Introduction

Blockchain technology enables the mapping of currency in the digital world, and has resulted in the creation of a series of fungible cryptocurrencies, which has sparked a surge of cryptocurrency investment in recent years. The emergence of non-fungible tokens (NFT), on the other hand, allows us to envision the prospect of mapping the entire real world.

Apart from the currency, most objects in the real world are one-of-a-kind with distinct characteristics and values.. The characteristics of NFT can perfectly adapt to this circumstance and realize the tokenization of different objects in the digital world. By leveraging the qualities of blockchain to be tamper-proof, open and transparent, and traceable, NFT maps the real world into the digital world, and builds up the long-awaited Utopia – the Metaverse.

However, because of existing technical limitations, NFT has not been able to achieve the above-mentioned idea perfectly. Due to congested communications, limited scalability, high gas expenses, and other reasons, the metadata and media data of NFT are not entirely stored on the blockchain, but off the chain instead. Without the protection of blockchain technology, this component of the data is not completely safe and reliable, which implies that the current NFT has not yet achieved the same level of trustworthiness as Bitcoin does. But this flaw is masked by the enthusiasm for NFT and receives little attention.

According to data from coingecko, as of press time, the current market cap of the NFT market has totaled $22.97 billion, accounting for 1.2% of the global cryptocurrency market cap. It has a 24-hour trading volume of $3.25 billion and is still rising with a strong momentum. The security behind the huge number is, however, very fragile. Due to the uncertainty of off-chain storage, there have been missing cases for NFT from time to time. Once the corresponding metadata and media data become invalid, Certificate of ownership for NFT stored on the blockchain is just a worthless check without an acceptor. William Entriken, the author of ERC721, which is the most widely used NFT standard, once said: ” Your ownership of assets on a ledger is only as valid as your trust in the custodian who has physical control of the assets.”

As of now, NFT is still not secure. Unlike Bitcoin and other cryptocurrencies whose transaction information is completely stored on the blockchain, NFT has a different approach. While its transaction is also completed on the blockchain, its storage is often done off the blockchain – in the centralized server of the project, third-party cloud server, IPFS, or Metastorage and other NFT storage projects. This is due to the fact that the metadata involved is often complicated and that the media data requires a larger storage space. These intricate “Keepers” are all somewhat riskier than storage on the blockchain.

NFT storage has become the weakest link in the current NFT system, yet as a key infrastructure of the Metaverse, it is bound to play an important role in the new social ecosystem in the future. This article will explain the underlying architecture of NFT, summarize the status of NFT storage, and also delve into the opportunities and challenges faced by NFT storage.

1 The Basics of NFT

1.1 Basic Concept

NFT refers to “non-fungible token”, a type of token originally created through the Ethereum smart contracts. As a special digital asset, it is indivisible, tamper-proof, irreplaceable, and one-of-a-kind.

The concept of NFT is relative to FT, which stands for “fungible token”. Bitcoin is a typical example of fungible tokens – each Bitcoin is identical to one another and can be divided into smaller units. Each NFT, however, has a single unique identifier, which cannot be interchanged with any other one or split into smaller units.

NFT can empower creators in various fields with its unique attributes, providing a more convenient and reliable way to authenticate digital assets. With NFTs, creators can easily prove the existence and ownership of digital works in the form of pictures, videos, artworks, tickets, etc. In addition, creators can also earn royalties every time the NFTs are traded.

1.2 Technological Elements

Blockchain. Blockchain is a technology  was first known as a distributed ledger for Bitcoin. Blockchain is a distributed and tamper-proof database. In essence, it is a list of recorded data and information that is protected by encryption protocols. Blockchain provides a viable solution to the long-standing Byzantine Generals problem.

Smart contract. The smart contract accelerate the execution and verification process of digital protocols. Blockchain-based smart contracts use Turing complete scripting languages to build complex functions that are compatible with each other and are executed through consensus algorithms to ensure consistency. Smart contracts enable fair transactions that do not rely on third-party credit intermediaries, thus making cross-industry, cross-field, and cross-ecosystem value interactions possible.

**On-chain transaction. **On-chain transactions require blockchain addresses and instructions for the transactions. A blockchain address is composed of a fixed number of letters, numbers, and characters。It is a unique identifier for users to send and receive assets, much like a bank account and has a pair of corresponding public and private keys to verify the authenticity of the transaction.

**Data coding. **Through data coding, files can be compressed into an effective format to save storage. The authentication of the NFT assets is actually the authentication of the hash values signed by the creator of the NFT. Others may copy the metadata, but they cannot prove their ownership.

