An NFT Marketplace Exec’s CryptoPunk Avatar Helped Web Sleuths Bust Him for Insider Trading

This week, a top executive at OpenSea, the largest marketplace for crypto collectibles, was revealed to have profited by using insider information to buy NFTs in advance of his company publicly promoting them. 

The platform’s head of product, Nate Chastain, used secret crypto wallets to purchase digital artworks before they were set to be featured on OpenSea’s home page—a form of promotion known to drive up the price of pieces. After the initial pop of interest, Chastain then sold the NFTs, funneling the earnings into a personal account.

In other words, he exploited his position to game the market in his favor. 

The dodgy activity was first called out on Twitter by user @ZuwuTVwho himself both buys NFTs and sells purposely pixelated images of landscapes as the “Pixelated Beauty” collection on OpenSea. The news spread online like wildfire. 

It was the fact that Chastain used a unique CryptoPunk as his Twitter avatar that allowed online sleuths to identify his wallet, which also contains the CryptoPunk. (It is CryptoPunk #3501, with a blue bandana and small sunglasses, purchased for 26.98 Ether—$43,842 at the time—on February 25, 2021.)

Screenshot of Nate Chastain's Twitter, featuring CryptoPunk #3501 as his avatar.

Screenshot of Nate Chastain’s Twitter, featuring CryptoPunk #3501 as his avatar.

OpenSea’s chief executive and co-founder, Devin Finzer, confirmed the report in a blog post this week. “This is incredibly disappointing,” he wrote. “We are taking this very seriously and are conducting an immediate and thorough third party review of this incident so that we have a full understanding of the facts and additional steps we need to take.” 

Chastain has since resigned, Finzer said. 

Technically speaking, the head of product’s actions weren’t illegal. The buying and selling of NFTs is not regulated by the Securities and Exchange Commission. Prior to the incident, OpenSea had no rules in place preventing such behavior. 

The latter point has since changed, though. In his post, Finzer said his company has now implemented policies that forbid employees from both exchanging NFTs while the site is featuring or promoting them and using confidential information to purchase or sell any collectibles, “whether available on the OpenSea platform or not.”

Still, the intense response to Chastain’s market machinations might come to be recognized as a turning point in the way we think about NFTs vis-à-vis traditional art.

“In the art world, if someone who worked at a gallery bought up an artist’s art before a big public opening, that would be… a normal Monday,” tweeted Felix Salmon, Axios’s Chief financial correspondent (and a previous Midnight Publishing Group News contributor, this week). 

“The fact that this kind of behavior is genuinely scandalous in the NFT world is a very good indication that NFTs are much closer to being securities than they are to being art,” he added.

Founded in 2017, OpenSea was valued at $1.5 billion this summer, following a $100 million Series B fundraising campaign. Representatives from the company did not immediately respond to Midnight Publishing Group News’s request for comment about the incident regarding Chastain.

Follow Midnight Publishing Group News on Facebook:

Damien Hirst’s NFT Initiative, Which Asks Buyers to Choose Between a Digital Token and IRL Art, Has Already Generated $25 Million

Earlier this summer, Damien Hirst announced his latest project: a showy NFT initiative called “The Currency.” It involved selling 10,000 unique hand-painted dot-covered works on paper, each one corresponding to a nonfungible token. But wait, there’s more.

Each of the hybrid print-NFTs, available to collectors at the low, low price of $2,000, has a very particular stipulation. Buyers would have one year to decide if they wanted to keep the NFT, in which case the physical artwork would be ceremonially burned. Or they could keep the physical work, and relinquish rights to the blockchain-based artwork.

In essence, “The Currency” pitted Hirst’s foray into the new world of digital art against his old-school practice, asking the art market to decide which was more valuable. (At the height of Hirst’s market heat in 2007, a work on paper by the artist sold for more than $393,065.)

At the time, it sure sounded like Hirst was, ahem, jumping the shark, with a philosophical gimmick, but just about two months into the project’s debut, the artist took to social media to announce that sales generated by “The Currency” have reached $25 million already.

