NFT Safety and Data Science: An Interview with ClubNFT

This is the beginning of a new series dedicated to DeFi and Web3 safety where we help you understand the latest trends and projects, uncover common pitfalls and profile the most interesting projects and protocols tackling those pitfalls.

ClubNFT, created by Jason “Artnome” Bailey and former Google software engineer Chris King, made a splash during the summer of 2022 with their magenta headbands and a campaign encouraging Tezos users to back up their non-fungible tokens (NFTs). Their backup tool can now protect Ethereum wallets and is being integrated into a number of NFT marketplaces, including KnownOrigin.io.

Last week ClubNFT launched “Pathfinder,” a discovery tool that uses downloaded wallet data and a number of filters to suggest potentially interesting artwork to their users. Spectral Finance spoke to them about their new tool, took a peek under the hood, and asked for advice about collecting NFTs safely.

Some basic guidelines for NFT Safety

• Marketplaces and protocols can crash: Back up your NFTs
• Use hot and cold wallets: If you were to go to the bagel store, you wouldn’t bring your life savings.
• Use a hardware wallet too: It’s a huge upgrade to your cybersecurity posture and will protect you from keyloggers.
• Don’t ever share your seed phrase: It’s like religion and politics. Never, ever, ever even talk about it.
• Beware confidence tricks: They prey on your greed. If an NFT offer sounds too good to be true, it is too good to be true.

For more information, be sure to check out ClubNFT’s safety course.

Who else is tackling an interesting problem in the DeFi space? Come join our Discord server to continue the conversation.

Read the Full Transcript

Spectral: Congratulations on launching Pathfinder! Tell us more about ClubNFT and your new tool.

Jason Bailey: We started ClubNFT a little over a year and a half ago. We saw three things we wanted to solve that we felt were missing from the marketplace.

One, as an early collector, I was telling people how great NFTs were back before we were even calling them NFTs and I was saying, “it's great because the blockchain is this magical thing and NFTs will just always be there for you. And you don't have to depend on any marketplaces or any other third parties.” And then when we saw that crash in 2018, a bunch of our NFTs became either inaccessible or were pointing to broken images. And I thought, well, that's a pretty big problem.

During the 2018 crash, a bunch of our NFTs became inaccessible or pointed to broken images. And I thought, well, that's a pretty big problem.

The second was coming from having one foot in the traditional art world. I was really disappointed, particularly last year, with the way that a lot of people were treating artists and collectors in the NFT space, basically saying, “Well, these aren't real collectors, they're all just flippers and these aren't real artists. They're just hanging images, you know, on the blockchain or whatever. And it's like, you know, it's not real art.”

This is probably the biggest art revolution of my lifetime. So we launched Right Click Save [Magazine] as sort of a solution for that.

And then the third issue. There's this paradox of choice where with more and more blockchains comes, and more and more marketplaces and more and more artists and more and more art, it’s made it harder for me and my collector friends to find something, you know, that we like or that we want to collect.

We thought what we really need is a way to surface artists that are great, that people are going to love, that they just haven't found yet. So Pathfinder is a way to cut through all of this art and more efficiently connect collectors with artists that they love, and design an algorithm and an interface that encourages collecting a wider, broader base of artists.

If we think about it as a problem, it’s “how are collectors going about finding new artists today?” What does that process look like? And having onboarded, you know, probably well over 100 collectors in the last five years, I started asking them and they all said essentially the same thing.

Chris and I always laugh because they kind of always said it as if it were a secret. They would get into a hushed tone and they would say, “oh, so what I do, I go look at the collection, the collections from the artists and the other collectors I respect and I see who they're collecting that I haven't collected yet.” And we thought, well, that sounds like an algorithm to us, right? We decided to augment that natural process of discovery, and not just go one level deep, but multiple levels deep to see everyone who's collected.

We did a manual walkthrough, looking at my own collection and a lightbulb turned on. Right away, it produced this list of artists that I didn't have yet. And I loved all their work and even the ones that I didn't immediately fall in love with their work. I had it in the back of my head, “Well, this person's being collected by the people I respect. You know, maybe I should look a little bit closer.” So that was sort of the birth of the idea.

Spectral: So what’s under the hood? Do you have a recommendation system? Is it a social graph? How does it work?