2 Fundamental Model

2.1 Protocol Standards.

Fundamentally, the underlying logic of NFT is based on distributed ledger and relies on peer-to-peer networks for transaction. If the blockchain distributed ledger is regarded as a special type of database, then it is the place where NFTs are stored – the actual storage of NFTs is more complicated though. Assuming that this database is secure, consistent, integral, and accessible, the entire NFT closed-loop ecosystem mainly includes the following scenarios.

• **NFT digitalization. **The NFT creators will check whether the files, titles, and descriptive sentences are completely accurate, and then convert the NFT metadata into an appropriate format.
• **NFT storage. **NFT creators can choose between on-chain and off-chain methods to store the metadata. On-chain storage costs more and is more congested, but the metadata will be permanently stored together with the tokens. Off-chain storage has higher limits for space, but in theory bears the risk of metadata losses. The currently available solutions for off-chain storage include centralized data centers, IPFS, and decentralized cloud storage.
• **NFT signature. **The creator of the NFT signs the information including the hash values of the NFT data, and then sends it to the smart contract.
• **NFT minting and trading. **After receiving the complete information of the NFT, the smart contract can start the minting of the NFT and initiate the transaction at the same time. The main mechanism is formulated following the token standards.
• NFT confirmation. Once the transaction information is confirmed on the blockchain, the minting process is completed, and the minted NFT will be permanently linked to a unique blockchain address to prove its existence. However, the actual content of NFTs is usually stored off-chain, independent from where the ownership is stored.

2.3 Key Properties

NFT is essentially a type of dApp, that is, a decentralized application. It inherits various qualities from the underlying public ledger, which can be summarized as follows:

1. **Verifiable: **NFT’s token metadata and ownership can be publicly verified. The premise is that metadata is stored on the blockchain. If it is stored off-chain, then it is up to the off-chain storage system to determine whether it can be publicly verified. Centralized storage does not allow public verification, which means the device owners can change the data as they wish; IPFS can verify whether the data has been tampered with through CID, but cannot verify the storage status; MEFS and other decentralized cloud storage systems can not only verify whether the data has been tampered, but also the storage and redundancy status of the data.
2. **Transparent: **the entire process of NFT include minting, selling and purchasing is publicly accessible. However, the storage of NFT metadata and media data is not completely transparent or available to the public. NFT creators can choose the storage method they like, but the security of most storage methods cannot be clearly assessed.
3. **Available: **The system on the blockchain that NFT relies on will never be compromised. All the issued NFTs will never have difficulty in selling or purchasing. There are the potential risks of unavailability for off-chain storage for NFT data. Currently, only decentralized storage systems such as MEFS have set up well-established risk control mechanisms; all the centralized storage systems and IPFS are not yet ready for risk control.
4. **Tamper-proof: **once confirmed, NFT metadata and the complete set of transaction records are permanently stored; it only allows further addition of new information but not modification to the existing information. If the metadata is stored in a centralized server, the service operators can tamper with the data at will; and file systems such as IPFS and MEFS are tamper-resistance.
5. **Easy to circulate: **the information that each NFT user sees is updated in real time, which eliminates the traditional information barrier between the creator, credit intermediary, and the buyer, and makes the information clearer and easy to circulate.
6. Atomic: NFT transactions can be completed in an atomic, consist, isolated and durable (ACID) system.
7. Tradable: NFTs and the corresponding products can be traded and exchanged as one wishes. The storage standard of NFTs is the key to recognizing its value, and therefore the value composition of the NFTs traded needs to be revisited.

2.4 Risk Assessment

The NFT system is a technology that integrates blockchain, storage and network applications. Its security faces challenges as each component may become a security weakness and expose the entire system to attacks. This article uses the STRIDE method for threat modeling, assessing the potential risks of the NFT system from the aspects of Spooling, Tampering, Repudiation, Information disclosure, Denial of service (Dos) and Elevation of privilege.

1. **Spooling: **spooling, as opposed to authenticity, is the ability to impersonate another person or thing in the system. When users mint or trade NFTs, malicious attackers may use authentication loopholes or steal users’ private keys to illegally obtain ownership of the NFTs. It is recommended to verify the NFT smart contract in a formal way and use a cold wallet to isolate online data so as to prevent the leakage of private keys.
2. **Tampering: **tampering is related to integrity, which refers to malicious modification of NFT data. The blockchain is a powerful distributed ledger. The hash encryption algorithm it uses is resistant to preimage and second preimage. If the metadata of the NFT is stored on the blockchain, once the transaction is confirmed, the metadata of the NFT and the ownership cannot be tampered with maliciously. However, if the NFT metadata and media data are stored off-chain, the information may be manipulated. It is recommended to use a decentralized distributed cloud storage system to ensure the safety and reliability of data.
3. Repudiation: relative to non-repudiation, repudiation means that the creator or owner of the NFT cannot refuse or withdraw once the transaction information is confirmed on the blockchain. The security of this process is guaranteed by the qualities of the blockchain distributed ledger and the unforgeable signatures. That being said, there is still the risk of the hash value involved being stolen or replaced by malicious attackers. It is recommended to use smart contracts with multi-signature verification to avoid certain risks.
4. **Information disclosure: **Information disclosure relates to confidentiality, which refers to the disclosure of NFT-related information to unauthorized users. In the NFT system, the status information and the code for transaction instructions of the smart contracts are completely transparent for anyone to access. This can lead to multiple risks of information disclosure. Even if only the hash value of the NFT is obtained, a malicious attacker can use the correlation between the hash value and the transaction information to do nasty things. It is recommended that NFT creators use privacy-preserving smart contracts to replace ordinary smart contracts to protect privacy.
5. Denial of service: denial of service runs against availability. It refers to malicious attackers attacking the raw data stored in the dApp or off-chain, causing them to deny services to the NFT system. Thanks to the high availability of the blockchain, users can call the information they need at any time without worrying about denial of service by the on-chain systems. However, due to the limited space and communication pressure on the blockchain, some NFT functions can only be enabled via off-chain systems, such as the storage of metadata and media data. Centralized network applications and storage systems are still at risk of traditional DoS attacks, causing denial of service to the NFT system. It is recommended to use a new hybrid blockchain architecture or a decentralized cloud storage system.
6. **Elevation of privilege: **elevation of privilege is related to authorization. It refers to cases where the attacker obtains NFT-related privilege by exploiting vulnerabilities in smart contracts, or gains illegal permissions by attacking relevant off-chain systems of the NFT. As the NFT authorization is completely managed by smart contracts, design flaws in smart contracts will bring authorization risks. Meanwhile, the authorization may also be impacted by the NFT metadata or media data stored off the blockchain. For example, tampering or deleting metadata or media data stored off the blockchain will make the ownership of NFT meaningless. It is therefore recommended that creators use mature and complete smart contracts when minting NFTs, store all data on the blockchain whenever there are no cost concerns, or use a more reliable decentralized cloud storage system to reduce costs.

3 Status of NFT storage

3.1 Product Types

With its unique attributes, NFT has brought about changes to certain extent to many areas, including Metaverse, digital artworks, collectibles, games, DeFi, public utilities and sports. This article summarizes the NFT products with the highest market cap in each category as the target group for studying the status of NFT storage.

a) Metaverse

Decentraland

Decentraland is a virtual reality platform based on Ethereum. Users can create contents and dApps and monetize them. The contents created can be provided to other users for interaction. The land in Decentraland is marked using the Cartesian coordinate system, of which the community has permanent ownership, and the creators can have full control over their works.

Decentraland stores the ownership of digital assets and other tradable information on the Ethereum blockchain, while other information that requires real-time interaction, such as scene status and user locations, are stored on the users’ computers or the scene owners’ private servers. Developers need to choose what information is worth storing on the blockchain because it entails a higher cost.

The Sandbox

The Sandbox is a community-driven UGC platform where users can obtain ownership of digital land and creative contents. Their works can be traded freely and turned into components of this user-generated Metaverse. All elements in the Metaverse are self-driven by the community.

SAND, the token on the Sandbox, is an ERC-20 token, while the authentication and transactions of digital assets on the platform follow the ERC-1155 and ERC-721 standards. This information is stored on the Ethereum blockchain. The actual media data of digital assets, on the other hand, is stored on IPFS and leverages Amazon’s S3 cloud service to support the front end of the web page. The digital assets that are yet to be minted will be stored on the S3 cloud server, and it requires decentralized storage solutions to further protect the data privacy.