The graph of Hirst's NFT sales from "The Currency." Courtesy of HENI.

The graph of Hirst’s NFT sales from “The Currency.” Courtesy of HENI.

A statement posted today to the Discord server by HENI Analytics, an arm of the company that partnered with Hirst on the project, broke down the sales for the past six, 12, and 24 hours for the NFT works. In the last 24 hours, 14 sales totaling almost $400,000 were recorded, with a maximum price of $43,204 and minimum price of $3,694.

Since the project launched in July, there have been a total of 1,571 sales on secondary market NFT platforms adding up to just a bit more than even the whopping eight-figure Hirst boasted about, at $26,345,475.

The maximum price paid so far sits at $120,614 for a work titled Yes, which is considered one of the rarer of the pieces in the series because it has a single word title. HENI ranks each of the works in “The Currency” for its rarity based on algorithms that analyze density of the spots, colors used, and what kind of words are in each title, which all come from Hirst’s favorite songs.

OpenSea’s public data on the project confirm the basic trends suggested by HENI and Hirst. It shows that the floor price (or lowest available price) for an NFT from “The Currency” sits at 8.8 ETH, or $28,500, more than 10 times its original price. (The OpenSea floor price is updated hourly.)

According to OpenSea snapshot of the project, by far the most active day in the trading history of “The Currency” was August 14, when 249 of the NFTs changed hands. In recent days things have settled down considerably, with anywhere between 10 and 20 sales per day.

One recent sale, for the work A Way of Life, was originally listed 10 days ago on the secondary market by its owner @Quality for 18.88 Ethereum (over $60,800). Finding no takers, it was re-listed a day later for 8.8 Ethereum (or $28,500). At that price it was sold to @syzygyfinance 8 days ago for 8.49 Ethereum ($27,200), which re-listed A Way of Life just two days later for 14.8 Ethereum (or $47,800).

Today @syzygyfinance adjusted its asking price down to 9.75 Ethereum ($31,300), and sold it at that price to @liquiddyor, realizing about $4,000 in profit on the flip.

Follow Midnight Publishing Group News on Facebook:

NFTs Are Perfectly Designed to Turbo-Charge Concerns About Money Laundering and Art—and Regulators Are Already Taking Notice

The art world has a money laundering problem. Last summer, a Senate Permanent Subcommittee on Investigations (PSI) report highlighted just how bad the problem is, calling the art industry “the largest, legal unregulated industry in the United States.” Now, the explosion of interest in NFTs could be making matters worse—maybe much worse.

I like to compare buying and selling NFTs to buying and selling high art in a freeport, the tax-free, extra-territorial storage spaces where ultra-rich collectors stash their treasures. In both cases, parties exchange title, while no physical object needs to change hands. The art is the justification for the movement of a large amount of money.

Art’s subjective value and the art world’s obsession with secrecy and anonymity—the fact that you don’t always know who is behind these big deals—makes the art trade a honey pot for launderers.

Here’s the difference: With a freeport, there still has to be some kind of physical object in play, which means paying expensive storage fees and dealing with increasing government scrutiny on the space. In 2019, the European Parliament recommended as “urgent” the phasing out of freeports because of their use in tax avoidance, money laundering, and the secreting away of alternative assets.

Enter NFTs. Almost anyone can mint an NFT, at minimal cost, and they have exploded in popularity far faster than regulators have kept up. With the shocking amounts of money now being paid for NFTs at auction, the space has to be a tempting one for bad actors.

Representation of cryptocurrencies and non-fungible token. (Photo by Jakub Porzycki/NurPhoto via Getty Images)

Representation of cryptocurrencies and non-fungible token. (Photo by Jakub Porzycki/NurPhoto via Getty Images)

Trade-Based Money Laundering

The most practical way to launder money with NFTs would be via what is called trade-based money laundering (TBML): deals that appear legit on the face, but are meant to hide the flow of ill-gotten gains.

TBML can take several forms, explains Jesse Spiro, head of policy initiatives at Chainalysis, a blockchain analytics company. The most common is over or under invoicing. “All you ostensibly need is two parties that are willing to engage in a transaction for an NFT to make that work successfully,” he said.

