[TeMPOraL]

> The token just contains a URL to the hosted image.

That sounds... just insane. Content under an URL can and does change. URLs themselves are not even under full control of the seller. I could get signing data itself, but signing a pointer?

EDIT: but the URL contains an IPFS hash, assuming it's not the mutable kind, maybe this is not completely crazy (or at least wouldn't be, if they included just the hash, without the gateway URL part)?

EDIT2: nevermind, I saw your other comment at https://news.ycombinator.com/item?id=26500542, which links to a Twitter thread that explains the scam in details.

[miracle2k]

I know it is hard to wrap your head around, but really, the link does not fundamentally matter. Cryptopunks are just a hash of all the images. The whole point of an NFT token is to be a digital signature, essentially. It is just a shared agreement between buyer and seller to value that signature, and as long as we know that it represents the Beeple artwork, then the fact that the technical implementation points to a porn url, who cares - that is just an aide.

In fact, the original art could even be lost (as much physical art is). People could still value the signature!

Felix Salmon gets it:

https://twitter.com/felixsalmon/status/1372242410386944014

[TeMPOraL]

I see. But to that, I can counter: described like this, it won't scale past a small group of acquaintances. The same reasoning can be applied to a verbal agreement - I can pay you for "that thing we both know", and it'll work the same... until one of us changes their mind and declares the transaction invalid. And the arguments we may have will look completely unsubstantiated to any third party we'd like to involve in it.

A lot of formalism around real laws and real money exist to make word of mouth scale. It's why people pay money accepted by everyone in their society, why they enter written contracts - of the type they can expect the court of law to treat as valid, if a dispute escalates to the point of involving third parties.

Can't shake the feeling it's just the next chapter in the story of cryptocurrencies rediscovering the hard way the last 10 000 years of social development.

[Kiro]

Yeah, and regarding using just raw IPFS hashes there's this comment further down the thread indicating not even that is enough (I know too little of IPFS to verify but seems legit): https://twitter.com/jonty/status/1372169695277760519

[TeMPOraL]

I'm two years out of date on what's going on with IPFS, but assuming the core ideas didn't change: that Twitter comment is technically right, but with caveats.

IPFS, as a P2P system, only contains the files individual users are hosting. There's no fundamental obligation to rehost other people's content - but there are various incentive schemes[0]. The address itself is a hash of file contents, so if someone were to reupload the exact same (bit-level identical) file to IPFS again, it would appear on the network with the same hash. The limit to long-term availability of any given file is whether anyone who has it is willing to keep it in the network.

--

[0] - For one, IIRC, there was some automated caching/mirroring of the files you pull using an IPFS client (not IPFS->HTTP gateway), to ensure popular files will get mirrored around the network for a while. Secondly, the team also started developing FileCoin, whose purpose was to create a scheme in which people could get paid for putting their spare storage on the network, which would be used to replicate files on IPFS. I don't know if they managed to get it to work.

My interest in IPFS started to diminish after I saw the team getting very involved in cryptocurrency world. I only care about IPFS for the P2P, content-addressable storage layer - and they kept talking about things related to Ethereum. So I stopped paying attention.

[arbol]

Moving IPFS to the crypto world has made it more of a success. I need distributed storage for an app I'm developing and I'm far more comfortable paying people to host the content instead of relying on goodwill.