Part I of this series gave you a basic knowledge of cryptocurrencies and… left us with a bitter aftertaste. It made the case that cryptocurrencies aren’t really currencies after all, but instead had only succeeded in creating the world’s biggest and most accessible casino (after Wall Street). We ended with a statement that many enthusiasts will probably deem provocative: blockchain is a solution in search of a problem…
Counter-arguments to this statement, I’m sure, revolve around Ethereum — another blockchain that was alluded to several times in Part I but which needs a full introduction now. Ethereum brings major conceptual improvements compared to Bitcoin, and introduces a whole variety of new applications centered around so-called “smart contracts”. These applications include Decentralized Autonomous Organizations (DAOs) and Non-Fungible Tokens (NFTs). And so we find ourselves yet again in need of diving deep into the technical aspects of the technology before being able to even consider the nature of what it bred.
In 2013, Vitalik Buterin, a young Bitcoin enthusiast, published his own design for a cryptocurrency. As he saw it, there was no reason why the blockchain should only contain simple transaction records — imagining what would happen if it contained code instead.
Ethereum still supports wiring its underlying “currency” (Ether) from one account to another, but it’s not limited to this. Instead, participants in the network can write programs (“smart contracts”), store them in the blockchain, and have other people interact with the functions they expose  The programming language used on this blockchain is called Solidity, and allows programmers to define functions that have specific permissions (i.e., only the contract’s current owner can access them) or require a payment to be invoked, providing the basis for smart contracts.. This breakthrough changes the nature of the blockchain: where Bitcoin was a distributed database, Ethereum becomes a distributed record of program states. The concept of transaction fees (now called “gas”) was reworked to account for this new paradigm, and users now pay a fee per instruction executed  In addition to the per-instruction fee, there can also be a variable amount chosen by a sender. Opting to give a bigger “tip” allows a transaction to jump the line and be processed before the others. This leads to “gas wars” when multiple bidders are competing for a purchase. The all-time record (May 1, 2022) was around $200,000.. Participants of the network don’t only validate transactions like they used to, but also run the code of the contract to compute and store its new state after the requested functions have been executed. This leads Ethereum users to refer to the “Ethereum Virtual Machine”, which evokes a meta-computer allegedly emerging from the overall system.
Thanks to this concept, Ethereum expects to trigger no less than a revolution in the way we think of computing, with its built-in framework of distributed yet trustless programming. The underlying idea is that when Bitcoin went after the banking industry, it actually lacked ambition. Many other industries are, after all, riddled with intermediaries and trusted parties that could be replaced by a carefully thought-out smart contract: insurance companies, package delivery systems, and why not even governments one day?
Smart contracts (are dumb programs)
A very annoying pattern you might have noticed by now is the overabundance of domain-specific (and, frankly, gratuitous) terminology. The cryptocurrency world has taken a page from the finance industry’s playbook and obfuscates what it is doing behind impressive-sounding lingo — I suspect in an attempt to discourage people from looking into its activities. It’s something we have to fight against for the whole duration of the series.
Case in point: smart contracts, which I have to assume received this name due to the very reassuring real-world associations they evoke. Contracts are perceived as something safe, so it feels natural that when they’re also smart, they must be nothing short of infallible. Unfortunately, smart contracts turn out to be double misnomers. First, they can only be as smart as their programmers are, and I’ll leave it to the reader to decide how much that means on average. Second, while they’re binding (due to the fact that blockchain operations are irreversible), they provide none of the guarantees that are traditionally associated with real-world contracts. There are no crypto-courts of law you can appeal to in case the spirit of the contract is violated, or if it turns out you weren’t truly in a capacity to contract (for example., if you are a minor), or if the contract wasn’t even legal in the first place. Smart contracts are also referred to as dApps (decentralized apps), which in my opinion is a slightly better term.
Ethereum believers systematically shoot down any objection to the nature and merits of smart contracts with the expression Сode is Law. “Code is Law” carries the idea that since a smart contract is made of code, there’s no opportunity for duplicity. Whatever is in the contract is executed by neutral machines in the network, and the blockchain mechanism provides strong guarantees that the result will not be tampered with. All interactions with the contract (through function calls) are also publicly recorded on the blockchain, discouraging foul play due to how obvious any would be. So what’s the issue?