Say you want to receive dirty funds worth $3 million. First, you need to get your hands on an NFT. You can buy one on the cheap, or mint your own for $100 or so.

If you want to establish a price history so things don’t appear quite so obvious, you can “wash-trade,” buying and selling the unique token to yourself a few times—under alias accounts, of course—so that the NFT appears to be worth $4 million. Suspicions that wash trading is rife in the NFT space have been growing, and, as Bloomberg points out, wash trading has long been called “crypto’s open secret.”

Now, you can turn around and sell your NFT to your dirty colleague for $3 million in cryptocurrency—a 25 percent loss! You can then cash out on a banked cryptocurrency exchange. If anyone asks where your funds suddenly came from, you simply tell them you sold a precious NFT.

“If you are offering thirty of something, you can establish a fair market value,” Spiro explains. “But if it is a one-of-one, that’s what makes these illicit trades more complicated—and hard to spot, because the price of an NFT is whatever someone is willing to pay for it.”

Logo for Bitcoin Fog, a service whose founder, Roman Sterlingov, was charged on April 28 with money laundering, operating an unlicensed money transmitting business, and money transmission without a license.

Logo for Bitcoin Fog, a service whose founder, Roman Sterlingov, was charged on April 28 with money laundering, operating an unlicensed money transmitting business, and money transmission without a license.

Chain Hopping and Tumblers

The fact that NFTs are most often bought with cryptocurrency adds another layer of obfuscation to the mix. Bitcoin is remarkably traceable, as are most other cryptocurrencies. But there are ways of covering up the trail. One method is with “chain hopping.”

“Exchanges don’t publicly record transactions until you withdraw, and it is hard to link deposits and withdrawals,” explains Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, who has been studying bitcoin since 2011. “So go to a dodgy exchange, turn your bitcoin into something else, move it onto another dodgy exchange, turn it back into bitcoin, and now the authorities are blinded as to what happened.”

Another way to dust up the trail is with “tumblers,” services that split your payment into small amounts, mix them with other payments, and send them through hundreds of transactions. In April, the operator of Bitcoin Fog, an OG bitcoin mixing service, was charged with operating one of the longest-running bitcoin money laundering services on the darknet, having allegedly moved $335 million worth of illegal proceeds in its 10-year-lifespan.

Cryptocurrency has had a long-standing problem with money laundering. “Some [cryptocurrencies] even include money laundering as first-class features,” said Weaver, referring to so-called “privacy coins” Monero and Zcash, which are designed to keep transactions anonymous.

It would be illogical to assume that combining two fields that are both associated with money laundering—art and cryptocurrency—didn’t lead to more of the same.

A digital artwork featuring the frontman of the band Scooter is offered on OpenSea. (Photo by Jens Kalaene/picture alliance via Getty Images)

A digital artwork featuring the frontman of the band Scooter is offered on OpenSea. (Photo by Jens Kalaene/picture alliance via Getty Images)

Regulators Catch Up

A favored approach to deterring money laundering and sanctions evasion is to collect personal information on the people doing the buying and the selling. Art, historically, has had a loose relationship with such so-called know-your-customer (KYC) rules.

In the U.S., unlike in the E.U., art dealers, galleries, and auction houses are not yet subject to the Bank Secrecy Act (BSA)—our country’s main anti-money laundering law—which requires at-risk industries to do things like verify the identity of their customers, record cash transactions, and report suspicious activities.

NFTs have increasingly begun to trade at top auction houses, like Christies and Sotheby’s. According to the 2020 Senate PSI report, the four major auction houses (Phillips and Bonhams are the other two) already have voluntary anti-money laundering (AML) programs in place. They have likely upgraded their programs following the report, which painted a devastating picture of the art industry, to avoid further risk.

“Christie’s has a robust global AML program that requires KYC for all of our offerings, and those standards are no different for our NFT sales,” Christie’s told Midnight Publishing Group News. “Our buyers are never anonymous to us, even if they may be anonymous to the public.”

Sotheby’s, which has also auctioned NFTs, did not respond to a request for comment.

