Today is my first day to dive into IPFS,
I have read the docs to build ERC721 with IPFS,
From my understanding of minting ERC721 with the IPFS URI, I have to put my assets such as a picture to IPFS first then, I can get a content identifier (CID) of the picture and I have to make the metadata including the CID of the picture and some optional information like name, and description for the picture. Once I generate the metadata in JSON, I have to upload it to IPFS again.
So, basically, I put my picture and the metadata which includes the CIDof the picture. Afterwards, I can mint ERC721, using _setTokenURI(id, metadataURI); in my smart contract. It means the minted token will have " ipfs:// "+“the CID of metadata” as TokenURI.
This is what I understand in order to use ERC721 and IPFS.
I have got questions from that,
- Let’s say that I have the website and there is a mint button where users can click in order to get their random pictures.
In that case, the picture and the metadata are usually uploaded to IPFS in advance, and the CDC of metadata is ready to be put into the ERC721 in general
once a user clicks on the mint button, Pictures and metadata are created and put into the IPFS in order
Which one is correct?
- The advantage from the decentralized storage is that the picture and metadata CDC will not be modified. what if someone just maliciously put same CID metadata in other smart contracts and display the same picture ?
For example, the person “A” minted ERC721 including the metadata CID pointing to his artwork CID in the website “A” using smart contract "A’, the person “B” maliciously grabs the metadata of CID from person “A” and minted another ERC721 with the CIDin the website “B” using smart contract “B”. Absolutely, the address of the smart contract A and B are different, it seems like potential buyers may get confused of which is genuine ?