One of the problems should be obvious to anyone with even limited programming experience. Imagine you need to write code handling staggering amounts of money, with a built-in bug-bounty system (hacker-takes-it-all), and that you can only commit once before everyone in the world can interact with it. Remember that there’s no modifying data on the blockchain, and indeed it’d be quite bad if contracts could be changed after people have started using them  There are actually ways to provide upgrade mechanisms, but they’re expensive and require setting up complex architecture. In addition, introducing such contingencies creates a Catch-22 situation where the ability to patch bugs opens a possibility of abuse for contract developers.. How confident would you be in your ability to make exactly zero mistakes?
Looking at the problem from the other side, how likely would you, as a smart contract user, attain “genuine consent” when it requires performing a literal code audit? This is by no means theoretical. Last April, the AkuDreams NFT project encountered a significant setback when several bugs were discovered and caused the dApp to enter a state of deadlock. This resulted in the equivalent of $34M being stuck in the contract forever, with absolutely no one — including its original developer! — able to access the funds  An in-depth analysis of the bugs in the dApp can be found here, illustrating well the sort of tragic subtleties that can annihilate the spirit of a contract.. Dura lex, sed lex?
The heresy of immutable programs
Optimists could say at this point that no matter how many examples of flawed contracts I bring up, it doesn’t mean that the contracts can’t be implemented properly, and that the field simply needs more time to mature and acquire expertise. But I’d argue the opposite: seeing how incapable the field seems to be of securely developing objectively simple applications, the whole idea of ever moving on to more complex contracts looks preposterous. Whoever believes that entire insurance policies could be translated to dApps is either a programmer who has absolutely no idea of the complexity of insurance policies, or an insurer who never wrote a line of code in their lives (disregarding the fact that blockchains are blissfully ignorant of most things that take place in real life, such as fires or car accidents).
Having worked in the security industry for over 10 years now, I feel obligated to inform you that anyone who seriously considers migrating real-life technologies into a write-once environment is a stark-raving lunatic. Not even accounting for all the problems that blockchains introduce (listed in part I of this series), history teaches us that programming mistakes can and will happen and that patches are a vital necessity. Worst case scenario: a design flaw could be discovered in Solidity itself one day, as has been the case in many other programming languages in the past. What would happen to all committed contracts then?
This lack of flexibility is painful on every level. What’s done is done on the blockchain: faulty programs cannot be taken back, and accidents and hacks cannot be reverted even if you somehow obtained a court order. Unsurprisingly, such an unforgiving ecosystem — where you’re rarely more than a click away from financial ruin — is also a fertile ground for scams (more on this later).
Decentralized Autonomous Organizations (DAO)
Before we can move on to NFTs, there’s one last concept I’d like to introduce — if only because it leads me to the most unbelievable yet telling story of the whole cryptocurrency industry.
Having discovered what dApps are, I don’t think it will be too hard to imagine that they’ve also been used as sort of governance systems. You can think of DAOs as smart contracts into which users can pool funds. The contract codifies a predetermined set of rules (which may or may not be properly implemented) — like how to cast votes on how the funds are used, how to withdraw them, under which conditions, and so on.
DAOs, proponents say, have the potential to revolutionize society and redefine power structures: they could enable transparent and fair forms of management and represent the future of community governance. However, I, on the contrary, find the core idea of solving social interactions through rigid sets of rules engraved in cyber-stone deeply flawed. Even if social interactions were translatable into code (which they aren’t), even if they could be implemented without bugs or problematic emergent behavior (which they can’t), norms are in a constant flux. The world changes every day. Sometimes, yesterday’s rules just need to be broken.
The first ever DAO was created in May 2016 and was simply called “The DAO”. Seduced by the perceived potential and the opportunity to participate in this unique social experiment, people flocked to the project, resulting in the project raising around $150 million at the time. The DAO was supposed to operate as a decentralized venture capital fund. People would pitch projects to the business-savvy DAO members (freshly graduated, no doubt, from the renowned Reddit School of Economics), who would use their voting powers to decide which ones to support.