Mainly, however, NFTs trade on specialized online marketplaces. Nifty Gateway, one of the more popular NFT auction houses, is owned by the Gemini exchange.

According to a spokesperson: “Nifty Gateway employs a risk-based approach to KYC and identity verification. For example, before they can remove funds from Nifty Gateway, Nifty Gateway users must have undergone KYC checks on a separate platform. We are continually re-evaluating our approach in light of a rapidly growing and changing industry.”

Nifty Gateway is centralized—meaning all its app software resides in a central location, controlled by the company—and it’s one of the few NFT marketplaces that link directly to your bank account. (It even lets you buy NFTs with cash.) Gemini is registered with the U.S. government’s Financial Crimes Enforcement Network (FinCEN), a bureau within the U.S. Treasury Department, as a money services business, and it’s widely thought of as one of the more regulated platforms.

Screenshot of a sale on Rarible for $Dough's <em>Genesis (Monero Collection)</em>, asking buyers to support the "blackmarket standard."

Screenshot of a sale on Rarible for $Dough’s Genesis (Monero Collection), asking buyers to “show your support of the blackmarket standard.”

However, many other NFT marketplaces, such OpenSea, Rarible, and Foundation, have taken a more relaxed approach to KYC rules. These platforms are “decentralized,” meaning that the back-end code runs on the Ethereum blockchain. (Technically, they are what is known as “dapps,” or decentralized applications.)

These marketplaces typically only ask for personal information when you use them to on-ramp from fiat to crypto. Unlike crypto exchanges, such as Coinbase and Gemini, or an NFT marketplace such as Nifty Gateway, they handle virtual assets in a non-custodial way—meaning they never take ownership of tokens. They simply facilitate peer-to-peer trades, matching buyers and sellers.

“KYC is only required when you buy crypto using OpenSea,” Alex Atallah, co-founder of the platform, told Midnight Publishing Group News. (In that case, KYC is handled through Moonpay, a fiat on-ramp that lets you buy cryptocurrency with your credit card.) As he explains it, if you transfer your own crypto onto the platform and buy NFTs with it, OpenSea doesn’t ask who you are. Nor does it ask who you are if you sell your NFT for crypto and move your funds off the platform.

Clouds pass overt the Capitol Dome as the Senate resumes debate on the National Defense Authorization Act (NDAA) on December 31, 2020 in Washington, DC. (Photo by Joshua Roberts/Getty Images)

Clouds pass overt the Capitol Dome as the Senate resumes debate on the National Defense Authorization Act (NDAA) on December 31, 2020 in Washington, DC. (Photo by Joshua Roberts/Getty Images)

Regulators Catch Up

Regulatory changes are coming for the art market—and probably NFTs as well. Since NFTs don’t really qualify as cryptocurrencies (they aren’t “fungible,” meaning you can’t swap out one for another, as you can with bitcoin), some believe they are likely to be swept up into any laws that cover the art trade.

On January 1, Congress passed the Anti-Money Laundering Act of 2020 (AML Act), as part of the National Defense Authorization Act, amounting to the biggest changes to the BSA since the Patriot Act in 2001.

Among the changes, the AML Act extends the BSA to antiquities dealers, making it a lot harder for collectors and investors to conceal their identities. It is up to the Financial Crimes Enforcement Network to spell out exactly how this will be implemented. They have until the end of the year to do so.

The AML Act also instructs FinCEN to study the art market. If FinCEN finds significant links between money laundering and high art, it will likely recommend Congress extend the BSA to include the wider art market, too. This has already happened in Europe under the E.U.’s anti-money laundering directives. Experts believe it is very likely to happen in the U.S. as well.

“The art industry narrowly escaped regulation under the BSA this time, very narrowly,” said Katherine Kirkpatrick, a partner at law firm King & Spalding, an expert in anti-money laundering.

Given the likelihood the art trade will be regulated in the future, she believes businesses that sell high-value art—including NFT platforms—should take this opportunity to re-evaluate their AML programs. If they were to inadvertently facilitate money laundering, they could be criminally liable. In addition to legal penalties, their reputations could suffer.

