Art Market

4 Ways Collectors Can Safeguard their NFTs

Mieke Marple
Jul 20, 2022 7:49PM
Klodin Erb
The letter, the Lock, the Magnifier, 2019
Lullin + Ferrari

Having collected NFTs since late 2017, Jason Bailey—perhaps better known by his Twitter handle, Artnome—has seen his share of ups and downs. He was the first person to buy from the platform SuperRare, as well as the first to buy an NFT by XCOPY, an artist whose 2018 NFT A Coin For the Ferryman resold for $6 million on SuperRare in November of last year. In March 2021, Bailey—easily recognizable to those in the crypto world thanks to his signature headband, long hair, and beard—founded ClubNFT, a company that aims to address gaps in the NFT space by offering a free service to back up NFTs; starting an online magazine for critical dialogue, Right Click Save; and creating a tool to search artists across sales platforms.

Arguably the least sexy but most important of these is the first one. Bailey told me that only 10% of Ethereum-backed NFTs have their artwork files stored on the blockchain, as doing so is cost-prohibitive. Most NFTs store their artwork and metadata files (the info that tells you how rare your NFT is) off chain, with the token’s immutable code pointing to the files’ off-chain location. This might come as a surprise to many NFT holders, especially those without a technical background, who didn’t even know the latter was possible. Bailey explained that 50% of Ethereum NFTs point to artwork files on decentralized servers like the InterPlanetary File System (IPFS). The remaining 40% point to files that are held on private servers, usually via platforms using AWS cloud storage accounts.

NFTs with on-chain art are the most secure and will be around for as long as the blockchain is. NFTs with work pinned to networks like IPFS are also relatively secure, as long as you back up those files, since the very nature of these decentralized systems means that their data and services can be publicly accessed. However, when it comes to owning NFTs that point to files on private servers, Bailey said, “those people are just kind of screwed.” That is because if a platform goes out of business and stops paying their AWS bills, as Bailey saw time and again in 2018, AWS will delete the data from its servers, and “you’re going to have a token in your wallet that points to nothing, and nothing can be done about it,” he said.


Bailey knows the pain of this intimately. Ascribe, the platform where he bought XCOPY’s genesis NFT for £1, went under in 2018. Despite email confirmation of his purchase, he never received the actual NFT. Bailey wasn’t savvy enough at the time, he said, to check for it. However, since Ascribe used private servers and didn’t maintain them after its dissolution, even if Bailey had received the NFT, it would have been imageless—and hence nearly worthless.

In 2021, Bailey was offered between $5 million and $7 million by a whale collector for the XCOPY work if he could somehow revive the lost and broken NFT. But he couldn’t. He was, in his own words, screwed. But Bailey doesn’t hold any grudges. “No one, including me, thought these were going to be worth a crazy amount of money in three years,” he said. “We were playing around on the bleeding edge of technology, just trying to get other people excited.”

Nonetheless, Bailey has taken this experience and made it his mission, among others, to make sure that the same thing does not happen to other people. Below are four key ways he says collectors can safeguard their NFTs—not only from platforms that might go out of business, but also from phishers and other scammers.

Man with new iPhone on the Hammersmith & City line - BREEZY curation for $WHALE, 2018

Have separate “hot” and “cold” wallets

Bailey suggests that collectors have a “hot” wallet that they connect to websites to purchase NFTs, which contains just enough money to buy the works they want. Once you’ve made your purchase, transfer that NFT to a “cold” wallet—one that doesn’t ever interact with websites and is where you keep the rest of your crypto and NFTs. This will keep you from losing everything in a phishing scam (where the entire contents of your wallet get stolen or compromised).

If you do get phished, you might lose the money that’s on your “hot” wallet, but your CryptoPunk and most of your crypto net worth will still be safe in the “cold” one. “If I’m going to buy a bagel in a sketchy part of downtown, I’m not going to drag my life savings in a bunch of sacks with a sign that says, please don’t rob me,” Bailey said, illustrating his point. “I’m going to bring the $6 dollars or whatever that I need to buy the bagel.”

Have your “cold” wallet be a hard wallet

Hard wallets, like Ledger and Tezor, are physical devices that store your seed phrase (the collection of words used to access your wallet) offline. This setup makes it impossible for anyone not physically handling the hard wallet to approve transactions. “So even if someone got access, one way or another, they would need the device in order to move it,” Bailey said, referring to the wallet’s NFTs.

If you store your hard wallet in a safe with a foolproof combination, you can pretty much guarantee that you will be the only one ever handling that device. These extra layers of security make hard wallets a safer option than web-based wallets like Metamask or AlphaWallet, which store your seed phrase online and thus may be hackable.

Back up your NFTs—and don’t buy ones stored on private servers

Do your homework and find out where an NFT is stored before you buy it. If it’s stored on a private server, don’t buy it. If it’s stored on the chain or on decentralized servers, go forth.

Afterwards, back it up by making a local copy of the artwork and metadata files on your computer. In case the platform where you bought the NFT goes out of business, you’ll be able to reupload the files to a decentralized server and still have a completely functional work. (This is the same backup process that Bailey’s ClubNFT provides for its users.)

For the NFTs you already own that use private servers, the only real preservation option is to ask the platform or artist to remint them using IPFS or a similar platform, then follow the usual backup protocols.

The Turn - BREEZY curation for $WHALE, 2020

Get custody of your NFTs

Nifty Gateway and other platforms partnering with the MoonPay crypto exchange, like Open Sea, sell NFTs that use IPFS but then hold onto the actual tokens for you. This allows them to accept fiat in lieu of cryptocurrency, and for you to own an NFT without having to own crypto or a crypto wallet. This can feel more secure than physically holding onto all your money and NFTs in a hard wallet—what if you lose it?—and if something bad happens to your NFTs, there is, at least in theory, a company you can file a complaint with.

But beware: If that custodial platform goes out of business, there is a good chance they will take your NFTs with them. Fortunately, most platforms are happy to transfer your NFT to you should you ever ask. So get a crypto wallet if you don’t have one and ask to get all of your NFTs transferred to your wallet.

The crypto and NFT spaces are in a particularly hectic market moment, but Bailey has been there before: During the crypto winter of 2018 to 2019, he saw nearly half of NFT marketplaces—platforms like Ascribe, Rare Art Labs, Editional, and Digital Objects—go belly up.

Hopefully, this cycle’s winter won’t be as bad. Still, we’d all be wise to heed Bailey’s advice and adopt these NFT collector best practices. After all, the NFT market is volatile enough. No reason to make it even more so with poor habits.

Mieke Marple
Mieke Marple is an artist based in Los Angeles.