As blockchain and nonfungible tokens (NFTs) are still new technologies, their legal infrastructure is still developing, creating potential vulnerabilities. Three such vulnerabilities in the NFT space were exposed in our previous article, “NFT Licensing: Three Mistakes to Avoid” (available here): (1) the absence of any license, (2) unenforceable implementations of licenses, and (3) a lack of legitimate enforcement mechanisms for licenses. This follow-up article further explores solutions to such licensing failures. 

By way of overview, an NFT exists as a smart contract on a blockchain; it is a digital token that references one’s ownership of a unique digital asset, like a certificate of authenticity of, for instance, a digital image of a cat. While an NFT evidences cryptographic ownership of a digital asset, only a legal contract evidences actual, legal ownership of it. Thus, these solutions aim to unify both cryptographic and legal contracts surrounding NFTs. 

ADOPT LICENSES AT THE MARKETPLACE LEVEL

If NFT creators do not accompany their NFTs with appropriate licensing terms, they may fail to protect their own intellectual property rights. But where does an NFT creator even begin? While each NFT creator can implement their own individual sets of licensing terms, one more universal solution may be to have NFT marketplaces adopt standardized licenses from which NFT creators may choose. 

For example, one marketplace provides creators various Creative Commons license options and even a full copyright transfer, should the creator wish to sell the intellectual property itself, which would accompany each NFT listing. Another marketplace has its own licenses with specific provisions, such as non-commercial exploitation, private-use, and reproduction from which creators may choose. Such practices at the marketplace level enable an efficient way to ensure NFT creators are legally protecting the intellectual property assets using licenses.

UTILIZE CRYPTOGRAPHIC SIGNATURES TO MANIFEST ASSENT TO LICENSES

Even if a license accompanies the NFT, it may not be an enforceable contract if buyers do not manifest their assent to the license. Courts will typically enforce “clickwrap” agreements where users affirmatively accept the agreement by, for instance, clicking “I agree” after seeing the contract. Less-accepted “browsewrap” agreements, on the other hand, merely provide users a link to the terms without ever requiring the user to click “I agree” to proceed. Such agreements are unlikely to be enforceable unless the link is conspicuously presented to users, not tucked away on a webpage; and even then, there is still no guarantee that a court will find such browsewrap agreements enforceable. 

The authors aren’t aware of any NFT marketplace that has clickwrap or browsewrap infrastructure to support adequate contracting with purchasers. One convenient solution would be to utilize cryptographic digital signatures of the blockchain on which the NFT is traded. For example, on the Ethereum blockchain, NFT purchasers must “sign” each transaction to purchase an NFT (i.e., click a button in their cryptocurrency wallet.). 

The difficultly is that such cryptographic signatures are general features of blockchains, not the marketplaces themselves. Therefore, a potential solution is having marketplaces conspicuously accompany a “proceed to checkout” button with: “by signing this transaction, I agree to the NFT’s license terms,” while conspicuously showing the terms or a link to them. Such form of agreement could be enforceable, and all it would require is changing a few lines of the marketplace’s frontend code. 

ENABLE ROLE-BASED ACCESS CONTROL IN SMART CONTRACTS 

Even if NFT creators adopt license terms and they are affirmatively accepted by NFT purchasers, the terms still may not be practically enforceable. Suppose the license allows for revocation by the NFT creator if the purchaser tarnishes the creator’s brand. How will the creator actually revoke the license in the event of tarnishment, especially when the purchaser may be an anonymous individual in a foreign jurisdiction? The answer lies in NFT’s code itself (i.e., the smart contract). 

A common practice in the blockchain space is granting administrative authority over smart contracts to key individuals like core developers, accomplished through what is known as “role-based access control.” Unfortunately, this is not yet a common practice with respect to NFTs, but perhaps enabling some access control in the NFT smart contract could enable creators to execute critical functions like revoking ownership, or “burning” the NFT, if the license is breached. 

Access control in a smart contract could also be used for a number of other practical purposes. For instance, it could allow for the creation of a “whitelist” of addresses of vetted individuals who are the only people permitted to purchase the NFT. 

CONCLUSION

These approaches close the gaps between smart contracts and legal contracts to remedy core NFT licensing failures: (1) adopting standardized licenses at the marketplace level enables efficient licensing for creators; (2) utilizing cryptographic signatures allows for convenient manifestations of assent, making such licenses legally enforceable; and (3) creating role-based access control over NFTs allows for actual, programmatic enforcement of NFT licenses. 

We acknowledge the contributions to this publication from our Law Clerk, Josh Durham.