CryptoVoxels

CryptoVoxels is a Metaverse based on Ethereum. Users can build, develop and sell digital assets on the street, and their ownership will be permanently recorded on the blockchain. The style is similar to Minecraft, where users can use customized pixel blocks to build their own land. The platform also provides users with the system’s native COLR tokens to color the land. At present, CryptoVoxels stores the media information corresponding to the digital works created by users on the land in the company-operated server. It has stated on social media that it will consider transferring the data to a decentralized storage system.

b) Digital Collectibles

CryptoPunks is a suite of pixel style avatar with different characteristics, with a total of 10,000 in number. These characters were claimed for free through the Ethereum wallet at the very beginning, and now need to be purchased through a second-hand trading platform. Initially, in order to save gas expenses, CryptoPunks aggregated 10,000 characters into a picture, and stored the hash value of this picture in a smart contract on the blockchain, but did not disclose the storage location of its original media data. As NFT storage risks get more attention, CryptoPunks spent 75M gas fees to store all avatars on the Ethereum blockchain.

Bored Ape Yacht Club is a total of 10,000 ape avatars with distinct features. All of the avatars have been minted and are available for purchase on the second-hand trading platform. BAYC announced on its official website the TokenID, SHA-256 hash value and IPFS hash of each avatar. It has also backed up the media data of each avatar in a decentralized storage system and released the back-up information.

NBA Top Shot is a collection platform for NBA fans to collect and trade various highlighted moments in NBA history. These highlighted moments are minted into NFTs through Flow, a public blockchain that was also developed by the same development team Dapper Labs, and can be traded freely. Some descriptive data information of NFTs is stored on the blockchain, and the video stream data corresponding to each NFT is stored in the centralized data center off the blockchain.

c) Games

Gods Unchained is an Ethereum-based NFT card game similar to Hearthstone. Players can form their own decks to play under different game modes such as Ranked Constructed and Arena Adventure. Cards can be freely traded in the market and are owned by the players. At present, the ownership of the NFT in the game is stored on the blockchain, while the metadata and media data of the NFT cards are stored on the company’s server and integrated with the smart contracts for use through an API interface.

Axie Infinity is a pet-raising game similar to “Pokemon Go” based on Ronin, a sidechain of Ethereum. Players can collect, train, raise, and own the imaginary Axie pets in the form of NFTs. The project stores the ownership information of each Axie and its unique genetic data on the blockchain while keeping the media data on the central server off the blockchain in order to meet the requirement of low latency.

MyCryptoHeroes is an Ethereum-based RPG game set in a fictitious world. Players can collect heroes in the form of NFT and form their own hero team to fight. The metadata of the NFT involved in the project is stored on the blockchain, and the media data is stored on the server managed by the company.

3.2 Trading Platforms

Opensea is the earliest and currently largest NFT trading platform, occupying more than 90% of the trading market. Initially, Opensea also used a centralized server to store NFT metadata and media data. With the spike of value of a single NFT and affected by the data losses from time to time, Opensea now also provides decentralized storage options for users. Currently, creators can choose to use IPFS to decentralize NFT metadata and media data, but they need to pay for it.

Rarible is currently the second largest NFT trading platform, supporting both ERC-721 and ERC1155 protocols. The project stores the metadata and media data of the NFTs minted by the creator at the backend of the website, which is a centralized server. They can be called on the blockchain by new buyers when needed.

SuperRare is an online art gallery that can be used for trading as well. It has also issued its own trading token RARE. The NFTs auctioned by SuperRare did not show very detailed technical information to users, such as smart contracts, tokenID, metadata, etc. This may be the reason why the market share of the platform has been low. According to our research, SuperRare uses IPFS for metadata and media data storage.

3.3 On-chain Storage

At present, the blockchains used by NFT mainly includes public blockchains such as Ethereum, Flow, and BSC, and sidechains such as Polygon and Ronin.

Due to the high gas fees and congested communication on the blockchain, most NFT projects choose to store only NFT ownership data on the blockchain to ensure that the ownership is tamper-proof, traceable, and cannot be repudiated. The transaction does not require a centralized credit agency as an intermediary and can be completed directly on the blockchain through smart contracts. This approach widens the circulation of NFT. It also uses a credit intermediary that is not controlled by any third party.

The media data representing the actual form of the NFT is stored off-chain, and in some cases, some more complex metadata information, too. Separating them from the ownership storage system casts shadow on the ownership that is stringently protected by the blockchain technology.

3.4 Off-chain Storage

The mainstream off-chain storage methods currently used by NFT are: centralized, centralized verifiable, decentralized, and decentralized repairable, etc.