Unfortunately for them, yet another smart contract vulnerability led an attacker to drain about a third of the ETH managed by the fund. The amount of currency stolen represented about 5% of all coins in the blockchain. While it seems like an open-and-shut case of “suck-it-up because code-is-law”, enough big players in the ecosystem had been burnt that they were able to organize what’s called a “hard fork”. They created a copy of the blockchain in which the fraudulent transaction… never happened, and started using that one instead — essentially splitting reality into two alternative versions. All the major actors as well as the Ethereum developers officially switched to the non-hacked “timeline” and have kept using it ever since, making it the de facto standard. The other version, subsequently named Ethereum Classic, lives on as a third-rate cryptocurrency so centralized that a 51% attack actually took place in 2019.
This story destroys the myth of an egalitarian, decentralized ecosystem. If you join the fray and get scammed, make no mistake: the blockchain will be immutable for you. But when the elite’s bottom line gets threatened, all guarantees fly out the window and it finds a way — outside the blockchain if need be — to leverage its tremendous financial and political power in the system, bail themselves out, and restore their supremacy  If you want more DAO craziness, this time in the “incompetence and hubris” category, I’d also recommend the SpiceDAO story. In it, a group acquires the script of an unproduced Dune movie adaptation (from director Alejandro Jodorowsky) and figures this enables them to create a large entertainment conglomerate. Drama ensues..
At last — a Non-Fungible Tokens definition
Here we are, finally armed with all the background we need to explain what NFTs are. Being complex on the conceptual level, they need to be defined from several angles. On the practical side, an NFT is a certificate of ownership recorded on a blockchain. An (apt) real-life comparison would be a casino chip: if you hold the chip, you own whatever it corresponds to, but you’re free to give it away or sell it if you find a buyer. Technically speaking, it’s a smart contract that holds one or several of those chips (“tokens”) — a sort of spreadsheet listing who owns each of them, and functions that handle their transfer.
The smart contract typically holds links pointing to the resources that correspond to each token — because storing the resource itself on the blockchain would be too expensive. At worst, this link can be a plain HTTPS one, and as such subject to link rot (that is, in a couple of years from now the URL might point to nothing because the domain name has expired or changed hands). A better approach is to use an IPFS link — but that’s not foolproof either. And obviously, you have to trust whoever controls the storage not to replace what is at the other end with a poop emoji after the sale.
“Wait, that’s it?” you ask suspiciously. Yup. That’s all there is. Owning a non-fungible token just means that a smart contract, somewhere, is in a state that says “[Name] owns the chip with ID 0x12345”. Whatever rights or entitlements you derive from this ownership varies greatly. Tokens could be used by further applications: a developer could create an instant messaging app where you can only access certain channels if you own a specific token. Or maybe you can only interact with a given dApp if you hold a specific token. Some uses are simply social constructs: an artist may create a dApp with a gentlemen’s agreement that each token represents a particular work of art, and ownership of the token equates to ownership of the associated file. This leads us to a very controversial question in the NFT space.
What does digital ownership mean?
The idea of owning digital goods existed way before NFTs appeared. Gamers have been grinding MMORPGs for years to obtain S Tier equipment that they can use and extract value from (by killing monsters more easily). Yet one could argue that they don’t really own those in-game objects, as they are just an entry in some game developer’s database. The item could, theoretically, be deleted any time — and in fact it is destined to be deleted one day when the game gets discontinued and its servers are turned off. In the eyes of NFT supporters, this constitutes a very good reason to transfer this ownership information to the blockchain, where it will be safe from arbitrary decisions (provided the smart contract is neither backdoored nor riddled with bugs). It remains unclear what good a blockchain-backed +100 sword would do you if the game’s developer says you can’t use it from now on, or if the corresponding game doesn’t exist anymore, but never mind that.