“This is a wake up call for them to say, let’s look at our policies. Do we have a voluntary AML policy? Let’s take a look at that, tailor it to the particular scale and type of risk that we face,” she said.

Screenshot of the AML Act of 2020.

Screenshot of the AML Act of 2020.

The AML Act also formally extends the scope of the BSA to cryptocurrency exchanges, in keeping with FinCEN’s earlier guidance that virtual currency businesses are money services businesses, and therefore, subject to BSA requirements.

NFTs, on the other hand, aren’t mentioned in the new AML law—not surprising, since NFT mania didn’t explode until the end of 2020. Further Congressional action will be necessary to apply AML regulations to NFTs and the marketplaces they trade on. But they aren’t being overlooked either, and policymakers already have NFTs in their sights.

One bellwether is that in March, the Financial Action Task Force, a Paris-based international watchdog that develops AML standards, issued a draft updated virtual asset guidance which could have implications for NFTs. The FATF isn’t a regulator, but as one of its 37 member jurisdictions, the U.S. contributes to and follows its guidance.

In its draft, the FATF doesn’t specifically name NFTs, but it replaces an earlier phrasing of “assets that are fungible” with “assets that are convertible and interchangeable” in describing the kinds of virtual assets that need regulation. This language change directly targets the trade: NFTs are “convertible” in the sense that when you sell them, you convert them to ether or bitcoin, or in some cases, cash.

If the U.S. adopts the final guidance, those subtle changes in wording give FinCEN the authority to regulate not only existing virtual currencies, but also emerging asset classes such as NFTs.

“What it means is that NFTs are caught,” said Spiro. “There is an inclusion. The FATF are formally acknowledging that there are risks associated with them and there needs to be effective oversight and regulation.”

A visitor looks at an NFT which will be auctioned on May 20 at the Millon Belgique auction house in Brussels. (Photo by Kenzo Tribouillard/AFP via Getty Images)

A visitor looks at an NFT which will be auctioned on May 20 at the Millon Belgique auction house in Brussels. (Photo by Kenzo Tribouillard/AFP via Getty Images)

Looking Ahead

At the end of the day, money laundering is about moving money without attribution. Although NFTs have been around for several years, the market only started going crazy in October, and the laws have been slow to catch up. As of now, there is no requirement for NFT marketplaces to implement KYC checks.

“They certainly don’t have to go through what banks do, which is extraordinarily onerous,” said Kirkpatrick. “The real question is should they be doing it? They are fine for now, meaning they are avoiding BSA requirements. But will that change? My best guess is that it will change, because I believe Congress and law enforcement will identify NFTs as a major risk area for the facilitation of crimes, and they will move to fill that gap.”

Until the loophole governing NFTs is officially closed and enforcement steps up, bad actors are likely to take advantage of the NFT market to transfer ill gotten gains, evade sanctions, and fund terrorism—because it offers a path of least resistance.

Follow Midnight Publishing Group News on Facebook:

How a Brazen Hack of That $69 Million Beeple Revealed the True Vulnerability of the NFT Market (and Other Insights)

Every Wednesday morning, Midnight Publishing Group News brings you The Gray Market. The column decodes important stories from the previous week—and offers unparalleled insight into the inner workings of the art industry in the process.

This week, clawing down another art-tech rabbit hole…



In the opening days of April, an artist operating under the pseudonym Monsieur Personne (“Mr. Nobody”) tried to short-circuit the NFT hype machine by unleashing “sleepminting,” a process that complicates, if not corrodes, one of the value propositions underlying non-fungible tokens. His actions raise thorny questions about everything from coding, to copyright law, to consumer harm. Most importantly, though, they indicate that the market for crypto-collectibles may be scaling up faster than the technological foundation can support.

Debuted as part of an ongoing project titled NFTheft, sleepminting serves as a benevolent but alarming crypto-counterfeiting exercise. It aims to show that an artist can be made to unconsciously assert authorship on the Ethereum blockchain just as surely as a sleepwalking disorder can compel someone to waltz out of their bedroom while in a deep doze.