Chris King: It's very much a person-centric algorithm. We're not doing, you know, machine learning, image recognition, like, “oh, it seems like you like red NFTs, here's a red NFT.”  With people, when they collect art, it matters who the person is, who the artist is, which other collectors are collecting that artist, and so on. It’s very person-focused. Right now, there are sites where you can plug in a collector’s name that, and see in real-time what they're collecting. And that's great if you know all of the collectors you want to be following. But that's not always true. It's also not always true for serious collectors like Jason.

With people, when they collect art, it matters who the person is, who the artist is, which other collectors are collecting that artist, and so on. It’s very person-focused.

There are a lot of collectors out there that Jason would respect but he might never get to know them even though they’re doing interesting things, and buying NFTs from artists Jason has never heard of before. So our algorithm doesn't ask, “Hey, Jason, who are your heroes? Let's go follow them.” It's like, “Hey, Jason, I'll bet that all of these collectors that we have found, based on your collecting habits, are people that you would like to see. They're similar in many ways. But they’re also different. Let's look at the difference.” And that's how we kind of broaden out what you're actually going to be finding.

So it's not like you're in an echo chamber of everybody who is identical to Jason buying this thing. It's more like one of the new things that people who are similar to you are doing that you would not start open on your own.

On the technical side, we actually use a number of different kinds of machine-learning type algorithms and we have a collaborative filtering system that takes all of these recommendations and groups them together. But the TL;DR is that it's really every one of those algorithms is doing that person-based approach where it's, “let's look at artists, let's look at collectors, and let's look back at artists from there.”

Jason Bailey: You should mention the filters!

Chris King: Yes! On the algorithmic side, we're doing PageRank and random walk and all of these are interesting. But once we've actually identified what our algorithm really does, it doesn't identify which NFTs you should buy. It identifies artists that you should know about. Right now, it's kind of, you know, imagine an NFT recommendation website where it's like, “Here's a list of artists’ names and their Twitter handles.” We want to show you their work in a representative piece of work that you might actually want to collect. So once we've identified the artists that you really ought to know about, then we give you all kinds of tools.

A lot of people are really only interested in effectively, you know, one-of-ones, and some people are a lot less picky, or maybe they actually want to be part of a larger collection because that establishes, you know, a floor or whatever.

So we allow you to filter out artists based on edition sizes, the price, and we're looking at what numbers are available on primary and secondary markets because some people actually prefer to collect on secondary markets and don’t want to be the ones trying to snipe on primary. So it's fantastic in that it gives you this ability to filter out the results. But it's all coming from the same base of artists that we're recommending, which changes, you know, as you buy an NFT, as the people in this kind of cohort that we've built around buy NFTs, it adjusts and suggests new stuff. So you're always going to be getting a new and interesting set of results.

It's kind of magical because when you crowdsource the wisdom, you don't need to do a whole lot more from there.

You can also plug in someone else’s [TEZ] address and look at their recommendations. Or combine them with your own. Just plug in your address and theirs. Boom. Here are the recommendations. So there's like a billion ways you can play with this thing and get some really cool results out of it. It's just kind of magical because when you crowdsource the wisdom, you don't need to do a whole lot more from there.

Jason Bailey: The other cool thing is that because we don't sell anything at the moment... This is where other recommendation systems were falling short for me (I'll leave the names out to protect the innocent). They're often just trying to sell either what's most lucrative for them to sell, or they're trying to sell what they think is most popular across the board.

I would go to some of the largest sites, NFT marketplaces, and they’re recommending all these PFP projects. I don't even collect PFPs, but they're just saying, well, this is popular, so, you know, maybe you'll like it because it's popular. Or they would, as Chris alluded to it earlier, would really... and this isn't just NFT recommendation engines, this is art recommendation engines in general... I've done a fair amount of research on them... They often think that the most complex engine is going to give the best result.

Chris hinted at what this really is. Art collecting is very much a social activity, arguably more so than it is, let's call it an aesthetic or a visual activity.

Art collecting is very much a social activity, arguably more so than it is an aesthetic or a visual activity.

So this idea that somehow I like images with, you know, you can measure things like, how busy or how much detail there is in an image or how much contrast there is. There are a lot of things that, you know, you could measure, but all the engines and research that I've seen that use this don't really work. Just because one of my NFTs is red or seven out of ten are red doesn't mean I want to see this random red NFT that likely has nothing to do with what I care about.

So I think it's a uniqueness of our position that we don't have sort of the perverse incentive of having to get people to buy things that are, you know, lucrative for us.

And then also there’s a sort of Occam's Razor kind of thing, where the beauty of the system is actually the simplicity.