The harder truth is: there is actually no concept of ownership purely in the digital realm, and there can never be. This is something the rest of the software industry figured out a long time ago. When you purchase a program online, what you get is a license that gives you certain rights, such as using the software. But you don’t own it; the program remains the intellectual property of its developer. Conversely, there is no concept of theft in the digital realm (“theft is the taking of another person’s personal property with the intent of depriving that person of the use of their property”), where everything is data. Legally speaking, I cannot steal your data because you will not be deprived of it afterward. I can only access it or replicate it without authorization. In case you’ve ever wondered, this is the reason why software piracy is always tried under copyright infringement charges as opposed to anything related to theft.
If you buy something in real life (say, a baguette), it’s very difficult to contest your ownership. That’s not because you can proudly wave the bakery’s receipt at a naysayer’s face. It’s because you hold the baguette tightly yet gently in your arms (as you should) and say “look, here it is, I have it, so it’s mine”. The underlying message is that the baguette, as a material object, is unique (there are many baguettes, but only one is this baguette), and presenting it under your lawful control is evidence enough that it’s yours. Digital objects, due to their nature as sequences of bits copied multiple times daily in the process of their intended use, do not possess this property. The NFT space’s solution of branding them with a serial number really doesn’t change this basic fact. Your certified picture of an ugly monkey is strictly the same as the one I right-clicked and saved.
But wait, you say, there are slightly more abstract possessions for which you cannot prove ownership that easily. Take a piece of land for instance: simply occupying it doesn’t make you its de jure owner. To demonstrate your property rights, you need to show a deed which might as well be stored on a blockchain where it will be public, verified and uncensorable. What sounds like a strong argument in favor of NFTs turns out to be checkmate for them. Imagine you buy land and the deeds get stored in the Ethereum blockchain. You arrive at your new house, but I’m already sitting on the couch (in a bathrobe). “This is my house, I bought it!” you protest, pointing to the corresponding smart contract. But I answer: “Well, I bought it too”, then I show you my own, equally valid smart contract on the Solana blockchain. I also add: “I do not recognize the authority of the Ethereum blockchain”  And why would I? There are literally a thousand competing blockchains! Yes, a thousand. Other examples include Tezos, EOSIO, Stellar, Neo, QTUM, Waves…. From there, your available courses of action are:
- Getting off my lawn.
- Waiting for Mr. Buterin to proclaim the People’s Republic of Ethereum (which would totally be an oligarchy, by the way), raise an army and enforce your property rights against mine.
- Taking your grievances to the local courts — your most likely choice.
And this leads us to two important prerequisites for the concept of ownership. One: there can be no ownership of digital goods because they are not unique. Two: there can be no ownership of physical goods without a central authority (aka government). It follows that NFTs, meeting neither of those prerequisites, have nothing to do with ownership.
So what are NFTs?
That’s the funny thing. Nobody knows, really. After much head-scratching, regulators may categorize them as securities. Law firms warn that unless an explicit agreement accompanies an NFT, the implicit one probably only covers displaying the corresponding digital asset. And nothing more: you wouldn’t, for instance, be allowed to print a T-shirt featuring your million dollar CryptoPunk. Stings, doesn’t it?
Optimists paint NFTs as a way to support artists, and free them of art galleries’ gatekeeping. Smart contracts, they note, may also contain provisions that allow the original artist to earn royalties on every subsequent sale. There’s no denying that a number of artists have received massive payouts from NFT sales, but the general perception of what the NFT art market looks like is heavily skewed by high-media impact yet anecdotal record-breaking transactions. The artist Kimberly Parker and a data scientist crunched the numbers for us and revealed a number of interesting facts.
- The overwhelming majority (~70%) of NFTs sold never find a secondary buyer.
- Only about 10% of NFTs ever sell for more than $400. Using collections as a scope instead of individual artworks reveals the exact same trend.
- For an NFT sold for $100, platform and gas fees can represent from 70% to 150% of the whole price. Which means the artist actually loses money on average in this case.
Looking at the few projects that over-performed in this space paints a disturbing picture, where the intrinsic or artistic value of a piece matters very little compared to the seller’s ability to create hype and attract media attention. In a not-so-unpredictable twist, involving influencers such as Logan Paul or MrBeast in literal NFT pump and dump schemes turns out to be a highly profitable strategy. So is involving celebrities like Paris Hilton (what’s her contribution, beyond her image and media outreach?) or Justin Bieber. While if you have no community to mobilize or no access to celebrities, but still have a few hundred thousand dollars to spare, you can probably manufacture your own hype by making a record purchase and waiting for news outlets to report on it.
