Non Fungible Tokens (NFTs) are becoming a standard to represent unique and valuable items, such as a piece of art, a videogame item, or other digital or physical goods, and keep track of their provenance. Thanks to blockchain technology and the power of smart contracts, NFT holders have true ownership over them, because they are the only ones who can transfer them. However, through an attack called sleepminting, an attacker is able to impersonate another person, including an artist, and create NFTs on the artist’s behalf, while still maintaining its possession, leveraging bugs in the code of the smart contract that manages the NFTs. Therefore, the attacker can cheat concerning the provenance of an NFT and then sell the fake NFTs to unaware buyers. In this paper, we propose a study that sheds light on this phenomenon. In particular, we collect over 1.3 million events that are connected to sleepminting and analyse the events under multiple aspects. The study uncovers that, by using the sleepminting attack, some users are able to create fake NFTs of popular brands, and are able to mint them to famous personalities in the NFT field, such as well known artists and collectors.

Sleepminting, the brand new frontier of Non Fungible Tokens fraud

Guidi B.
;
Michienzi A.
2022-01-01

Abstract

Non Fungible Tokens (NFTs) are becoming a standard to represent unique and valuable items, such as a piece of art, a videogame item, or other digital or physical goods, and keep track of their provenance. Thanks to blockchain technology and the power of smart contracts, NFT holders have true ownership over them, because they are the only ones who can transfer them. However, through an attack called sleepminting, an attacker is able to impersonate another person, including an artist, and create NFTs on the artist’s behalf, while still maintaining its possession, leveraging bugs in the code of the smart contract that manages the NFTs. Therefore, the attacker can cheat concerning the provenance of an NFT and then sell the fake NFTs to unaware buyers. In this paper, we propose a study that sheds light on this phenomenon. In particular, we collect over 1.3 million events that are connected to sleepminting and analyse the events under multiple aspects. The study uncovers that, by using the sleepminting attack, some users are able to create fake NFTs of popular brands, and are able to mint them to famous personalities in the NFT field, such as well known artists and collectors.
2022
9781450392846
File in questo prodotto:
File Dimensione Formato  
Sleepminting.pdf

solo utenti autorizzati

Tipologia: Versione finale editoriale
Licenza: NON PUBBLICO - accesso privato/ristretto
Dimensione 670.43 kB
Formato Adobe PDF
670.43 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11568/1159805
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? ND
social impact