The way I read the article, the “worth millions” is the sum of the ransom demand.
The funny part is that the exploit is in the “smart” contract, ya know the thing that the blockchain keeps secure by forbidding any updates or patches.
How exactly would that work? Keep in mind that the blockchain is by necessity not secret.
Right, but all the lock is doing is checking whether you own the NFT or not. If your house was in NFT, people could see that you bought a house, but not where it was as long as it was generic like house #40000
all the lock is doing is checking whether you own the NFT or not.
So, you’d need a method to verify who “you” are. And once again we’ve come up with a way to use NFTs that actually works better without NFTs.
Fair enough. I will say that I am not well enough versed in the topic to discuss it in depth.
How would that work in reality, how would the lock know that the NFT in question is the actual legal ownership of the house?
The only way to guarantee that is to change the law that deeds of houses can only be an NFT.
Otherwise someone could sell a house on paper, but retain the NFT to have access to the house.
An NFT lock would also have the following problems, excluding the trust of ownership in the real world.
Power to the lock is required, if your backup battery is dead then you might be locked out during a power cut.
Internet access is required, during a powercut your router will probably die as well, so even if a battery backup is working, you’d still be locked out.
Your ISP could have service interruptions, no internet, no access to the latest blockchain updates, meaning that the lock can’t trust that you actually have ownership/access, that would be an insanely easy way to hack the lock.
The only way to guarantee that is to change the law that deeds of houses can only be an NFT.
Which means that sovereign states would have to agree to no longer be the authority of who owned property, instead they’d just have to hand over all that authority to some distributed database. What’s in it for them? What’s in it for the people?
If the authority on who owns a home is a blockchain, then what happens if someone shows up at the police station, bruised and bleeding, and claims that they were tortured until they agreed to sign over the deed to their house. In the real world, the police (or at least the courts) would have authority over that deal, and if their investigation proved that someone was in fact tortured, it would mean it’s not a legitimate sale, and the ownership reverts to the original person. But, if “blockchain”, the police and courts have no authority. What’s on the blockchain is law.
I can’t really address the first part about selling the house on paper and not transferring the NFT.
I figure this thing would have cellular access as well as Wi-Fi. So if your Wi-Fi was to go down, then the cell network would be used instead. And those generally use different ISPs for fiber and often get restored first or dont go down at all since they are commercial contracts. In the event of a total internet cut, it is well known that a house does not change ownership very often, so the lock could be programmed to not accept any new keys for a period like a day. The lock would accept only the old key during that time like a cooldown period