Remember, to “mint” an NFT means to register a particular user as its creator and initial owner. Theoretically, this becomes the first link in a verified, unbreakable chain of custody tethered to an NFT for the life of the underlying blockchain network. Thanks to this perfectly complete, perfectly secure, and eternally checkable data record, the argument goes, potential buyers can trust non-fungible tokens without necessarily having to trust their owners or sellers. These traits add a valuable layer of security that traditional artworks could never rival with their eternally dubious off-chain certificates of authenticity and provenance documents.

Personne may have found a way to dynamite this argument for much of the art NFT market. Sleepminting enables him to mint NFTs for, and to, the crypto wallets of other artists, then transfer ownership back to himself without their consent or knowing participation. Nevertheless, each of these transactions appears as legitimate on the blockchain record as if the unwitting artist had initiated them on their own, opening up the prospect of sophisticated fraud on a mass scale.

To prove his point, on April Fool’s Day, Personne sleepminted a supposed “second edition” of Beeple’s record-smashing Everydays: The First 5,000 Days, the digital work and accompanying token that sold for a vertigo-inducing $69.3 million via Christie’s less than a month earlier. (My emails to Beeple and his publicist about the situation went unanswered.)

In our ensuing email exchange, Personne claimed he then gifted the sleepminted Beeple (Token ID 40914, for the real crypto-heads) to a user with the suspiciously appropriate handle Arsène Lupin, an homage to the famous “gentleman thief” created by Maurice Leblanc and recently reincarnated in a hit Netflix show. (Personne denied he was Lupin to the blog Nifty News.) Lupin then turned around and offered the sleepminted Beeple for sale on Rarible and Opensea, two of the largest NFT marketplaces—both of which eventually deactivated the listings. (Neither Rarible nor Opensea replied to my emails seeking comment.)

Why publicize any of this, you ask? Personne essentially sees himself as a so-called white hat hacker, meaning an ethics-driven coder who exploits technological flaws strictly to demonstrate how they can be fixed. He is a staunch believer in the potential of NFTs and crypto. However, he believes major “security issues and vulnerabilities” in smart contracts have been glossed over to make way for the gold rush. He also claimed to have launched the NFTheft project only after the crypto-community largely ignored or derided his attempts to spark earnest conversation.

The goal I want to achieve with this is to take the most expensive and historic NFT, and show that if it is not protected, how can we guarantee that any NFT is safe from intentional malice, fraud, forgeries, theft, etc.?” he wrote.

Although the sleepminting saga is hairier than a Haight-Ashbury commune, I think we can chop through the overgrowth using two questions with serious stakes for different participants in the NFT market. 

Screen grab of the NFTheft website showing details of the "sleepminted" token.

Screen grab of the NFTheft website showing details of the “sleepminted” token.

1. What does sleepminting tell us about the technological vulnerabilities of art-related NFTs?


Short Answer

The main smart contract driving the market might not be smart enough to secure the frenzied level of buying and selling we’ve seen in 2021.


Longer Answer

What’s clear is that Personne is exploiting a flaw in the standard ERC721 smart contract, which is used by the overwhelming majority of art-related NFTs transacting on the Ethereum blockchain. But it is not an easy-to-see flaw, and the effect is not being faked by Photoshop wizardry or some other non-crypto chicanery; the sleepminted Beeple really is minted in Beeple’s wallet, it really is transferred elsewhere afterwardand both of those transactions are memorialized forever on the blockchain. 

How, exactly, is Personne doing this at the level of code? He declined to elaborate, saying only that he would publicly reveal the details before initiating the next stage of the NFTheft project. Other crypto-fluent folks I talked to needed more time to investigate than my deadline would allow. But Personne revealed in one tweet that he had deployed a “custom-built” contract that did not have an unnamed ERC721 “security check in place,” allowing him to move the token from wallet to wallet without meeting the typical conditions (for instance, a buyer sending funds to meet a set sales price).

