NFT contracts explained

  • Physical property — houses, unique artwork
  • Virtual collectibles — unique pictures of kittens, collectible cards
  • “Negative value” assets — loans, burdens, and other responsibilities
  • Replace ERC721Enumerable with a counter for gas savings
  • Use ERC721A for efficient batch mints
  • Use mint instead of safeMint
  • Implement allowlists using Merkle trees
  • Upgradeable/swappable metadata contract
  • Protect against bots
  • Prevent NFT sniping
  • Other miscellaneous stuff

Replace ERC721Enumerable with a counter for gas savings

  • ERC721Metadata
  • ERC721Enumerable
  • Crypto Coven
  • Azuki

Use ERC721A for efficient batch mints

MEASUREMENTS

How was ERC721A able to achieve this kind of savings? Mainly using these optimizations:

  • Getting rid of OZ’s ERC721Enumerable
  • Updating data only once per batch instead of after every single mint
  • Using a more efficient layout for storage: if consecutive NFTs have the same owner, don’t store redundant information about the owner (store it just once for the very first owned NFT). This data can be inferred at run time by reading to the left until you find the owner info.
  • Emit just one transfer event per batch. was not part of the original ERC721A)
  • Azuki
  • goblintown
  • wagdie
  • Moonbirds

Use mint instead of safeMint

Implement allowlists using Merkle trees

Upgradeable/swappable metadata contract

Protect against bots

  1. Limit mints per wallet
  2. Check for msg.sender == tx.origin. When a contract calls your mint function, msg.sender will be the contract address but tx.origin will be the address of the person who is calling that contract.

Prevent NFT sniping

  1. Revealing your token metadata (allows the snipers to infer the rarity of a token)
  2. Minting tokens in a deterministic order (allows the snipers to infer the right time to mint the rare token)
  • Make your contract be able to withdraw any ERC-721 and ERC-20: Most of the contracts just implement ETH withdrawing functionality and forget about ERC-721s and ERC-20s. But sometimes people send arbitrary tokens to contracts either by mistake or who knows why. Add an ability to withdraw them so that they are not stuck in your contract. (For an example implementation, check the Crypto Coven contract)
  • Make your data immutable: Either create your NFTs on-chain or use a provenance hash if using off-chain rendering.
  • Pre-approve OpenSea for 0 fee listing: (outdated since Seaport). You used to be able to pre-approve the OpenSea contract so that your NFT holders don’t need to call setApproval. But with the introduction of Seaport, this is no longer necessary. (For an example implementation, check the Crypto Coven contract)

Summary

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
lunaray

lunaray

Lunaray takes a leading position in smart contract auditing and consulting service for blockchain security.