So what are NFTs, really?
We seem to have reached a dead end: NFTs don’t adequately represent proof of ownership and, like the technology they’re built on, appear to mostly bring fortune only to the already famous or wealthy. We noted that Bitcoin and Ether weren’t currencies because of the lack of actual products you can buy with them. It’s theorized that NFTs were imagined to fill this void: to create a market that would finally allow currency to circulate within the ecosystem. To see through this, it’s crucial to understand how money flows around the cryptocurrency world.
Ethers and Bitcoins are created out of nothing in their respective environments, falling from the sky as rewards to miners for sustaining each network’s infrastructure. But miners, being corporeal beings with bills to pay, need to exchange their BTC or ETH for real-world currency sooner or later. Even early adopters who’ve been able to mine or acquire significant quantities of coins with little investment when things started out have a strong incentive to cash out — simply because they’ve nothing to spend their cryptocurrency on.
You can’t purchase actual goods with Ethereum or Bitcoin, so there’s no other way but to exchange them for, say, dollars first. But how do you do that? There are of course exchange platforms, but they only act as intermediaries between sellers and buyers, throwing in just as many funds in each currency as is necessary to smooth things out. If you come to them with $10 million worth of ETH, they’re not going to take it all. If there’s demand for $10M in the market, sure, you’ll make your sale. Otherwise, your trade offer will remain in the system, and hopefully — provided nobody places an offer with a more attractive rate — your ETH will get sold over time as new people join the happy Ethereum family.
But surely you see the major flaw in this plan, no? Why would anybody in their right mind buy your ETH or BTC knowing that they won’t be able to purchase anything with them? They’ll inevitably need to exchange their cyber-gold back into dollars later too, so why would they doom themselves to go through your ordeal? The answer is that they hope to make a profit by selling higher than they bought. A brutal fact conveniently not mentioned in news headlines is that the cryptocurrency ecosystem has a major liquidity problem. Spectacular NFT sales are reported in dollars, but take place in ETH — and this advertised dollar price remains purely theoretical until the cryptocurrency gets exchanged. It matters little that each ETH sells for about $1,800 (at the time of this writing) if there’s only demand for 100 of them. Your $10M worth of Ether is just not going to get traded.
To recap: major coin holders have an urgent need to cash out, but they can only do so if there’s a constant flux of people coming in  Ideally, the influx should be massive too as demand exceeding supply would drive the exchange rates up and increase the profit margins of people cashing out. It means that cryptocurrency users have a direct financial interest in massive adoption and it blinds them to all of the systemic failures of the ecosystem. In the words of Upton Sinclair, “it is difficult to get a man to understand something, when his salary depends on his not understanding it”., and the only rational reason why people would buy cryptocurrency is for the purpose of speculation. Structurally, the crypto-world as a whole not only relies on, but has an existential need for speculation to ensure its cash flow. It goes without saying that said speculators soon face the exact same issue and need subsequent waves of buyers to turn a profit, and so it goes on.
It’s not a pyramid, it’s a low-polygonal cone
In this context, it’s tempting to reinterpret the NFT phenomenon as manufactured hype, engineered to attract these vital new buyers. It explains the apparent disconnection between the products (that is, arguably hideous JPEG or PNG files) and their market price. It also explains why major crypto capital holders are so willing to throw away obscene quantities of cryptocurrency when you’d expect them to retire on far-away islands instead. It’s simple: If they can’t cash their Ether out, those coins aren’t worth a dime. So it makes sense to burn them in a spectacular way that will generate news reports and create the optics of people making a fortune with NFTs, thereby creating conditions for a future cash out. That is, insane selling prices generate media hype, media hype drives new buyers, and influx of new buyers make cashing out possible for sellers.