I've worked quite a bit with other folks on the AI front and sort of the art sorting and you know, recommendation and trying to automatically price things. And while those more, let's call it even more sophisticated or complex systems can seem exciting, I actually don't think they're anywhere near as useful [as a community].

Spectral: One of the big kinds of things people are talking about right now are NFTs and reputation, and NFTs and identity. Do you have any insights about that? It's interesting that you don't collect PFPs.

Jason Bailey: I've had a couple of PFPs here and there or whatever, but it's very often the case that projects are like they go and find an artist on Fiverr, and it's not really about the artist. It's about a marketer who came up with like, you know, “Crazy Zebras” or whatever. They go find someone and they never mention the name of the artist. And it's just like a bunch of zebras. And what they're really good at is pumping the market and trying to get Crazy Zebras to go up in value.

Now that's cool. It's actually like, I'm not like a purist. I think market dynamics are super interesting. Right? And I actually like to gamble a little bit here and there. So, you know, I'm not entirely frowning upon that mechanism, but my life, at my core, what I care about is art and artists, right? So there's a little bit of a separation there, I think, in terms of those markets and what the objectives are.

Chris King: My personal perspective on this is that, you know, if people are trying to find a personality in one NFT, I mean, some people actually pull it off because they create a brand. They create a personality around the thing. It's just their, you know, their starting point for something. Punk6529 is not punk6529 just the NFT, he's everything he's built around that.

To the degree that you own a bunch of NFTs that says more about your personality than like, "Oh, I'm going to pile in on this project, and that says something interesting about, you know, personality and identity." It's something that you build. But that said, on the more technical side, identity management is an unsolved problem in the blockchain because it's been solved too many times.

It would be great if there was one identity solution that everybody used across every blockchain. Right now, you know, we have 100 different ones and everyone has the idea of, "well, I'm going to build the one that takes over, and now we have 101." So it doesn't help to write identity management just in terms of understanding who a person is.

While artists have multiple wallets on multiple blockchains, and there's no one place that everyone goes to look to say, "just tell me what all of this artist's wallets are, what are all of these collectors' wallets are...". So just tying together identities in that sense, on a technical side, that's a huge unsolved problem. Right now our discovery algorithm works great on Tezos.

Ethereum is fractured, there are different collections, and you have to hunt down wallets manually.

[On Tezos] it's actually relatively straightforward to figure out what all of the NFT and artists who created them are. On Ethereum, it's way more fractured, there are different collections, and you have to hunt down wallets manually. What are all of the collections that were created by artists on different platforms?

You can't just say, "I know this person’s wallet, show me everything that they created." So it was actually easier for us to develop Discovery, which is based on people and their identities, on Tezos.

As we look to move toward expanding on Ethereum now, we don't yet have the problem solved. We have to solve the problem of tying people together across the blockchain. And so it's messy, this identity on the blockchain problem.

Jason Bailey: And the only other thing I would say on the identity front that is, again, I think a thing that our solution solves sort of beautifully is that it doesn't matter that I don't like PFPs. If you love PFPs, when you put your wallet in, it's going to go and find them. Like, you know, maybe you love photography and I love AI or, you know, you love generative art and I don't or whatever.

That's kind of the beauty of it, it's not trying to give people what Jason likes unless you want it to; it's trying to give you what it thinks you like. But not just that either. It's trying to expand and broaden the number of artists that reflect what you want.

Spectral: This is a good way to kind of segue into some of the safety issues. You said that there are a lot of problems with, putting together Ethereum identities. Is that one of the big issues with NFT safety? I'm curious why you started with backing up NFTs.

Chris King: Yeah, that's a perfect question. So on Tezos, something like 99.9% of all NFTs on Tezos are actually stored on IPFS. On Ethereum, which got started sooner, everybody has their own standard. There's no universal standard that everyone uses [for storage]. Only about 10% of their NFTs are entirely on the blockchain now. Those are like Ethereum domain names (ENS) and maybe, you know, some text-based ones, but very few art-based NFTs are actually represented. For the other 90%, for about 40% of these NFTs, the artwork is actually stored on a website, e.g. /my_picture.jpeg. And the other 50% are stored on [the Interplanetary File System] IPFS.

Even Opensea is effectively a startup. In terms of age, most startups go out of business. What happens to the artwork they host if they do?

