NFTLock.

CE4153 - Blockchain Tech
undefined imageundefined hover imageundefined imageundefined hover image
image

overview

A Decentralised App (DApp) that "locks" and "unlocks" ERC721 tokens preventing owners from losing their precious NFTs from malicious smart contracts.

role

Full Stack Engineer, Smart Contract Engineer, UI Designer

timeline

August 2022 to October 2022

team

Yap Wee Jun and Zhao Chen Xuan Joe

tech used

React, Solidity, OpenZeppelin, HTML, CSS

Background

Why a DApp to protect NFTs?

NFTs hold significant monetary value, ranging anywhere from USD 100 to USD 100,000. However, due to the negligence of wallet owners, these NFTs are lost within the click of a button. Therefore, there is a need for means to actively safeguard these NFTs.

Why do NFT owners fall pray to malicious smart contracts?

1) The recommended safe hot and cold wallet practices are not adhered to.

2) Most NFT holders cannot interpret/understand smart contracts.

3) NFT holders do not have the time to go interpret all smart contracts that they sign daily.

Solution

NFTLock🔒.

A simple intuitive DApp to "lock" and "unlock" NFTs held in a wallet with the click of a button.

We focused our solution on Ethereum tokens, specifically ERC721 tokens, as Ethereum is home to the most expensive NFT collections. We deployed this implementation on Görli Testnet.

How would this solution benefit the NFT space?

1) It would reduce cases of NFT theft that occur via malicious smart contracts.

2) It would promote a safe and secure environment to learn and experiment without expensive lessons.

3) It would welcome more investors into the Web3/NFT space, as the space has a bad reputation for scams and rug pulls.

Smart Contract.

The smart contract "locks" NFTs by sending NFTs to the contract address and "unlocks" NFTs by sending NFTs back to the owner wallet, similar to staking mechanisms.

Given our tight deadlines for the semester, we were only able to up with the aforementioned implementation, but we know we can do better.

The Web3 world is meant to be a trustless environment, and what better way to achieve this than to "lock" NFTs within owner wallets eliminating the need for trust.

ShogunSamurai Staking Contract.

This contract enabled NFTs to be non-transferable in its "staked" state within the owner wallet, however it was an inefficient contract due to multiplier logics within staking rewards. I plan to modify this contract to meet the goals of this project, while making it efficient.

NFTs "staked" with the help of this contract could be listed on secondary marketplaces, but the transaction to complete the sale would fail due to the non-transferable state of the NFT. This can lead to the manipulation of NFT collection floor prices, as the collections floor prices can be far lesser than the lowest actual buyable NFT price.

I plan to deploy a more efficient and improved version of our "locking" contract implementing this logic.

Code References:

ShogunSamurai Staking Contract.filmakarov's Locking Implementation.OwlOfMoistness' Locking Implementation.

Smart Contract Issues.

Token address were not stored within the contract. This meant that tokens of the same IDs but different NFT collections would not be able to "lock"/"unlock" on command.

Storing these token IDs along with the token address of the NFT collections would help to prevent the occurance of this edge case, along with the predefined struct within the "locking" contract.

Fixes⚒️.

Coming soon!!!

Reflection

To the Mooon🌖!!!

A fully functional NFT "locking" DApp would be revolutionary to the space, especially considering that this DApp will the first of its kind.

Working on this project was a lot of fun and interesting because I am already invested in the NFT/Web3 space. The deadline to complete this project was tight, but we managed to make it work.

I have seen countless friends of mine in the NFT/Web3 space fall prey to scams and malicious contracts, and without doubt many more will too. I want to put a stop to this endless cycle by continuing to work on this project until it is a usable solution. It is something that the space desperately needs.

Also, don't sign up for CE4153 at NTU 🤢.