Good luck identifying the flaw, though. Kevin McCoy, the creator of the first NFT, tried running Personne’s sleepminting smart contract through a decompiler to get more insight into the source code. His highly technical, highly candid snap take on the results was that they were “fucking crazy” with “all kinds of shit going on,” but he could not decipher the actual function responsible for the mischief.

What McCoy could detect was that Personne’s customization was substantially larger and more expensive to deploy than a typical ERC721. The sleepminting contract consists of around 4,000 lines of code and cost 1.04 ETH, or about $2,500, in gas fees—roughly 12.5 times as much as it would usually cost to mint an average ERC721 token, if not more. (“Gas fees” are the term of art for the expenses charged to conduct a transaction on the Ethereum blockchain, with the price changing based on the network’s available computational resources.)

A courtroom sketch of Domenico De Sole on the witness stand with the fake Rothko painting he bought from Knoedler gallery. His case, which was separate from the one that jus settled, was the only one to go to trial. Photo: Elizabeth Williams, courtesy Illustrated Courtroom.

A courtroom sketch of Domenico De Sole on the witness stand with the fake Rothko painting he bought from Knoedler gallery. Photo: Elizabeth Williams, courtesy Illustrated Courtroom.

Why It Matters

Sleepminting is likely more sophisticated than the average NFT buyer’s understanding of the technology, making those buyers unlikely to question what appears to be blockchain-verified authorship.

This is especially important because we’re in a market frenzy for NFTs right now. Thorough vetting falls by the wayside whenever under-informed buyers flood into a largely unregulated space. Fraudsters have made millions in the past selling fake Jackson Pollocks on eBay, and the Knoedler forgery scandal proved that even knowledgeable collectors can be susceptible to high-level chicanery.  

I can’t rule out that a savvy crypto-collector might be able to detect a giveaway in either a sleepminting contract or its data trail. It’s also true that, even without Personne publicizing what he’d done, market players could use off-chain research to find out whether Beeple actually minted a second edition of Everydays—just as, say, Warhol collectors could consult the catalogue raisonné to make sure a particular Marilyn canvas is regarded as authentic.

Still, if bad actors began exploiting vulnerabilities in ERC721 contracts, it could theoretically plunge the NFT market into a forgery crisis on par with the antiquities market, where recent research showed that up to 80 percent of what is offered online is likely either looted or fake. 

Incidentally, Personne alleges that 80 percent of the NFTs on the market are “invalid and need to be redone” because of their vulnerability to sleepminting. That’s a difficult estimate to corroborate. But even if he’s overshooting by two or three times, the financial exposure would swell to millions of dollars in art-related NFTs alone. Isn’t that a prospect worth investigating?

A courtroom setup awaiting a witness. Photo: Friso Gentsch/dpa (Photo by Friso Gentsch/picture alliance via Getty Images)

A courtroom setup awaiting a witness. Photo: Friso Gentsch/dpa (Photo by Friso Gentsch/picture alliance via Getty Images)

2. Does sleepminting violate any U.S. laws? 


Short Answer

The legal exposures are murky and hard to act on, but they exist. In a way, that’s the point.


Longer Answer

At present, NFTs still occupy a legal gray zone. As of my writing, multiple cases pending in the U.S. could influence their ultimate classification. What’s unclear is how much immunity a sleepminter would have based on the lingering ambiguity.

Personne told me that, after being “thoroughly consulted and advised by personal lawyers and specialist law firms,” he is confident there are “little to no legal repercussions for sleepminting.” His argument is that ERC721 smart contracts only contain a link pointing to a JSON (Javascript Object Notation) file, which in turn points to a “publicly available and hosted digital asset file”here, Beeple’s Everydays image. (Remember, the NFT is almost never the artwork itself.)

He likened the idea of suing him to the “absurd” prospect of Apple suing “every single pedestrian for viewing or photographing their billboard in Times Square.” 

But multiple prominent art attorneys I spoke to felt Personne is standing on shakier legal ground. “If the hacker is not trying to pass the sleepminted work off as authentic and charging money for it, then he is probably not in any danger of being charged with criminal fraud,” said Steven Schindler. “If he were to be misrepresenting the nature of the NFT, and selling the works under false pretenses, then he would certainly be open to charges of fraud.”