We believe IPFS is the best practice for storage. And the reason that we started with storage as our first product is because, well, you know, we're kind of in a crypto winter. It's very possible that marketplaces might start going out of business just saying, you know, they're startups. You know, we're so early in this, even Opensea is effectively a startup, right? Just in terms of age, most startups go out of business. So when these websites start shutting down, if your NFT is pointing to that marketplace’s website for the image, that NFT is broken because there's nothing you'll ever be able to do to fix their company website unless you buy their domain name. And only one person can do that.

So about 40% of those NFTs are just kind of doomed, like permanently. There's nothing you can do about it. So the other 50% with IPFS, it's like a magical web server that everybody can upload to. So even if the marketplace goes out of business and they're no longer uploading that file to their web server, if you have the file, you, the NFT owner who actually owns the thing, if you have the image and the metadata, could download that image from IPFS and boom, have it magically working again. So we think IPFS is the best practice. It's the only really permanent solution, assuming you take one big step which is backing up the artwork so you have it. Unfortunately, the process of like tracking down all of the images and metadata for each NFT is extremely technical and also really, really, really time-consuming. I mean, I did it once just to make sure I knew what I was doing. I'm never doing it again. So we built a tool and it does that all for you automatically, which is kind of great.

Spectral: Do you have any other kind of general best practices about different kinds of threats to NFT users?

Chris King: Yeah. We've done a lot of talking about this, especially lately. In fact, we put together about an hour's worth of like videos, just educating people about the threads. They're all available on the website. But, you know, the TL;DR is, you know, there are a bunch of different types of scams that, you know, most of them are actually just classic confidence tricks, effectively, you know, like, do you want to cheat?

The TLDR is there are a bunch of different types of scams that are actually just classic confidence tricks.

Do you like to get rich quick, you know, just preying on your greed? And then it's like, Oh, turns out you were a sucker. But there are a couple of things that are new just because the technology is unfamiliar. So, you know, protect your seed phrase, never, ever, ever even talk about it. It's kind of like, you know, religion and politics.

If somebody brings up seed phrases, you don't want to talk to that person, they're a scammer. And the other one is to use a hot and cold wallet. And actually, I think Jason should give this, his analogy is beautiful.

Jason Bailey: For a long time I was doing this the wrong way. And people don't always understand, like, why do I need to use two wallets? And the analogy I use is like if I were to go down the street to the bagel store or the bagel shop or whatever, I wouldn't take all of my wife's jewelry and all of our life savings and like all of these things and put them into a bag and drag it down to buy a $5 bagel.

I wouldn't take all of my wife's jewelry and all of our life savings and like all of these things and put them into a bag and drag it down to buy a $5 bagel.

I would just take five bucks and I would go down to buy the bagel because why would I risk, like, all of my wealth just to live with a sign that says “rob me!” just to go to transact, to buy a bagel? Right. Well, that's effectively when people use one wallet to store all of their NTFs and all of their cryptocurrency, and then they go shopping to buy new NFTs with that same wallet. If they connect to a marketplace, they've never heard of it before, they could accidentally give permission over to access that wallet. And someone can just drain all of their, you know, all of their wealth, all of their NFTs, and all of their cryptocurrency.

So the answer is actually super simple. Just, you know, use two wallets. You use one wallet where you keep 100 bucks or whatever it is you think you're going to be spending on NFT for the next week or so, probably more if you're using Pathfinder because you buy a lot more NFTs, and you go out and if someone hacks you and you lose your 100 bucks, hey, no big deal.

If someone hacks you and you lose all your NFT and all your cryptocurrency because you're shopping with a single wallet, you know, that wouldn't be very good, right?

So sometimes, again, non-technical people, when you start talking about wallets and mobile wallets, they get kind of confused. But it's like that bagel analogy seems to like people are like, Yeah, why am I going to all these random stores and agreeing to get permission and connecting with my wallet and basically have like, you know, half my life savings sitting on the other side and then the other one and I'll, I'll let Chris cover this one.

Hardware wallets are a great idea.

Chris King:  Yeah. You know, the technology for these software wallets, you know, Metamask or on Tezos, Temple wallet, are pretty secure and everything's encrypted but you know nothing's going to protect you if you get a virus that's logging your keystrokes.

Now, if you just have a hardware wallet like Ledger, for example, or Trezor, all of the secrets, all of the mathematical, magical stuff that makes the blockchain work that's not even stored on your computer at all anymore.

Now it's on this little thing, and if somebody is going to hack you, they need to steal your password. They need to hack your computer, and then they need to, like, beat you up and take the hardware, right? Because they can't do anything with only one. They need both. So a huge upgrade to people's, you know, general cybersecurity posture just by having a hardware wallet.