to scams, thefts, and other trickery. All it takes is one malicious wallet signature to lose everything associated with that wallet address. The freedom provided by decentralized technology incurs steep responsibilities. Never sign random contracts and avoid websites asking for wallet interaction permission unless you know what you're doing.
Building A Safer And Certifiable Future
The assets stolen from Kevin Rose eventually ended up in FixedFloat - a Lightning Network exchange - and the BTC was sent to an undisclosed mixer. That will remove almost every trace of the funds once money comes out of the mixer. However, the monetary value associated with theft is only one facet. The real issue is how easy it is for hackers to exploit users. Front-end developers need to develop a different game plan to protect users thoroughly, but that is easier said than done.
Non-fungible tokens are unique, which should make it straightforward to authenticate them. Wakweli has come up with a solution to certify digital assets - either off-chain or on-chain - through a unique marker. As such, one asset cannot be represented by another token. For instance, it could provide non-fungible authentication and certification to NFTs, instilling more trust and value.
Using a digital certificate of authenticity for tokenized assets is a powerful approach. It ensures the public is confident in tokenization and creates new opportunities for adoption, investing, and innovation. One of its primary benefits is the ability to end digital asset fraud. Right now, neither people nor platforms offer sufficient protection against this threat. A new paradigm of trust and interoperability will be unlocked by ensuring every person can become a certifier and validate certificate requests.