But fraud isn’t the only issue at play here. Let’s return to Personne’s contention that the token merely points to a publicly viewable digital file. Querying the blockchain seems to show that the original Everydays NFT and Personne’s sleepminted “second edition” have two different URIs—essentially, the alphanumeric code identifying the actual image file that the token grants ownership to. This implies he downloaded the original file and re-uploaded it to a different online location. 

Further, it looks like he did so without making any changes to the work that could be positioned as “transformative,” like, say, Richard Prince cropping out the Marlboro ad copy in his Cowboys” photographs, or adding nonsensical comments to other people’s Instagram selfies in his New Portraits” series. (Two copyright infringement cases on the latter are currently pending in the Southern District of New York.)

Richard Prince. Photo: Patrick McMullan

So even though the sleepminted token is not the artwork, it still needs to point to the artwork in order to mean anything. If Personne made this happen by reuploading an unaltered digital copy of Beeple’s Everydays, as the URI suggests, then that could very well still qualify as unauthorized reproduction of an artwork whose copyright Beeple still owns.

In short, it’s possible a court could find him liable to be “in violation of Beeple’s exclusive right to publicly display his work,” according to Megan Noh, co-chair of art law at Pryor Cashman.

Personne may also be running afoul of what’s known as the Lanham Act, specifically a clause known as “false designation of origin.” Remember, the entire point of sleepminting is that its unauthorized attribution to Beeple appears legitimate on the blockchain. These claims are reasserted in the details of the sleepminted token on the NFTheft website (“Creator: Beeple (b. 1981)”) as well as the listings on Rarible and Opensea. 

The ‘statements’ on the website and/or created by the intentionally-manipulated metadata feel a lot like ‘false designations of origin,’ which could give rise to liability,” Noh said. “But there’s also an interesting question about whether an NFT can be considered a ‘good or service,’ which it would need to be for this area of the law to apply.”

Screen grab of the Rarible listing for the sleepminted token, showing the current owner as Arsene Lupin and the creator as Beeple.

Screen grab of the Rarible listing for the sleepminted token, showing the current owner as Arsene Lupin and the creator as Beeple.

Why It Matters

Personne’s copious public proclamations that the sleepminted NFT was not, in fact, authorized by Beeple may not protect him in a U.S. court—precisely because he engineered the blockchain to say otherwise. If a sleepminted token truly made it out “in the wild,” as Personne told me it did, then his exposure could only increase as the token moved through the secondary market to buyers who may be less aware of the NFTheft site, his social media presence, and any other links back to his white-hat rhetoric. 

That said, anyone who wanted to sue Personne would likely first have to untangle his identity, since it’s not easy to bring a pseudonymous party to court. Again, good luck.

Incidentally, this is one of the reasons it still seems unlikely to me that Lupin, the pseudonymous owner of the sleepminted NFT, is anyone other than the same person behind… uh, Personne. The best way to protect yourself from misunderstandings by subsequent owners is to ensure there are never actually any subsequent owners. 

Debating the legality of this particular episode misses the larger point, though. 

The NFTheft project aims to show that a gigantic proportion of the art NFT market is vulnerable to such malicious intent because of a structural flaw in the standard smart contract. If Personne were a bad actor, he could have sleepminted a much less famous NFT, kept quiet about his custom smart contract, and started selling directly to the most naive buyers he could find. That real people could be tricked into losing real money, and that anyone undertaking the ruse could plausibly be found liable for damages, reinforce why Personne’s gambit is worth our attention. 

We have already seen sophisticated hacks siphon tens, even hundreds, of millions of dollars out of cryptocurrency exchanges, decentralized financial entities, and blockchain-based “smart” organizations. Maybe it was only a matter of time before someone figured out a way to do the same to the part of the NFT marketplace that relies on ERC721 contracts. The question is whether the biggest and most influential players will take action before the black hats dig in.



That’s all for this week. ‘Til next time, remember what Upton Sinclar said: It is difficult to get someone to understand something when their salary depends on them not understanding it.

Follow Midnight Publishing Group News on Facebook: