NFTs Are a Privacy and Security Nightmare

Written by moushouar

These techniques are by no means foolproof, but even if they were, it’s a cumbersome layer of work that simply doesn’t scale. An obsessed crypto investor with plenty of time on his hands might learn how to manage a dozen crypto wallets, a wallet manager, a mixer, and every other tool needed to stay anonymous. But that’s work the average person simply can’t be expected to do on their own.

NFTs Shatter the Illusion of Privacy Entirely

A key component to keeping crypto activity anonymous is to avoid tying transactions to any identifying information. Which means NFTs, their nature, can fundamentally general by this goal. The idea behind NFTs is that they are fundamentally unique, identifiable tokens. And while they don’t work quite the way advocates say they do, it’s still technically true that no individual NFT can be duplicated.

This means that, if a user ties an NFT to any part of their online or IRL identity—say by using an NFT as a profile picture on Twitter or maintaining a profile on an NFT marketplace—it becomes trivially easy to find out what else their wallet has been up to.

This doesn’t even require using a specific app or service. For example, when Jimmy Fallon showed off his Bored Ape on TV, that made it very easy to find Jimmy Fallon’s wallet address and see what other transactions his wallet has been involved in, including a user sending him 1,776 Let’s Go Brandon tokens.

While knowing who bought which JPEG might not seem like a major deal, it becomes a critical issue as crypto advocates push the idea of ​​using NFTs for home ownership, medical records, and social media. A single wallet—or even a network of wallets that are not adequately obfuscated—could act as a giant bucket of personal data that not only can’t be kept private, but can’t be deleted from the blockchain.

Today’s NFT Platforms Lack Basic Security Features

Not only are transaction histories public for every wallet address on platforms like Ethereum—the largest NFT platform today—but it’s possible to send NFTs to any address, regardless of whether the recipient approves the transaction. For example, in December 2021, rapper Waka Flocka Flame found a number of NFTs he hadn’t purchased appearing in his wallet.

Since blockchains are immutable, append-only records of transactions, tokens dropped into a user’s wallet can’t just be deleted. Instead, they have to be “burned.” Burning is a type of transaction where an NFT (or any other token) is transferred to an address that no one owns and can’t be accessed, effectively making it impossible to recover. This, of course, comes with transaction fees.

Removing anything from your wallet—including spam, unsolicited dick pics, or harassing images or messages—can’t be done without shelling out money. So, for example, if Jimmy Fallon wanted to get rid of those 1,776 Let’s Go Brandon tokens (a transaction someone paid $30.25 worth of ETH to conduct), the only way to remove them is to pay a similar fee to send the tokens somewhere else. And that fee applies per transaction.


Source link

About the author


Leave a Comment