Looking Under the Hood: Diligencing Non-Fungible Tokens, NFT Metadata and Smart Contracts

Sam Miller
12 min readDec 26, 2021

ART NFTs Take the Mainstream

While main-stream adoption of digital art Non-Fungible Tokens continues apace, it is not always clear what an NFT actually represents, or more specifically, what is being sold and what rights the buyer actually gets.

NFTs at Art Basel December 2021: Galerie Nagel Drexler

Christies recently held its first-ever on-chain NFT auction in collaboration with Opensea. Titled, ‘Christie’s X Opensea’ , the auction allows for collectors, through the Opensea platform “…to discover and purchase Christie’s curated NFT’s via the Ethereum blockchain…[t]he sale…[to feature]…a cutting-edge selection of NFT’s, a mix of collectibles and new 1/1’s, curated by Christies Specialist…”.

This is by no means Christies’ first foray into NFTs and its probably the most pioneering of the established fine art auction houses in the NFT space.

It is Christies that auctioned Beeple’s ‘EveryDays: The First 5000 Days for a staggering $69,346,250 in March this year, and more recently, on November 8, his ‘physical art’ video installation, ‘Human One’ for an almost-equally impressive $28,985,000.

The feature piece on the OpenSea auction is a work by another interestingly titled multi-disciplinary artist, Mad Dog Jones, aka Michael Dowback’s ‘Forever. Christies has featured Jones’s work previously, including his A Bag of Orangeswhich realized $212,500 on July 22, 2021, described as a unique work “…accompanied by a non-fungible token…”.

An Old(er) ART with a Tech Twist

These artworks really, in themselves, are nothing new.

The fine art world is no stranger to works of digital art, or ‘timed media art’, which has been curated and collected for decades, ensuring uniqueness, securing provenance and maintaining work integrity through carefully managed curation using programs, methodologies and procedures.

But what is new, is the way in which these artworks are being sold, documented and diligenced, and the prices buyers are willing to pay for them.

Attached to a digital token, with very little said or regulated as to the integrity, uniqueness and location of the underlying digital art asset, and less, it seems, about what rights in the artworks the buyers are actually receiving.

How, then, are these works’ uniqueness, substance and integrity established and confirmed for NFTs, especially given the astounding amounts being paid for them and the collection fervor that appears to be showing no signs of abating as we head into 2022?

Moreover, how can buyers diligence these digital assets to ensure that they are actually getting something sustainable, with rights in the artworks that match the astronomical sums paid.

To try answer these questions, a journey through how we verify NFTs, their connection to the image or video clip and where that image or clip is stored are, as initial steps, very much in order.

This examination is by no means limited to Christies. Other auction houses have offered, and sold digital art connected to non-fungible tokens and the examination applies equally to them, as it does to any other platform, marketplace or peer-to-peer NFT transaction.

New Tech Requires a New Kind of Diligence

Our journey, as we will see, in this diligence, involves looking under the hood of the smart contract and NFT metadata for each artwork.

For the most part (with few exception, for example works of generative art, CryptoPunks and CryptoKitties, among them) the actual work of digital art is held off the Blockchain.

Ethereum has evolved as the Blockchain of choice for NFTs, despite its pressing problems

Overloading, slow processing times and hefty gas fees needed to implement transactions, have done little to dissuade Ethereum as the ‘gold standard’ NFT location. These and its environmentally adverse ‘proof of work’ methodology present problems which the major auction houses (and the fair share of artists) have seemed quite willing to overlook.

So, to mitigate these issues, the actual works of digital art are held ‘off-chain’, through links referenced in the NFT’s smart contract.

Since this is the case, not only is it important when considering the uniqueness and integrity of an artwork to investigate how they are connected or ‘linked’, but where the artwork itself is stored.

NFTs are ‘Controllable Electronic Records

What many do not appreciate in this NFT gold-rush is that the Non-Fungible Token itself is simply a ‘controllable electronic record’ stored on a distributed ledger, and not the artwork itself.

Like any hard copy digital record or record stored on your own hard drive, the import or effect of what the record is , or what rights it confers, is wholly dependent on what is written in it. This has important implications, more of which we will discuss below.

So how do we access the NFT record on Ethereum?