1. Centralized StorageMost NFT projects do not have a market share as big as Opensea; many are still in their infancy and do not pay much attention to the security of off-chain data storage. The specific identifiers in the smart contracts can be used to return related metadata and media data. They usually use the URL on the web server as the identifier. This server is run by the company or provided by cloud service providers such as Amazon. The risks with centralized storage are tampering and denial of service.
2. Centralized Verifiable StorageLet’s take CryptoPunks as an example – it initially stored the integrated image of its products in a centralized server, and then stored the encrypted hash value of this image in a smart contract for verification. The advantage of this is that the image can be verified through the hash value to ensure that no modification has been made, making the NFT media data tamper-proof. However, the media data itself is stored in the central server instead of being backed up in the nodes all over the network like the NFT ownership stored on the blockchain. It therefore brings potential risks of data losses and denial of service and so on.The centralized verifiable off-chain storage method is an optimization of the centralized method, but there are still many risks. It cannot well address the requirement by NFT and Metaverse of highly reliable storage of the authentication data.
3. Decentralized StorageAs a representative of decentralized storage, IPFS has gradually been accepted by the NFT industry. IPFS aims to provide a decentralized addressing supplement to the traditional centralized HTTP. Take Bored Ape Yacht Club as an example – its metadata and media data are stored in IPFS; IPFS provides redundant backup and stable content addressing. As an addressing network running on multiple nodes, it solves the sore point of invalid URL address with the previous centralized storage method and avoids reliance on centralized service providers.The decentralized addressing method of IPFS has further improved the storage method of NFT metadata and media data, but as an addressing system, it cannot provide storage services that are safe and reliable enough. Though the CID address will always be in the system, the corresponding specific data does not have such stability. The reason is that the network nodes in IPFS are self-driven when backing up the contents – if only a single node or a small number of nodes back up the corresponding contents, the stored data will disappear when these nodes are damaged or offline, leaving only void message for CID.
4. Decentralized Repairable StorageAs a new possibility for NFT to solve off-chain storage problems, the decentralized repairable storage system has attracted extensive attention both within and without the industry. Decentralized distributed cloud storage projects such as Filecoin, Memo, and Arweave are also actively exploring better storage solutions for NFT followers, among which Filecoin and Memo have launched NFT storage projects based on their own storage ecosystems.NFT.Storage is an NFT storage project based on the Filecoin ecosystem launched by Protocol Labs. The NFTs stored through this project will be stored in IPFS or Filecoin. Currently, the capacity of a single piece of data stored is limited to less than 100MB. Its repair function is built upon Filecoin’s incentive mechanism. Through the scoring and verification system of storage nodes, it can detect and repair damaged or missing data in a timely manner. However, the storage in IPFS is provided by Protocol Labs, which requires more network nodes to participate and needs to be further decentralized. The storage on Filecoin has not yet been connected to the main network and is provided by test network nodes, thus the risk of data losses due to network reset.Metastorage is an NFT storage project based on the Memo ecosystem launched by Memo Labs. The NFT stored through this project will be double stored in both IPFS and MEFS – a storage system independently developed by Memo Labs. There is currently no limit to the amount of data stored. Its repair function is based on the MEFS storage system, leveraging multiple copies and the redundancy mechanism of erasure coding while providing open verification methods. The KEEPER role in the system is responsible for matching the nodes that have passed verification and challenges for the users and provides continuous evaluation and maintenance. Although the overall repair mechanism of MEFS is decoupled from the blockchain, it still requires Memo to engage a larger range of nodes to provide support for the MEFS system and build a stable ecosystem.It is possible that decentralized repairable storage becomes the future solution for NFT storage, making a better match for the storage of metadata and media data and the storage of ownership for NFT. At present, the product technology and scale are still very embryonic, and the degree of implementation needs further observation.

4 Opportunities for NFT Storage

4.1 Metaverse Value Support

Generally speaking, Metaverse refers to a virtual world built with a series of technologies including the Internet and VR. This concept was born decades ago but was never realized. With the rapid development of blockchain, Metaverse sees the prospects to become a reality – blockchain provides an ideal decentralized environment for Metaverse and the emergence of NFT also offers a feasible way to authenticate digital assets. Restricted by the current blockchain technology, the actual content of NFT needs a storage method that matches the ownership storage. Pushed by the demand, the booming of the technology is well expected to break through the security bottleneck for decentralized storage for NFT, and a broader market space for the decentralized cloud industry that focuses on addressing the NFT storage issues is right ahead.

In this virtual reality driven by blockchain, participants can have a very broad and rich space for imagination, such as enjoying games, displaying self-made artworks, owning and trading virtual property, etc. Users can even profit from the unique virtual economic system. They can purchase land controlled by a decentralized organization, build on it freely in the form of NFT, rent the building to others for return, or raise and breed rare pets and sell them for money.

