Non-fungible tokens (NFTs – digital assets which are not traded on exchanges, but instead are tokens which represent the ownership of a digital file (for example, a photo or digital art)) have exploded onto the digital asset ‘scene’ over the last 18 months or so. They are generally (but not always) built on the Ethereum blockchain. NFTs are bought and sold using cryptocurrency, but not traded on exchanges. Instead, they are purchased through specialist third party auction sites or sold/transferred privately. The terms of the smart contract (which facilitates the purchase or sale of an NFT) will dictate the extent to which any rights are passed on to a user, or not, when an NFT is transferred.
The use cases continue to expand; NFTs are being used to enter private ‘communities,’ as part of blockchain games and in e-sports markets (amongst other things). The speed of mass NFT adoption has created significant opportunity (in the wake of the increase in value of NFTs, and also allowing content creators to monetise their services by tokenising art and music) but also exposed potential for the system to be exploited. For example, the holder of an NFT may be more likely to be targeted by phishing or social engineering campaigns. The purpose would be to ultimately gain access to their wallet (and by extension, achieve the ability to transfer the token out). In addition, a content creator might find that their work is being copied or re-sold and not have an obvious ‘target’ for the enforcement of their intellectual property rights.