Concerns Raised on Labeling of Transactions Due to the Opensea NFT Gifting Feature
The new “gifting” function on the top NFT marketplace OpenSea is producing uncertainty about mislabeled transactions, which predatory NFT traders may have the opportunity to take advantage of.
During the purchase process on OpenSea, NFTs, which are unique blockchain tokens that denote ownership of digital things, can now be transmitted directly to any wallet. This was not previously possible. Traders can now acquire a non-fungible token (NFT) with Ethereum from one wallet while simultaneously delivering the NFT to another wallet as part of a single transaction.
And on some third-party wallet trackers — trading apps that keep tabs on NFT items purchased by celebrities and influential individuals — a new feature that was launched on Friday makes it look like the gift recipient bought the NFT for themselves. This was done by making it appear as though the recipient purchased the NFT for themself.
According to a tweet by the pseudonymous founder of Metaverse HQ, known only as “JakeandBake,” the functionality is purportedly already being “exploited” to make it look like famous people and influencers like Gary Vaynerchuk are purchasing NFTs from various collections.
Opensea implemented a new feature and it's being exploited.
You can buy an item on behalf of a different wallet address.
— Jake (@JakeAndBakeNFT) July 31, 2022
Although this may not be a worry for casual NFT traders, it may cause sophisticated traders who watch the buying activity of celebrities and other influential people to be deceived into purchasing specific collections.
Some non-traditional traders (NFT traders) buy and sell assets based on what “smart money” traders are doing and replicate them. This is especially the case when someone with a large fan base, such as Gary Vaynerchuk, buys in a collection.
Vaynerchuk expressed his frustration on Twitter, writing,
“Ugh—first [please]—no one ever buy anything f simply cause I do,” adding that he hoped the problem would be “fixed.”
“Don’t buy based on me,” was the overarching theme of his advice.
Ugh – first pls -no one ever buy anything f just cause I do, I buy what I like and 99.99% for long term hodl while for some flipping is their intent .. #2 I hope we can get this slighted addressed so people don’t get fooled – that said, pls for the 1000 time don’t buy based on me
— Gary Vaynerchuk (@garyvee) July 31, 2022
Farokh Sarmad, an influential member of the NFT community, shared similar concerns regarding the new feature. He wrote, “Yo that’s actually the worst update I’ve ever seen wtf,” which translates to “what the hell.”
In an email given to Decrypt yesterday, a representative of OpenSea recognized the vulnerability. However, the official highlighted that the issue is “not an exploit” and is “the result of data misinterpretation.”
It was stated by the firm in a tweet that it appears third-party wallet trackers are incorrectly identifying these actions as purchases made by the recipient of the gift.
The business also admitted that it “should have done a better job providing third-party apps and developers a heads up,” given that this necessitates a modification to the manner in which those apps and developers show transaction data. This task is being done by us right now.”
We could have done a better job giving 3rd party apps & developers a heads up, as this requires a tweak to the way they display transaction data. We’re doing this work now.
— OpenSea (@opensea) August 1, 2022
Ninjalerts, an aggregator of “the most important NFT buyers,” according to the company’s Twitter feed, claims that its data is still accurate despite the new functionality that OpenSea has introduced.
Yesterday, the CEO of Ninjalerts, trevor.btc, tweeted that this statement was not accurate. We do not rely on the OpenSea API and instead look at the raw data from the blockchain. The vulnerability will only affect wallet trackers that rely on the OpenSea API.
Another NFT wallet tracker, Moby Insights, has stated that it has already developed a fix in reaction to the newly added functionality. A representative from the platform stated on Twitter that “the way we read transfers from the chain still allowed it to be exploited.” [Citation needed] “The cure for it was just made available by us.”
This is not the first time that concerns have been raised regarding OpenSea’s API. Due to a fault in the user interface, opportunistic buyers were able to take advantage of an older listing price for Bored Ape Yacht Club NFTs in January. These prices were not clearly shown on the website.
Why are NFTs Hidden On OpenSea
As per OpenSea, they will automatically shift a transferred NFT to the Hidden tab if we have any reason to believe that it might be malicious. This is done to protect our users. You won’t see the item in the Collected section of your inventory, and the transfer won’t show up in the activity feed.
Is There a Collection Limit on Opensea?
Mega-successful projects such as the Bored Ape Yacht Club and other PFP collections have amassed around 10,000 NFTs; however, with its latest update, OpenSea has decided to restrict each user to five collections totaling no more than 50 NFTs (or 250 in total), and this restriction will go into effect as soon as possible. Jan 28, 2022