Skip to content

Make base URI final after revealing.#20

Open
yspreen wants to merge 1 commit intoHashLips:mainfrom
yspreen:patch-1
Open

Make base URI final after revealing.#20
yspreen wants to merge 1 commit intoHashLips:mainfrom
yspreen:patch-1

Conversation

@yspreen
Copy link

@yspreen yspreen commented Dec 20, 2021

hey guys. it seems like a lot of NFTs in the wild are copying the code from the tutorials and IMO it would be great to lead by a strong example!
currently, the NFT contract supports overriding of the base URI at any time. this makes NFTs untrustworthy bc you're at the mercy of the initial creator to not change any of the metadata. what do you think about only allowing metadata to be set once, exactly when the reveal happens? that way a) the base uri is hidden before reveal ( #19 ) and b) I'd take a similar 'only once' logic inside that method to make sure the baseURI can only be set once initially. cheers!

https://twitter.com/TheRaccoonSS/status/1434952984857911300?s=20

https://discord.com/channels/889036571385409556/889645060243726427/922275079017099294

@yspreen yspreen changed the title Make base URI final after minting. Make base URI final after revealing. Dec 20, 2021
@aalmada
Copy link

aalmada commented Jan 1, 2022

I have mixed feelings about this. I understand that the URI should not be at the mercy of the creator but, at the same time, I'm really afraid of messing up when setting the URI. Also, what if the metadata needs to be relocated for some reason?
What are the general opinions about this?

@aalmada aalmada mentioned this pull request Jan 1, 2022
Closed
@laygir
Copy link

laygir commented Jan 1, 2022
edited
Loading

Same here. While I certainly agree with the concerns around this, I fear people would likely mess up when setting the URI. I did test this PR myself and already on a few occasion I set it wrong because I forgot the trailing slash.

thinking out loud a few options here;

  • Token owners could vote by calling a method and reach a consensus to lock the baseURI after the reveal.
  • baseURI could be locked at reveal time but in case an update is required or was mis-submitted, the contract owner could propose/announce a new baseURI and proposed baseURI could only be overridden if a certain amount of votes of token owners could be reached.
  • OpenSea seem have something for this in their docs. Never used it before, so not sure exactly how it works or if there are any side effects to it. (https://docs.opensea.io/docs/metadata-standards#freezing-metadata)

event PermanentURI(string _value, uint256 indexed _id);

After a PermanentURI event is emitted by an NFT smart contract, no one should be allowed to change the URI for the specific token ID again. More information is available in our docs. Like most standards in crypto, this is an ongoing development and subject to change based on community feedback.

*just throwing ideas out, might be unnecessarily complex 😎

@aalmada
Copy link

aalmada commented Feb 3, 2022

Here's a good read about honest NFT drops: https://medium.com/@convexlabs/list/audits-b3e5850ae79f

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yspreen @aalmada @laygir