{"id":2586,"date":"2022-04-09T12:48:00","date_gmt":"2022-04-09T12:48:00","guid":{"rendered":"https:\/\/odwstage.com\/omniatech\/?p=2586"},"modified":"2023-05-21T21:49:01","modified_gmt":"2023-05-21T21:49:01","slug":"nfts-and-off-chain-security","status":"publish","type":"post","link":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/","title":{"rendered":"NFTs and off-chain security"},"content":{"rendered":"<\/span> 3<\/span> min read<\/span><\/span>\n

The public nature of blockchain technology means that while every address within a network is pseudonymous, a record of every transaction each address has ever conducted can be easily accessible.<\/p>\n\n\n\n

Blockchains like Ethereum and BNB Chain maintain public, accurate records of every transaction conducted, which means that anyone can easily find someone\u2019s transaction history. What keeps users\u2019 privacy is that addresses are long alphanumeric strings with no ties to their identities. This pseudonymity can be easily broken once their identity is linked to their blockchain address.<\/p>\n\n\n\n

It can happen voluntarily. For example, when registering with cryptocurrency exchanges, users have to go through know-your-customer (KYC) and anti-money laundering (AML) checks before accessing trading on the platform. Once they deposit funds, their address is linked to their identity, although only the exchange is aware of the link.<\/p>\n\n\n\n

It can also happen involuntarily when users accidentally leak some of their information and blockchain sleuths connect the dots. By nature, non-fungible tokens (NFTs) are fundamentally unique and identifiable, which means that if someone is linked to having an NFT, their wallet address and identity may be exposed.<\/p>\n\n\n\n

Leaking identifiable information through NFTs<\/h1>\n\n\n\n

A great example of leaking information accidentally comes from Jimmy Fallon. When American actor and comedian Jimmy Fallon showed off<\/a> his Bored Ape NFT on national television, he unknowingly revealed his own Ethereum wallet address<\/a>. However, not every NFT user is a celebrity, but most use social media platforms that support NFTs, such as Twitter.<\/p>\n\n\n\n

While having a wallet address exposed isn\u2019t a significant concern in many cases, it may be once NFTs start being used for more sensitive issues such as homeownership or medical records.<\/p>\n\n\n\n

As it\u2019s possible to send NFTs to any address on the blockchain, attack vectors open up. Earlier this year, the founder of OMNIA Protocol, Alex Lupascu, exposed a privacy vulnerability in the cryptocurrency space that could have affected over 21 million people \u2014 all MetaMask\u2019s users.<\/p>\n\n\n\n

The vulnerability allowed an attacker to get a target\u2019s IP address by transferring free ownership of that NFT to it. The hacker could spend as little as $50 to mint and send the NFT in a bid to leak someone\u2019s IP address.<\/p>\n\n\n\n

As Lupascu, later on, put it, malicious actors can then use the IP address to create physical threats, which taking into account that they know the person\u2019s addresses and wealth, can involve extortion, theft, and kidnapping.<\/p>\n\n\n\n

Lupascu\u2019s research made numerous headlines, including from leading industry publications like Yahoo Finance<\/a> and Cointelegraph<\/a>, and forced MetaMask, a product owned by ConsenSys, to act to protect its users.<\/p>\n\n\n\n

Maintaining off-chain privacy<\/h1>\n\n\n\n

As we have previously seen, there are differences between off-chain and on-chain privacy.<\/a> To maintain privacy, users often turn to mixers and other methods, which work to a certain degree for on-chain privacy. Off-chain privacy is often dismissed.<\/p>\n\n\n\n

Whenever we issue a transaction, we first sign it with the private key corresponding to the address we control, proving to other network participants that we own the address making the transaction.<\/p>\n\n\n\n

The signed transaction is then submitted to a node that validates it. At this point, the unconfirmed transaction can be seen on network explorers as nodes output the transaction ID. A miner node then accepts the transaction and maintains it in a pool before being included in a block.<\/p>\n\n\n\n