The answer is Etherscan, the search engine, effectively, for the Ethereum Blockchain.

So lets go down this rabbit-hole and see what we can find.

Smart Contract Addresses and Token ID’s

In essence, the smart contract is the protocol which allows the NFT, or controllable electronic record, to exist and for the NFT to be produced as a transaction output on certain Blockchain, in our examination, Ethereum.

The protocol or standard we are concerned with here is essentially ‘Ethereum Request for Comments’ 721, or as commonly known, ‘ERC -721’.

This is the standard that allows us to mint NFTs tied, or connected to an underlying asset, making the digital record or token ‘non-fungible’, i.e. ‘unique’ and ‘non-interchangeable’ with other records or tokens produced or existing on that Blockchain.

But the smart contract, as written, is not so easy to access, read or understand.

This is where the core of the diligence takes place. This is where actually knowing what you are purchasing, and where it is stored, to ensure the artworks uniqueness and integrity, is so important, but it must be said , not readily accessible, understood or even sufficiently pointed out by some of the platforms or auction house that sell these artworks connect to NFTs.

The first step to getting there, is to find the smart contract address and to plug that into Etherscan. A simple input of the smart contract address into the Etherscan search field produced the smart contract itself.

Beeple’s ‘Human One’ NFT

Lets use Beeple’s ‘Human One: as an example.

Here the contract address is 0xa4c38796C35Dca618FE22a4e77F4210D0b0350d6, and the Token ID is 1. We get these items from the auction catalog entry at Christies.

Beeple’s ‘Human One’ NFT @ Christies

Next we go to Etherscan.

We input the contract address for the NFT into the search bar, and voila, the contract appears.

We can see the code that has been used for the NFT, which is more or less what has become standard for NFT Ethereum ERC 721 smart contracts. We see some code referencing the open-source resource OpenZeppelin and some from Manifold, the more custom ‘creator contract’, which provides for Token ID’s to run sequentially for the creator or collection, rather than just a random TokenID number generated from the deployed NFT smart contract itself.

Since the contract code itself doesn’t tell us where the image or clip attached to the NFT sits, or in fact how it is linked, we need to read the smart contract to find this out. All we can see in the contract itself is the generic reference to the TokenID in the ERC 721 Metadata section of the contract.

Reading the NFT Smart Contract

So to read the referenced data in the NFT smart contract, we need to READ the contract. Etherscan allows us to do just that. We click on ‘Contract’ in the tool bar, and then the ‘Read Contract’ button, and it brings up a selection of NFT smart contract items to query.

Scrolling down, the TokenURI query appears. We click on it, enter the Token ID (Beeple’s ‘Human One’, TokenID, 1), and query it. We see the following link:


Cutting and pasting it into your browser produces the following Metadata.

{“image”:”https://nft.human-one.xyz/Crystal_Night_b6d2af8e1d1723ecdc688ee7.png","animation_url":"https://nft.human-one.xyz/Crystal_Night_b6d2af8e1d1723ecdc688ee7.mp4","external_url":"https://human-one.xyz","description":"the hunt continues after a productive day and a solitary lapse of reason.”,”name”:”HUMAN ONE”,”background_color”:”000000",”days_journeyed”:57,”location”:”Ethereal wasteland”}

That’s it.

What is surprising, is that the metadata appears to be stored centrally at: https://metadata.human-one.xyz/1, with the animation itself at https://nft.human-one.xyz/Crystal_Night_b6d2af8e1d1723ecdc688ee7.mp4, with the URL describing the work at https://human-one.xyz

This clip is in essence what is authenticated and owned with the purchase of the ‘Human One’ NFT. It sold for a staggering $28,985,000.

Centralized Storage and the Risk of ‘Link Rot’

Yet, if those links are centrally controlled, what happens when the URL goes down, or breaks. ‘Link rot’ is serious issue for artworks connect to non-fungible tokens.

So if that’s the case with Christies’ Beeple, how have others structured their NFT metadata?

Do some include terms and conditions, so it is clear what is being bought and sold and what rights are being included in the ‘controllable electronic record’ that is the art NFT?

Another NFT Diligence Example: Will Your Heart Pass the Test?

Let’s take a look at Phillips’ ‘Will Your Heart Pass the Test?: An NFT by Drue Kataoka Studios’ which sold for $252,000 on December 15, 2021.

