The funny thing about the NFT space is that while blockchain is built on principles of trust and transparency, this space is so clouded and noisy that nobody can really see clearly.
There’s a reason why this space has such a bad reputation of being scammy or ponzi-esque. It’s a very wild west situation where there are huge opportunities of striking gold but also a lot of harm done within the NFT space and beyond if we aren’t careful enough. I’ve been following the tea of some major hacking incidents and alleged scams because my Netflix rotation was getting kind of boring and I’ve been conditioned to crave and consume that DRAMA, so here’s some thoughts on what I’ve seen.
Monkey Kingdom
I first heard about Monkey Kingdom because it was a Hong Kong project with a focus on Chinese lore which is honestly quite refreshing in terms of representation of non-western cultures in NFT. They created a collection of 2,222 Wukong NFTs on Solana which sold at mint for 0.49 SOL, and their floor has risen astronomically since.
More recently, they were the subject of a coordinated attack which took control of their website and discord. On 21 December, they were launching a companion collection called Baepes - 2,221 female counterparts at mint price of 0.49 SOL. The clout and hype around the original collection meant that the release of their companion collection, with the most reasonable investment thesis that if Baepes were to follow the proven trajectory, there would be a huge upside when you buy-in to the project at 0.49 SOL. Of course, there’s also a feel good element because they are donating the sale proceeds to charity.
On mint date, the hackers managed to steal an administrator account on the MK discord. The hacker posted the announcement which included a link to a fake website for mints. Within minutes people poured in to mint their Baepes and the website drained their wallets of all SOL balance. The biggest loss was up to 690 SOL from @commenstar. Of course, a 1 or 2 SOL loss can also be devastating to someone when that may be all that they had.
Subsequently, MK investigated and identified the causes of this hack and agreed to compensate and refund all victims. More details on their twitter.
While this was a #teachablemoment in discord security and wallet management best practices (always have a burner), to me this was more about the dangers of hype and fomo. Taking a step back, while the fake announcement was successfully posted in the official announcements channel, there were a lot of red flags on its legitimacy:
Phishing scams often rely on a constructed sense of urgency to manipulate victims to take immediate action despite their better judgement. In this case the scammers didn’t have to construct any of that because the amount of hype around this project was already there, and it drove dozens of people to click on the fake link, not wanting to miss out on a huge profit making opportunity. This isn’t victim blaming, this is just part of how these phishing scams work.
Even before this incident, there were allegations that the MK collection was being artificially pumped by the dev team.
Marketing is definitely important, and hype can make or break a project for sure. Valuing NFTs is not straightforward because it relies on a lot of intangible inputs like social capital, the same intangibles created by hype. But as a community, shouldn’t we think more about how this fomo culture is affecting us and our judgment?
Since the incident, MK’s floor and secondary sales seem to have recovered to a healthy level. They’ve also garnered a lot of goodwill from compensating their victims. MK repurchased all 513 Baepes minted during presale, and now there’s a thriving secondary sales market for those on Magic Eden too. MK is also releasing a follow up collection called Diamond Baepes to original holders of their core collection as appreciation. All’s good again these are all great moves to appease and reward the community.
This type of scam is not new or unique to MK, as several other high profile projects’ discords were also compromised and phishing links were posted. They were all compelling targets because these projects are highly regarded, manipulating the same fomo energy to cloud their victims’ judgement. How do we see clearly in the midst of hype?
Bejutsu
The fresh tea that just dropped is on Bejutsu - a project which claims to be releasing official licensed Naruto NFT. Naruto is a huge IP that many of us grew up with, when the artist @Jyothee first tweeted about this project on 27 November, everyone got so excited.
Earlier today, @okHotshot.eth and @truedank.eth dropped some juicy twitter threads showing their investigation into the legitimacy of this project.
