ERC-721 Nonce Extension
The ERC-5008 proposal suggests adding a nonce function to ERC-721 tokens to prevent attacks on NFT marketplaces. When users transfer an NFT to another wallet and then back to the original wallet, it can reactivate an order and list the token at a much lower price than intended. The addition of a nonce property to ERC-721 tokens would change the nonce when a token is transferred, allowing orders to be checked to avoid attacks. The proposal also suggests creating a standard for art NFTs, allowing artists to maintain a connection with the Ethereum blockchain and their fans who purchase their tokens. This would involve designating an original NFT and printed editions with signatures in a trustless manner, providing a standard method for designating the original and limited-edition prints with signatures from the artist. ERC-721 compliant contracts may implement this ERC for editions.
Video
Original
Abstract
This standard is an extension of ERC-721. It proposes adding a nonce
function to ERC-721 tokens.
Motivation
Some orders of NFT marketplaces have been attacked and the NFTs sold at a lower price than the current market floor price. This can happen when users transfer an NFT to another wallet and, later, back to the original wallet. This reactivates the order, which may list the token at a much lower price than the owner would have intended.
This EIP proposes adding a nonce
property to ERC-721 tokens, and the nonce
will be changed when a token is transferred. If a nonce
is added to an order, the order can be checked to avoid attacks.
Specification
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY" and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
/// @dev the ERC-165 identifier for this interface is 0xce03fdab. interface IERC5008 /* is IERC165 */ { /// @notice Emitted when the `nonce` of an NFT is changed event NonceChanged(uint256 tokenId, uint256 nonce); /// @notice Get the nonce of an NFT /// Throws if `tokenId` is not a valid NFT /// @param tokenId The id of the NFT /// @return The nonce of the NFT function nonce(uint256 tokenId) external view returns(uint256); }
The nonce(uint256 tokenId)
function MUST be implemented as view
.
The supportsInterface
method MUST return true
when called with 0xce03fdab
.
Rationale
At first transferCount
was considered as function name, but there may some case to change the nonce
besides transfer, such as important properties changed, then we changed transferCount
to nonce
.
Backwards Compatibility
This standard is compatible with ERC-721.
Test Cases
Test cases are included in test.js.
Run:
cd ../assets/eip-5008 npm install npm run test
Reference Implementation
See ERC5008.sol
.
Security Considerations
No security issues found.
Copyright
Copyright and related rights waived via CC0.
Adopted by projects
Not miss a beat of EIPs' update?
Subscribe EIPs Fun to receive the latest updates of EIPs Good for Buidlers to follow up.
View all