How to keep NFTs safe

If you've recently purchased your first non-fungible token (NFT), you might be thinking about how you're going to store it safely.

Some in the NFT space feel that leaving an NFT under someone else's control can be risky. Others feel that relying on the security of a software wallet isn't a great idea either. 

So what's the best way to secure your NFTs?

Remember, there are three parts to every NFT. 

Every NFT includes:

  1. The blockchain-based token itself
  2. The metadata of that token
  3. The associated file the NFT represents. 

Using an example from the traditional art and collectibles world, these three pieces can be thought of as the proof of ownership, certificate of authenticity and artwork or collectible itself respectively.

The file an NFT represents can be anything from a special item in a play-to-earn game to a completely unique digital collectible from an emerging artist. 

It is important to recognize that these pieces of media, which are the items that people actually wish to own, are rarely stored on the blockchain itself. 

Instead creators typically store them on some sort of centralized file system somewhere on the internet. Sometimes, these files are highly secure. But oftentimes, these digital items face the same security risks that all internet files face.

How to keep NFT safe image

Secure your NFT file

In the rush to capitalize on the explosive NFT trend, many creators took shortcuts when securing the files and metadata associated with the NFTs they had sold.

Metadata simply refers to the tokenURI information that lists an NFT file's unique traits and features. These are typically JSON files that anyone can check by entering the NFT token's address into the corresponding blockchain's block explorer website. Some examples of popular block explorers include Etherscan for Ethereum-based NFTs and Solscan for Solana-based NFTs. 

From the block explorer, you may need to click "Contract" > "Read Contract", or simply "Metadata" depending on which service you use.

Because many early NFT creators may not have thought of every possibility when trying to secure their NFT metadata, many NFT owners may be at risk of losing their prized assets from accidental deletion, corruption, or fraud. 

To combat this issue, it's advisable to move your NFT's associated files to a distributed, peer-to-peer storage system.

Interplanetary File System (IPFS)

Interplanetary File System (IPFS) is among the most popular options for safely securing NFT files.

IPFS is a decentralized and distributed file storage system that allows users to store and retrieve data in a peer-to-peer manner. NFTs often point to multimedia files, such as images, videos, or audio. By default, some creators store these files on centralized servers. This practice ultimately creates a potential single point of failure and raises concerns about long-term accessibility.

To enhance the security of your NFTs, consider using IPFS to store the associated files. IPFS uses content-addressable storage, meaning each file is assigned a unique cryptographic hash based on its content. IPFS uses the same SHA-256 hashing algorithm that the Bitcoin protocol uses for its consensus mechanism.

If you want to learn more about these cryptographic techniques, you can check out our article How do cryptocurrencies use cryptography?

Once added, it's important to "pin" your NFT data. This step prevents IPFS nodes from deleting your data if they near their disk space limit. Pinning is like telling the database, 'Hey, this information is important. Don't delete it!'

Pinning can be complex to accomplish, but there are services such as Pinata and that simplify the process.

Beware of phishing scams

As with any crypto transaction, safety should be your top concern. Consider only buying, selling, and trading NFTs through reputable marketplaces that approve which collections can be listed. 

Public internet forums such as Discord or communication apps like Telegram are hotspots for scammers. It's recommended you never click on suspicious URLs or download files from unknown sources, no matter how credible they may seem.

Oftentimes, these links contain malware that infects your device and allows hackers to access any crypto wallet information you have stored on it.

Following basic security practices will help keep your NFT collection safe. Stick to trusted platforms, use cold storage, back-up data, and think twice before clicking. 

With the proper precautions, you can securely store your NFT collection for the long-term.

Store NFTs in a cold wallet

Most NFTs are stored in digital wallets, which are categorized as either hot wallets or cold wallets. Hot wallets are connected to the internet and offer convenient access for frequent trading. However, they can be more vulnerable to hacking attempts and online threats.

 On the other hand, cold wallets are offline storage devices that provide superior security.

 If you want more information on different types of crypto wallets, you can check out our article What are custodial and non-custodial crypto wallets? 

Cold wallets are seen by many to be the most secure ways to store your blockchain-based non-fungible tokens.

Cold wallets are physical devices disconnected from the internet, making them far less susceptible to hacking. Leading cold wallet manufacturers like Trezor, Blockstream Jade, Casa, and Ledger allow you to store NFTs offline. Many choose to transfer their most valuable NFTs to a cold wallet for maximum security.

If you're not actively trading or using your NFTs, you may consider moving them to a cold wallet. To transfer your NFTs to a cold wallet, you'll need to interact with your blockchain's wallet interface and initiate the transfer from your hot wallet to the cold wallet address.

Remember to keep your cold wallet's private keys and seed phrases offline and secure. Store them in a safe place, such as a physical vault or a fireproof safe, away from potential threats like theft or physical damage.

Store NFTs on-chain

Storing NFTs and metadata directly on the blockchain is emerging as a popular storage solution for creators and holders alike.

Platforms like Bitcoin and Ethereum allow you to store data permanently on-chain. This prevents metadata, like image URLs, from breaking if external, centrally maintained links go down.

Storing your NFT metadata and files on-chain guarantees it will remain intact and connected to your tokens. However, it can be costly depending on the size and number of files.

For many creators, storing entire NFT collections on-chain is not a financially practical option. When Larva Labs decided to move all 10,000 CryptoPunk NFTs onto the Ethereum blockchain in 2021, it cost them a staggering 73 million gas. And that was using a "gas-efficient" method, according to the team.

Keep your NFTs safe with Kraken NFT

With industry renowned security and customer support teams that never sleep, Kraken NFT offers a reliable place to keep your NFTs safe.

Each NFT collection is carefully vetted before it is added to the marketplace. Once you deposit your NFT on our custodial marketplace, you can rest easy knowing our SOC 2, Type 1 security practices are keeping your NFTs safe. 

Get started with Kraken NFT today.