Consequently, users\u2019 metadata, IP addresses, and other critical information can be available to the public throughout this process. Linking this metadata with owners of NFTs and additional identifiable information, as seen above, can lead to dire consequences.<\/p>\n\n\n\n

The OMNIA Protocol addresses the critical information being leaked and stops bots and other malicious actors from figuring out which transactions belong to who. OMNIA boosts users\u2019 off-chain privacy by leveraging private mempools, which are private endpoints between users and miners, Flashbots, and more.<\/p>\n\n\n\n

Holding $OMNIA and using the protocol allows users to boost their off-chain privacy and protect themselves against frontrunning and being targeted for their NFTs. The protocol leverages mixnets to enhance privacy in a manner similar to the one leveraged by the Tor browser to provide a 3-hop circuit designed to protect user privacy.<\/p>\n\n\n\n

Omnia augments mixnets through state-of-the-art methods to obfuscate traffic. It also injects decoy traffic to guarantee users\u2019 privacy. On top of that, it\u2019s working on integrating private gateways for the Interplanetary File System (IPFS) for secure accessing NFT content.<\/p>\n","protected":false},"excerpt":{"rendered":"

<\/span> 3<\/span> min read<\/span><\/span> The public nature of blockchain technology means that while every address within a network is pseudonymous, a record of every transaction each address has ever conducted can be easily accessible. Blockchains like Ethereum and BNB Chain maintain public, accurate records of every transaction conducted, which means that anyone can easily find someone\u2019s transaction history. What […]<\/p>\n","protected":false},"author":6,"featured_media":2587,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[794],"tags":[512,514,132,291,127,175,515,513],"class_list":["post-2586","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-privacy-security","tag-blockchain-privacy","tag-identity-linking","tag-mixnets","tag-nfts","tag-off-chain-privacy","tag-omnia-protocol","tag-privacy-vulnerability","tag-pseudonymity"],"acf":[],"wbAuthor":{"name":"John P. Njui","link":"https:\/\/omniatech.io\/pages\/author\/john-p-njui\/"},"wbDate":"Apr 9, 2022","wbCategories":{"space":"Privacy & Security<\/a>","coma":"Privacy & Security<\/a>"},"wbComment":0,"yoast_head":"\nNFTs and off-chain security - OMNIA<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NFTs and off-chain security - OMNIA\" \/>\n<meta property=\"og:description\" content=\"3 min read The public nature of blockchain technology means that while every address within a network is pseudonymous, a record of every transaction each address has ever conducted can be easily accessible. Blockchains like Ethereum and BNB Chain maintain public, accurate records of every transaction conducted, which means that anyone can easily find someone\u2019s transaction history. What […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/\" \/>\n<meta property=\"og:site_name\" content=\"OMNIA\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-09T12:48:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-21T21:49:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"720\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"John P. Njui\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"John P. Njui\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/\",\"url\":\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/\",\"name\":\"NFTs and off-chain security - OMNIA\",\"isPartOf\":{\"@id\":\"https:\/\/omniatech.io\/pages\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp\",\"datePublished\":\"2022-04-09T12:48:00+00:00\",\"dateModified\":\"2023-05-21T21:49:01+00:00\",\"author\":{\"@id\":\"https:\/\/omniatech.io\/pages\/#\/schema\/person\/2682d62587c147166297ebbfd5e8e43d\"},\"breadcrumb\":{\"@id\":\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#primaryimage\",\"url\":\"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp\",\"contentUrl\":\"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp\",\"width\":720,\"height\":360},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/omniatech.io\/pages\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NFTs and off-chain security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/omniatech.io\/pages\/#website\",\"url\":\"https:\/\/omniatech.io\/pages\/\",\"name\":\"OMNIA\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/omniatech.io\/pages\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/omniatech.io\/pages\/#\/schema\/person\/2682d62587c147166297ebbfd5e8e43d\",\"name\":\"John P. Njui\",\"url\":\"https:\/\/omniatech.io\/pages\/author\/john-p-njui\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NFTs and