OnPath Testing Blog

QA challenges presented by the NFT blockchain boom

Written by Brian Borg | Sep 07 2021

The first quarter of 2021 saw $2 billion in total sales of non-fungible tokens, or NFTs. There has been an explosion of mainstream interest in blockchain technology, chronicled by newspaper headlines like 'We're All Crypto People Now'.

That meteoric growth is decreasing, though, with sales dropping from $176 million to $8.7 million in just over a month. It's a complicated market with countless factors influencing its highs and lows. But, as the technology matures, certain concerns come into focus. Several of them are directly impacted by quality assurance and software testing.

Here are the QA challenges that have accompanied the NFT boom.

Authorization

Take it from intellectual property lawyer Rebecca Silverhart:

"The primary issue with blockchain is that many users are anonymous, if not all."

That's worth thinking about when the inherent value of your asset is tied to its provenance. The blockchain ledger can handle the transactions that take place after an NFT is created, but there's a lot of trust involved in the original authentication process.

Because blockchain technology is decentralized, it's up to individual platforms (like Nifty Gateway or OpenSea) to handle authentication. The fact that someone has already been able to "sleepmint" (or fraudulently authenticate) an edition of one of the most high-profile NFTs in existence should raise eyebrows.

It also points to the need for bulletproof processes on the part of NFT marketplaces, and of individual 'artists'. Without watertight authorization that's been tested for weaknesses, the entire value of NFTs — unique ownership — is at risk of being undermined.

Security

The QA challenge of decentralized marketplaces extends far beyond authorization to the broad realm of overall security. Each platform is responsible for its own security practices — what data is encrypted, where it is stored, how the application logic deals with malicious hacking attacks, etc. and it’s not always a foregone conclusion they've done a good job at it.

Earlier this year, a number of Nifty Gateway users had NFTs stolen from their accounts. While the blame doesn't necessarily lie with the platform itself, stronger QA could have identified the need for better identity and access management.

While it may be harder to breach or ‘steal’ an NFT without leaving a paper trail (every blockchain transaction is recorded), it has happened before, and will happen again. The marketplace is still in its infancy, so it’s likely that more sophisticated means of compromising blockchain will arise as time goes on. That "sleepminting" process is just one example of an attack that was developed as a direct response to the technology.

That makes it something worth proactively guarding against, especially when huge sums of money are involved.

In his NFT rundown, The Verge's Mitchell Clark had this to say about the technology:

“NFTs can work like any other speculative asset, where you buy it and hope that the value of it goes up one day, so you can sell it for a profit…”.

Only, unlike other speculative assets, there are more vulnerabilities. It’s no longer a matter of protecting a physical asset behind a locked door; you must protect your investment from hackers that evolve alongside the technology. Good QA security audits ensures the protections you create actually work.

Performance

NFTs are controversial for several reasons, but one of the most widely discussed is their negative environmental impact. While the major drivers behind that impact are on the hardware side of the equation, the marketplace is an entire ecosystem that includes software and process.

Identifying areas for IT efficiency, then, will be incredibly important. As more environmentally-conscious artists cancel NFT launches worth six-figure sums, any software associated with blockchain will come under heavy scrutiny for its performance. If the public recovers its initial enthusiasm for NFT marketplaces, stress and load-testing will also be a requirement. The need for streamlined, bug-free software and reduced server loads will only increase.

QA challenges beyond the bubble

The QA challenges we've discussed are just the tip of the iceberg when it comes to NFTs. That's partly because many of those challenges have yet to become clear.

The market may have suffered a slump, but many of those in the know are bullish about its future. Quality assurance will undoubtedly play a major part in ensuring its longevity.