So if you’re interested in cryptocurrencies and NFTs, you’d be dead wrong to assume either of these are the main components of the ecosystem. The one and only thing that matters in the crypto world is new participants. NFT projects live and die by their ability to generate enough hype to convince outsiders that they’ll see incredible returns on investment if they join right now — for which they need to buy Ethereum.
As you can imagine, such a toxic structure can only breed the worst incentives, and the ecosystem is plagued with fraud. Every scam in the book has one way or another been adapted to this brave new world, and they have all in fact become the default mode of operation since there’s no regulation, consumer protection, or possibility of recourse. Entering the NFT market, you can expect to encounter the following on a weekly basis:
- Wash trading, where project organizers buy and trade their own tokens among multiple accounts they operate to inflate prices and create a false perception of high demand.
- Rug pulls. Many NFT projects don’t stop at offering tokens, but present themselves as crowdsourcing opportunities (page archived for obvious reasons) where the money from the sale is supposed to be invested into the creation of subsequent products or services, such as goodies, movies, video games, and so on. Possible associated DAOs allow participants to get involved in the direction of derived projects. As you would expect from people who don’t know the first thing about the industries they intend to disrupt, they usually fail to deliver and/or go AWOL with the funds.
You can also count on attacks from the cybersecurity angle: phishing, smart contract hacks, malware and marketplace breaches. But wait, let’s not forget oldie-but-a-goodie art theft, since absolutely nothing prevents you from creating NFTs out of artwork you don’t own. The situation is so endemic that DeviantArt developed a feature that automatically detects NFT infringements and has already raised 80,000 alerts.
Alright, time to pull the curtains on this horror show. It took some time, but we got there, and it’s now time to answer the question with which we began this series. Should you buy NFTs? No. Stay away from them. And stay away from cryptocurrencies too. Even if you feel that from a utilitarian perspective you can disregard the many implications of supporting this ecosystem and focus on organizing your own get-rich-quick scheme, odds are you’ll get burned — badly. Just like the layer underneath, the NFT environment is structured in such a way that top players will always have the edge, leaving you to fend off omnipresent scam attempts for a shot at the crumbs. Here’s the best life advice I could ever give you: whenever you think you’re participating in the pump, you’re part of the dump.
Now for the million dollar, nay, multi-billion dollar question: are NFTs a scam? The answer to this question depends on your definition. Are casinos a scam? All their games are designed in such a way that the house always has a statistical edge (even blackjack, although good players can reduce it to 0.5%). But if you get lucky, casinos won’t cheat you out of your winnings and you’ll be allowed to leave the premises a lot richer than when you entered. Casino owners have mathematical proof that in the grand scheme of things they always end up on top. And they know that it takes a few success stories now and again to keep the losers flocking in. Is that a scam? That’s for you to decide. NFTs are like that in many ways, except that you’re leaving the comforts of the highly regulated 21st-century gambling industry and entering the tech-bro wild-west. They’ll rinse you in the most vicious of ways.
I fully expect to be drowned with wholesome rags-to-riches stories as soon as this article is published — just like you are probably bombarded with them if you’re doing any research on the subject. I don’t dispute that NFTs may have done the occasional good. But no amount of good can outweigh all the bad (which we’re not done covering, btw): the false promises, the predatory structure, and the lives broken.
My final advice is this: don’t believe a single word NFT owners tell you. If anything, I hope to have demonstrated that their bottom line directly results from convincing you and your fresh wallet to join. Not to say anything of the crippling cognitive dissonance resulting from having paid the equivalent of ten years salary for a link to a JPEG file. Deep down, below the ostentatious fraternity (“we’re all gonna make it!”), they know trading is a zero-sum game at best. It’s every man for himself.
What have we learned so far? First, that cryptocurrencies are purely vehicles for speculation. Second, that NFTs — even purer vehicles for speculation — have been built on top of cryptocurrencies to drive traffic through them. It doesn’t stop there though, because… why should it? There’s one more piece built on top of all that. In the final part of this series, we’ll take a look at an imminent technological car crash that is the metaverse, and discover that we’re likely being held hostage in the trunk. And to end on a bleak note, we’ll wrap up the series by discussing the impact of cryptocurrencies and NFTs on real-world economies — as well as their political implications.