How to build ERC721 with IPFS?

Hello,

Today is my first day to dive into IPFS,

I have read the docs to build ERC721 with IPFS,

From my understanding of minting ERC721 with the IPFS URI, I have to put my assets such as a picture to IPFS first then, I can get a content identifier (CID) of the picture and I have to make the metadata including the CID of the picture and some optional information like name, and description for the picture. Once I generate the metadata in JSON, I have to upload it to IPFS again.

So, basically, I put my picture and the metadata which includes the CIDof the picture. Afterwards, I can mint ERC721, using _setTokenURI(id, metadataURI); in my smart contract. It means the minted token will have " ipfs:// "+“the CID of metadata” as TokenURI.

This is what I understand in order to use ERC721 and IPFS.

I have got questions from that,

1. Let’s say that I have the website and there is a mint button where users can click in order to get their random pictures.

In that case, the picture and the metadata are usually uploaded to IPFS in advance, and the CDC of metadata is ready to be put into the ERC721 in general
or
once a user clicks on the mint button, Pictures and metadata are created and put into the IPFS in order

Which one is correct?

2. The advantage from the decentralized storage is that the picture and metadata CDC will not be modified. what if someone just maliciously put same CID metadata in other smart contracts and display the same picture ?
   For example, the person “A” minted ERC721 including the metadata CID pointing to his artwork CID in the website “A” using smart contract "A’, the person “B” maliciously grabs the metadata of CID from person “A” and minted another ERC721 with the CIDin the website “B” using smart contract “B”. Absolutely, the address of the smart contract A and B are different, it seems like potential buyers may get confused of which is genuine ?

1. You could only allow valid CID in your front-end when minting OR a back-end could use IPFS and return the CID from the file the person upload OR (harder) use IPFS in browser and make sure the CID is always pinned somewhere.

2. You are correct it cannot be modified and can be archived with Filecoin but you cannot prevent other ppl from copying your content. Your smart contract would be the original and any other NFTs fake ones.

Thank you for the answer

From the first answer of yours, what I understand is that I need to prepare the valid CDC (metdata) first. However, how can I keep all of the valid CDC? Do I need my own database ?

Let’s say I have 10 pictures which means 10 valid CDCs of metdata for the pictures. Once a user in my website mints ERC721, my first index out of 10 CDCs will be put into the minted NFT. In that case, the first index CDC will be fetched from my DB? or is there any ways to manage it?

Ah you want ppl to mint YOUR images as NFTs. Well in that case, yes you would need to store the CIDs somewhere OR you could pre-mint then sell.