The Metaverse ecosystem covers all the projects in the Metaverse discussed in the previous section, most of which are still in their early stages. Blockchain is usually used to record and ensure the ownership of users’ digital assets, and the media data corresponding to the ownership is mostly still stored in centralized servers or IPFS and has not been given the same level of protection as the ownership. This casts certain risks on the integrity of digital assets. Without a complete and reliable closed loop for storage, the use of blockchain technology to protect ownership will also lose its meaning.

4.2 Infrastructure for the P2E Game Industry

The recent booming of P2E games have drawn widespread attention from both players and the capital market. With Axie Infinity overtaking NBA Top Shot to become the NFT project with the highest market cap, it is believed that NFT has great potential in the gaming industry. Some of the existing crypto games are CrytpoKitties, Cryptocats, CryptoPunks, Meebits, Axie Infinity, Gods Unchanged, and TradeStars. One fascinating feature of this type of game is the “reproduction” mechanism. Users can raise pets themselves and spend a lot of time breeding new offspring. They can also buy limited edition/rare edition virtual pets and then sell them at high prices. Due to the characteristics of value circulation of P2E games, the current storage methods cannot meet their high security requirements. Decentralized cloud storage systems such as Memo are therefore better suited for NFT high-value storage.

The additional rewards have attracted many investors to join the game, which makes NFT even more important. Another exciting function of NFT is that it provides ownership records of items in the game. Players can have their own personal game items, which promotes economic identification in the ecosystem and brings benefits to both developers and players. Players and game developers as NFT publishers can earn copyright royalties every time the NFT is sold on the open market, sending funds back to the ecosystem and forming a virtuous cycle.

The reliability of NFT storage will determine the growth ceiling of the P2E gaming industry. When the industry develops to a certain level, the hidden dangers in the NFT storage will eventually receive more and more attention, and various game projects will have to make investments in improving NFT storage to lower the risks.

4.3 Enormous Capital Market

The existence of NFT creates a mutually beneficial business model – while players and developers make profits on the second-hand NFT market, the blockchain community has also largely expanded the coverage of NFT to include various types of digital assets and prosperous virtual economic activities. Traditional online economic activities rely on centralized companies that offer trust and technologies. Although blockchain has already developed several financing channels, such as ICO, IFO and IEO, the use cases are still very limited. NFT has greatly expanded the additional properties of blockchain, such as uniqueness, ownership, and liquidity. With the help of NFT, blockchain has rapidly expanded its scope of application. This allows everyone to be linked to a specific event, just like in our real life. The storage method of NFT plays a pivotal part in realizing this vision. While FT (Fungible Token) can be stored on the blockchain due to the smaller amount of data volume, NFT requires an equally reliable storage method.

Let’s take buying tickets – a common economic activity, as an example. When buying tickets in the conventional market, consumers must trust the third party that provides the service. Therefore, consumers are at risk of being deceived or purchasing invalid tickets. These tickets may be fake, forged, or can be cancelled. In extreme cases, the same ticket may be sold multiple times, or non-transferrable tickets are traded in the market.

NFT-based tickets issued by the blockchain can prove the right to join any sports or cultural activities. NFT benefits from the fact that problems such as double spending, tampering and forgery have already been solved on blockchain in the FT stage. The uniqueness of the distributed ledger gives NFT tickets a clear advantage over traditional tickets. An NFT-based ticket is unique and cannot be tampered, which means that the ticket holder cannot resell the ticket after it has been sold. NFT, a blockchain-based smart contract, provides a transparent ticket trading platform for consumers, event organizers and other stakeholders. Consumers can buy and sell NFT tickets through smart contracts without relying on any third party.

It is equally important to store the corresponding media data of the NFT. High-value transactions must be protected by infrastructure with greater security. With the growing diversification and complexity of NFT forms, the NFT storage industry will also grow in parallel with the development of projects in the NFT ecosystem.

4.4 Protecting Digital Intellectual Property

Digital collectibles cover a variety of categories – trading cards, wine, digital images, videos, virtual real estates, domain names, diamonds, cryptocurrency stamps, intellectual property and other physical objects. Let’s take the art industry as an example. To start with, artists who are following traditional approaches have very few channels to display their works. Access to traditional channels requires capital and network, as well as a lot of energy. Due to lack of attention, the prices cannot reflect the true value of the artworks. Even when the works are published on social networks, they will be charged by platforms and advertisers for intermediary fees and advertising fees.