off-chain security - OMNIA","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/","og_locale":"en_US","og_type":"article","og_title":"NFTs and off-chain security - OMNIA","og_description":"3 min read The public nature of blockchain technology means that while every address within a network is pseudonymous, a record of every transaction each address has ever conducted can be easily accessible. Blockchains like Ethereum and BNB Chain maintain public, accurate records of every transaction conducted, which means that anyone can easily find someone\u2019s transaction history. What […]","og_url":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/","og_site_name":"OMNIA","article_published_time":"2022-04-09T12:48:00+00:00","article_modified_time":"2023-05-21T21:49:01+00:00","og_image":[{"width":720,"height":360,"url":"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp","type":"image\/webp"}],"author":"John P. Njui","twitter_card":"summary_large_image","twitter_misc":{"Written by":"John P. Njui","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/","url":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/","name":"NFTs and off-chain security - OMNIA","isPartOf":{"@id":"https:\/\/omniatech.io\/pages\/#website"},"primaryImageOfPage":{"@id":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#primaryimage"},"image":{"@id":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#primaryimage"},"thumbnailUrl":"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp","datePublished":"2022-04-09T12:48:00+00:00","dateModified":"2023-05-21T21:49:01+00:00","author":{"@id":"https:\/\/omniatech.io\/pages\/#\/schema\/person\/2682d62587c147166297ebbfd5e8e43d"},"breadcrumb":{"@id":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#primaryimage","url":"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp","contentUrl":"https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp","width":720,"height":360},{"@type":"BreadcrumbList","@id":"https:\/\/omniatech.io\/pages\/nfts-and-off-chain-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/omniatech.io\/pages\/"},{"@type":"ListItem","position":2,"name":"NFTs and off-chain security"}]},{"@type":"WebSite","@id":"https:\/\/omniatech.io\/pages\/#website","url":"https:\/\/omniatech.io\/pages\/","name":"OMNIA","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/omniatech.io\/pages\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/omniatech.io\/pages\/#\/schema\/person\/2682d62587c147166297ebbfd5e8e43d","name":"John P. Njui","url":"https:\/\/omniatech.io\/pages\/author\/john-p-njui\/"}]}},"uagb_featured_image_src":{"full":["https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp",720,360,false],"thumbnail":["https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ-150x150.webp",150,150,true],"medium":["https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ-300x150.webp",300,150,true],"medium_large":["https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp",720,360,false],"large":["https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp",720,360,false],"1536x1536":["https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp",720,360,false],"2048x2048":["https:\/\/omniatech.io\/pages\/wp-content\/uploads\/2023\/05\/1_2yY2V6ComKYxKnZfg6b6KQ.webp",720,360,false]},"uagb_author_info":{"display_name":"John P. Njui","author_link":"https:\/\/omniatech.io\/pages\/author\/john-p-njui\/"},"uagb_comment_info":0,"uagb_excerpt":"3 min read The public nature of blockchain technology means that while every address within a network is pseudonymous, a record of every transaction each address has ever conducted can be easily accessible. Blockchains like Ethereum and BNB Chain maintain public, accurate records of every transaction conducted, which means that anyone can easily find someone\u2019s…","mfb_rest_fields":["wbAuthor","wbDate","wbCategories","wbComment","yoast_head","yoast_head_json","uagb_featured_image_src","uagb_author_info","uagb_comment_info","uagb_excerpt"],"_links":{"self":[{"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/posts\/2586"}],"collection":[{"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/comments?post=2586"}],"version-history":[{"count":1,"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/posts\/2586\/revisions"}],"predecessor-version":[{"id":2588,"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/posts\/2586\/revisions\/2588"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/media\/2587"}],"wp:attachment":[{"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/media?parent=2586"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/categories?post=2586"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/omniatech.io\/pages\/wp-json\/wp\/v2\/tags?post=2586"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}