An entrancing, haunting NFT, the video clip by bay-area artist Drue Kataoka consists of 10,300 MB file, with Token ID: 1 and Ethereum smart contract address 0xb657Bad7480d34b76e067bF2f08dec7777a6461.

Again, we query the TokenURL in the ‘Read Contract’ sub-tab of the ‘Contract’ tab in Etherscan, and we get the following string:


‘Arweave’ is a decentralized storage space, reducing the possibility of ‘link rot’. A step in the right direction.

This link takes us to the metadata which looks, in part, like this:

Metadata for Drue Kataoka’s “Will Your Heart Pass the Test?” via Christies and Arweave

It includes the animation, the ‘heart’ of the authenticated clip attached to the NFT, again stored decentrally on Arweave, at https://arweave.net/5qNAiW9HlflhbaGTke0E9dIjl2ZsaaaYNudcIsNiPnE producing the extraordinarily eerie and beautiful clip below.

Drue Kataoka’s “Will Your Heart Pass the Test?” via Christies and Arweave

While the NFT metadata for Drue Kataoka’s NFT includes a lengthy description of the artwork, and the image and video clip URLs, it does not appear to include any terms and conditions defining the rights that the NFT gives the buyer in the work itself.

Blockchain’s Raison D’être, the ‘Authentic Artifact’ and the Battle for the Soul of NFTs

Put differently, who owns this NFT clip outright? Does the buyer have the right, for example, to display it publicly? Can the artist recreate it and mint it elsewhere or is the clip, as stored on Arweave, the authentic artifact of the art?

One might argue that Blockchain’s raison d’être is the authentication of original artifacts, whether they be digital tokens, Bitcoin, Ether and other digital currencies, documents and in our case, art.

Yet we have seen some commentators, lawyers and laymen alike, talk of the Blockchain as nothing more than an intricate filing system, with the artwork linked to the Blockchain records being capable of removal, copying and reproduction, and, themselves, having little value.

Some, talk further of the record itself not being able to convey rights and obligations in the underlying NFT artworks; there being no ‘meeting of the minds’ between NFT buyer and seller as to any terms stated in the NFT metadata.

Others, look to intellectual property principles to define the relationship, and see the buyer’s rights in the NFT as simply a non-exclusive license.

All these, we argue, miss the fundamental point of Blockchain, its resolution of the ‘Double Spend’ problem, and its fundamental use case as a means of authentication of the original artifact: the making of an asset unique.

So, in the same way that a buyer has title to a physical art asset in the real world, so too she should have title to a digital asset that is authenticated as a ‘one-of-a-kind’.

While the courts in their interpretations may be slow to catch up with digital assets, and impact of Blockchain, defining these rights correctly by contract is not only useful, but is, in our view, essential to correcting perceptions of Blockchain’s purpose.

Using NFTs to Define Contractual Rights

And since NFTs are simply controllable electronic records stored on a decentralized ledger, defining the very rights that the record conveys, which itself ‘runs with the record’, would very much comprise a ‘meeting of the minds’ of the terms that apply to that record.

We argue that the naysayers are wrong, and that terms and conditions that form part of the NFT metadata do very much define the rights and obligations implicit in the NFT and the assets linked to it. What’s more, what is written in to the record, runs with the record. It would be almost like a real right implicit in the asset. A tool precisely suited to Blockchain digital tokens which allow increased liquidity, free of centralized control.

All, in our view, far superior, to terms and conditions of sale linked to an auction catalog which may govern the primary NFT sale, but likely have little bearing on any resale.

NFT Embedded Rights: Proof is in the Pudding

So how have NFTs faired in defining rights and obligations?

Not too well, as we have seen in this article.

Not only have very high valued digital artworks been stored centrally, risking ‘link rot’ or the severing of the link between the NFT and the art work, but very few NFTs’ actually say what the buyer can do with the artwork.

And perhaps more importantly few appear to state categorically that the clip or image linked is the original, authentic artifact of the artwork, or that the NFT artist or creator cannot duplicate the work again and again.

But this is not all NFTs.