NFTs can convert their works into a digital format with comprehensive benefits. Artists do not have to hand over ownership and content to agents, which implies the possibility of higher profits. Typical examples include Mad Dog Jones’ REPLICATOR sold for $4.1 million, Grimes’s works sold for a total of about $6 million, and other crypto works from other great digital artists, such as the well-known Beeple and Trevor Jones. NFT has done a good job in protecting the property rights whereas the corresponding contents such as metadata and media data are not yet well protected by secure and reliable storage protocols – this is something Memo and other decentralized storage systems have a high hope to solve.

In addition, artists cannot obtain copyright royalties from the future sales of their works under the traditional model. In contrast, NFTs can be programmed so that the artist will receive a predetermined royalty fee each time his digital work is traded in the market. This is an effective way to manage and protect digital masterpieces. On top of that, some platforms, such as Mintbase and Mintable, have even established tools to support ordinary people to easily create their own NFT works.

The media data of the digital collectibles is actually the NFT itself. The NFT would be meaningless if the ownership and royalty rights of the work lose their value. Traditional collection activities often come with higher storage costs. Collection in the digital age obviously requires better storage solutions.

In order to realize the development of the above-mentioned NFT storage applications, a series of obstacles must be removed, just like any other new technologies. This article discusses some typical challenges faced by NFT such as system-related issues caused by the Bitcoin-based platforms and human factors such as regulatory, policy-wise and social impact, from the perspectives of availability, security, regulation, and scalability.

5.1 Availability

Availability refers to the process of measuring the effectiveness, efficiency and satisfaction of users when testing a specific product. Most NFT projects are built on Ethereum. Therefore, it is rather evident that the main shortcomings of Ethereum have been inherited. We will discuss three main challenges that have a direct impact on the user experience.

1. Scarce Redundancy MechanismThrough the aforementioned analysis, NFTs currently use centralized data centers and IPFS for storage. However, the redundancy mechanisms of these two methods are not very reliable. Centralized data centers usually make multiple copies of files for redundancy, which is costly. IPFS does not have a self-running redundancy method. Although the CID corresponding to each file is broadcast across the entire network, the data of the file itself is stored locally on the node, and relies on other nodes for spontaneous back-up. Filecoin as the incentive layer of IPFS has not fulfilled the mission of incentivizing nodes for backup either – most of the data stored in the network nodes are just for the sake of incentives and therefore invalid. The MEFS developed by Memo uses a storage method that combines multiple copies and erasure codes, together with data slicing storage and risk-aware repair technology to achieve
2. Slow in ConfirmationNFTs usually send transactions to smart contracts to make the management of activities such as minting, selling and exchange transparent and trustworthy. However, current NFT systems are tightly coupled with their underlying blockchain platforms, which makes their performance very poor. The speed of Bitcoin is only 7TPS and Ethereum can only offer 30TPS, which has made the confirmation of NFTs extremely slow.Solving this problem requires a redesign of the blockchain topology, optimization of its structure or improvement of the consensus mechanism. The existing blockchain systems cannot meet these requirements. This has also led to the fact that complex metadata and “huge” amount of media data are stored in off-chain systems.
3. High Gas ExpensesThe high gas expenses have become a major problem of NFT, especially when it comes to large-scale minting of NFTs where the metadata needs to be uploaded onto the blockchain network.  Each NFT-related transaction is more expensive than simple transfers because smart contracts involve computing resources and storage. Complicated process, high pressure from communication congestion and expensive fees have considerably restricted the widespread application of NFTs. In most cases, the costs for producing an NFT are much higher than the current value of the NFT. Storing NFT-related data off-chain as much as possible is currently the mainstream solution to address this serious imbalance. Yet it also brings various risks.

5.2 Storage Security and Privacy

Data from users is the top priority of any system. For the data that is stored off-chain while associated with the tags on the blockchain, there are risks of losing contact between the two or being abused by malicious parties.

1. Inaccessibility of NFT DataIn mainstream NFT projects, most of the encrypted hash values ​​are used as identifiers instead of real media data.  They are then recorded on the blockchain to lower of consumption of gas. However, the possibility of losing or damaging the original files makes users feel insecure about NFT. Some NFT projects have begun to cooperate with specialized file storage systems, such as IPFS, which allows users to address contents through hash values. As long as there is someone on the IPFS network taking care of it, users can always obtain the corresponding contents that matches the hash value.  Nevertheless, such a system still has inevitable flaws. When users upload NFT metadata and media data to IPFS nodes, there is no guarantee that their data will be replicated in all nodes. The data is stored on IPFS, and there may be only one node hosting the contents, with no back-up on any other node. If the only node storing it is disconnected from the network, the data may become unavailable. DECRYPT.IO and CHECKMYNFT.COM have reported this problem, and Memo is also trying to use the self-developed MEFS system to make up for this defect in IPFS.