TL;DR - there are many red flags that indicated the project founders @canadianClay and @Sydneyktaylor__ do not actually hold any license to produce these NFTs. All Naruto content posted on their socials have been copyright-striked by DMCA and taken down. Project founder @canadianClay then posted a neither confirm nor deny type statement:
@okHotshot.eth also hosted a twitter Space to discuss this potential scam, and artist @Jyothee joined to tell her side of the story. Many #teachablemoments.
These exposé threads were posted way before Bejutsu made official announcement on project details or put up an official website. To be fair, there was already a level of healthy skepticism around this project because honestly it’s a bit sus that two young founders relatively inexperienced in the NFT space would be able to secure a licensing contract for one of the biggest IPs in the world, or that VIZ would engage external artists for this project when they are sitting on millions of original material and the original artist is still around! This didn’t stop Bejutsu from engaging almost a dozen artists to support their project, and launching a super exclusive discord server built on twitter engagement farming.
The artists they have engaged are all mostly based outside of US, not active on twitter or in the NFT space. @Jyothee is the one with the largest exposure and presence in the NFT space, and has also played an important part to bring attention to this project. During the Spaces chat, her practices as an artist were also brought up for discussion (and mostly criticism). She did not acknowledge (at least publicly) all the red flags with Bejutsu’s license claim, promoted the project prematurely which also gained a lot of exposure for herself and her Dual Souls NFT collection. Historically, prior to Dual Souls, she made a lot of fan art and in some cases the work were copies from other artists. These fan art pieces were reposted to her twitter recently to help promote Bejutsu, and in these reposts there were no credits to original artists she referenced.
This whole situation is very upsetting to a lot of passionate artists and NFT collectors. Lying about a license claim perpetuates the narrative that NFT space is full of scams. For a space ripe for creativity and innovation, copyright infringement and using other peoples’ IPs or likeness is not just maliciously opportunistic but also lazy.
Further, for a movement that is supposedly about empowering artists, the project’s treatment of their artists and Jyothee’s own practices is also very disrespectful. This isn’t a no harm no foul case just because the mint hasn’t happened yet. The harm is already done to the community as a whole, and all the volunteer mods and artists (including Jyothee) who spent time on this project.
Another interesting topic in this case is Bejutsu’s discord practices. They kept their discord extremely exclusive, and people wanting to get in had to follow everyone involved in the project and camp for a discord invite. Engagement farming is common in the NFT space in general, with projects requesting people jump through hoops (like, retweet, tag three friends, discord invite trackers) to secure benefits like a pre-sale spot. After all, attention and exposure can be valuable currencies in this space with every project clamouring for market share. We should really be more aware of that fact and give our attention to the right people and projects.
Large Scale Plagiarism
Lastly, I want to talk about plagiarism. I’m not referring to derivative art and projects or discussing transformative use - that’s a topic for another day and probably needs a lot more research. I’m saying actual blatant plagiarism and theft.
NFTs do help to prove authenticity, but that doesn’t work when the art was stolen and minted by someone who’s not the original artist.
Marketplaces like OpenSea allow for lazy minting - and bot accounts can now list art stolen from artists’ portfolios and DeviantArt profiles for sale at no initial cost. DeviantArt has implemented their own tool to scan public blockchains for art stolen off their platform, and as of 10 December, they have already sent over 50,000 alerts to their users regarding potential art infringement in the form of minted NFTs alone. That is just insane and I really wonder what’s the volume of less visible theft not identified by DeviantArt.
On a smaller scale, there is a lack of verification process to prevent impersonators of artists listing stolen artwork for sale. Digital art is not new, and there’s a whole archive of artworks hosted online to be exploited. If the artist is no longer active or aware enough to file a claim, it’s really difficult for these thefts to be identified proactively by the marketplaces or the community.
At this rate, for every artist the NFT community uplifts, there’s another artist falling victim to theft from impersonators or thieves who will never trust the community or the technology ever again.
Some great articles for further reading:
Here’s hoping for we can all see clearer in 2022. 👁