Jennifer and Kevin McCoy’s Quantum Leap (Primordial Star 2)

One example was recently offered for sale on Artnet’s new NFT auction platform, Jennifer and Kevin McCoy’s Quantum Leap (Primordial Star 2), 2021, a 75.4 Mb video clip, with smart contract address 0x8425633dbaf741db34bc35d5054e22a8ab4c9f31 and TokenID 2.

Jennifer and Kevin McCoy’s Quantum Leap (Primordial Star 2) Via Artnet

Into Etherscan to query the TokenURI, and we get an apparently centrally stored link: https://quantumleap.mccoyspace.com/B-4-primordial.json, which tells us that “…Quantum Leap is a generative, code-based NFT series inspired by Kevin McCoy’s 2014 work Quantum, the first artwork tokenized on a blockchain…”, and that, “…[f]or this project, several levels of code-based systems interact. Visually, each token from Quantum Leap produces a mandala that changes and evolves, inspired by the life cycle of the stars, which shift colors as they age. These stars also change form as they become more circular as the code-generated images mature, evolving from three to twenty sides over the span of their lifetimes.The code-execution environment that drives the animation exists both on a dedicated website, and eventually, as a downloadable stand alone application. This website allows collectors who have Quantum Leap tokens to visit the site quantumleap.mccoyspace.com , connect their wallets (or download the .exe) and see the artwork that corresponds to their token. The software will read the specific tokens and derive operational parameters from on-chain data belonging to each token…”.

A fascinating generative art NFT project. But most interestingly for our purposes there is a reference to a “Rights Agreement” in the NFT metadata, and it points to an IPFS link at https://ipfs.io/ipfs/QmTjivtsQGFcCVamK5ya4MG1dVQDSbJVdMWNiSkkN4EkMg

IPFS, like Arweave, is a decentralized storage platform, providing greater confidence in the integrity of the metadata links.

One apparent problem here with this NFT, is that the TokenURI link is a centrally controlled link which then points to these IPFS links, leaving some uncertainty and potential for ‘link rot’.

An NFT Metadata ‘Rights Agreement’ Running with the Art Asset

Nevertheless, the Rights Agreement is explicit in defining both the uniqueness and title in the artwork. It reads, in part:

…3.0 Ownership and Provenance

3.1 Control over on-going provenance, ownership of and rights corresponding to this artwork is hereby assigned to this contract and this blockchain entry.

3.2 Ownership of this artwork rests with whomever controls this blockchain entry ( the $OWNER ).

3.3 Ownership of this artwork is singular, unique and noneditioned.

3.4 No other ownership of this artwork exists beyond this ownership nor is any other ownership recognized or authorized in a manner that conflicts with the rights granted herein…”.

And earlier:

…1.3 These statements constitute a contract between Monegraph, Inc., Jennifer and Kevin McCoy and any $OWNER (defined below) of this artwork.

1.4 Ongoing ownership and possession of this artwork indicates the $OWNER’s acceptance of these terms…”;

thereby expressly making these terms implicit in the ownership of the underlying artwork, with the intent of defining the uniqueness and rights of the buyer, not solely as licensee, but as owner.

Caveat Emptor : NFT Devil is in the Detail

Buying NFTs can be tricky.

Not only are the ‘where’ or ‘how’ of the underlying artwork storage and linkage to the digital token important, but also are the rights in the underlying artwork conveyed with the NFT.

Being able to read the NFT smart contract is essential to understanding this, and to evaluating the longevity, integrity and uniqueness of the art asset, and the rights you would acquire through its purchase.

This is very much a case of caveat emptor as, as far as we have seen to date, a lot of money has changed hands over art assets that include very little in the auction catalog itself, not to mention the NFT metadata to define what is being purchased.

This is particularly concerning in an ecosystem which relies on liquidity and the ability to resell the art asset down the chain and which could very much benefit, as to the sustainability of not only the asset itself but of the ecosystem as a whole, from defining, and making implicit rights and obligations that very much run with the art asset itself.

** This article is intended to be informational only, and does not constitute legal advice. Competent, specific legal advice from a suitable, licensed attorney, should always first be obtained before taking any action, and the information in this article should not be relied upon independently of that advice.



Sam Miller

Founder: TheFineArtLedger.com, blockchain powered fine art title and authentication platform, art collector, Rimon P.C. corporate finance attorney. Venice, CA