   In addition, an NFT may also point to the wrong file address. If this is the case, the user cannot prove that he actually owns the NFT. All in all, relying on an external system as the core component of the NFT system will always be vulnerable.

2. Anonymity/PrivacyMost NFT transactions rely on their underlying Ethereum platforms, which only provides pseudo-anonymity rather than strict anonymity or privacy. Users can partially hide their identities. If the connection between the real identity and the corresponding address is known to the public, all activities of the user under the compromised address can be observed. The existing privacy protection solutions, such as homomorphic encryption, zero-knowledge proofs, ring signatures, and multi-party calculations, have not been applied to NFT-related solutions on a large scale due to their complex encryption primitives and security assumptions.

   Similar to other types of blockchain-based systems, reducing expensive computing costs has become the key to protecting the security and privacy of NFT data.

5.3 Regulatory Policies

Similar to most cryptocurrencies, NFTs also face obstacles such as strict regulation from the regulatory authorities. Meanwhile, how to properly regulate this new technology in the corresponding market is also a challenge. This article tackles this topic from two typical aspects.

1. Legal AspectThe legal and policy issues faced by NFTs cover a wide range of areas. Potentially relevant areas include commodities, cross-border transactions, KYC (Know Your Customer) data, and so on. Before entering the NFT field, it is very important to have a proper understanding of the relevant regulatory review and litigation. In some countries, the legal requirements for cryptocurrency are very strict, and the same is true for NFT sales. Regulatory difficulties are something one cannot circumvent when minting, trading, selling, or buying NFTs. Legally speaking, users can only trade derivatives such as stocks and NFTs on authorized exchanges. Some other countries, such as Malta and France, are trying to implement appropriate laws to regulate the service of digital assets. They require buyers to follow complex and even contradictory terms. Therefore, conducting due diligence becomes a mandatory step before investing in NFT assets.

   Taxable property. Products related to intellectual property, including art, books, domain names, etc., are considered taxable property under the current legal framework. However, NFT sales are not yet included. Although a few countries, such as the United States, levies cryptocurrencies as property, most regions in the world have not yet considered the taxation of crypto assets. This may greatly increase the number of financial crimes under the cover of NFT transactions to avoid taxation by the corresponding regional governments. Individual participants are taxed based on any capital gains related to NFT property. In addition, transactions such as NFT-for-NFT, NFT-for-IP, and Eth-for-NFT should all be taxed. Apart from this, higher tax rates should be applied to high-margin property or collectibles. It is therefore recommended that NFT-related industries seek more advice from professional tax departments after the profound changes.

5.4 Scalability

The scalability of the NFT solutions covers two aspects. The first is to emphasize whether a system can interact with other ecosystems; the second point is whether the NFT system can be updated when the current version is abandoned.

1. NFT InteroperabilityThe existing NFT ecosystems are isolated from each other. Once users choose a type of product, they can only trade them within the same ecosystem – this is restricted by the underlying blockchain platform. At present, if someone wants to make transactions across different ecosystems, he needs to do this through a third-party transaction platform similar to Opensea. Breaking away from the trust institution of the original blockchain platform will increase the cost of trust. Interoperability and cross-chain communication have always been a barrier for the widespread promotion of dApps, and cross-chain communication can only be achieved with the help of external trust parties. In this way, the quality of decentralization will inevitably be undermined to some extent.

   Fortunately, most NFT-related projects use Ethereum as their underlying platform. This means that they share a similar data structure and can make exchanges under the same rules. Differnet NFT projects have differnet storage methods. How to build a unified risk structure while maintaining decentralization is an important topic for future.

2. Updatable NFTs

   Transitional blockchains generally update their protocols through soft forks and hard forks, which illustrates the difficulties and trade-offs in updating existing blockchains. Despite being a generic model, the new blockchains still have strict requirements, such as tolerating specific confrontational behaviors and staying online during the update process. NFT programs rely heavily on the underlying platforms and have to keep consistent with them. Although the data is usually stored in separate components (such as IPFS and MEFS file systems), the most important logic and tokeId are still recorded on the blockchain, and it will be necessary to update the system appropriately.