Date Published: August 31, 2023
Comments Due:
Email Questions to:
Author(s)
Peter Mell (NIST), Dylan Yaga (NIST)
Announcement
Non-fungible token (NFT) technology provides a mechanism to sell and exchange both virtual and physical assets on a blockchain. While NFTs are most often used for autographing digital assets (associating one’s name with a digital object), they utilize a strong cryptographic foundation that may enable them to regularly support ownership-transferring sales of digital and physical objects. For this, NFT implementations need to address potential security concerns to reduce the risk to purchasers.
This publication:
- Describes NFT technology
- Identifies 11 properties that should be provided by most correctly functioning and secured NFT implementations
- Discusses 27 potential security issues
NIST requests feedback on the technical description, the properties for NFT implementations, the security analysis of those properties, and the enumeration of the potential security issues.
NOTE: A call for patent claims is included on page ii of this draft. For additional information, see Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.
Non-fungible token (NFT) technology provides a mechanism to enable real assets (both virtual and physical) to be sold and exchanged on a blockchain. While NFTs are most often used for autographing digital assets (associating one’s name with a digital object), they utilize a strong cryptographic foundation that may enable them to regularly support ownership-transferring sales of digital and physical objects. For this, NFT implementations need to address potential security concerns to reduce the risk to purchasers. This publication explains NFT technology and then identifies and discusses a list of 27 potential security issues. All of the identified issues can be addressed through use of a systematic security approach that promotes a secure design and implementation.
Non-fungible token (NFT) technology provides a mechanism to enable real assets (both virtual and physical) to be sold and exchanged on a blockchain. While NFTs are most often used for autographing digital assets (associating one’s name with a digital object), they utilize a strong cryptographic...
See full abstract
Non-fungible token (NFT) technology provides a mechanism to enable real assets (both virtual and physical) to be sold and exchanged on a blockchain. While NFTs are most often used for autographing digital assets (associating one’s name with a digital object), they utilize a strong cryptographic foundation that may enable them to regularly support ownership-transferring sales of digital and physical objects. For this, NFT implementations need to address potential security concerns to reduce the risk to purchasers. This publication explains NFT technology and then identifies and discusses a list of 27 potential security issues. All of the identified issues can be addressed through use of a systematic security approach that promotes a secure design and implementation.
Hide full abstract
Keywords
blockchain; definition; ERC-721; non-fungible token; properties; security; smart contract
Control Families
None selected
