Cointime

Download App
iOS & Android

NFT Infinity Mints ♾️

Metaversal is a Bankless newsletter for weekly level-ups on NFTs, virtual worlds, & more!

Subscribe now

Dear Bankless Nation,

Visualize Value, consisting of talents like Jack Butcher and jalil.eth, is the team behind the Checks and Opepens collections. 

VV’s projects have wowed the NFT ecosystem this year, so the launch of their latest Infinity collection this week captured a lot of attention. 

The underlying mechanism is unprecedented and sure to inspire many projects to come. Unfortunately, an attacker just exploited the mechanism’s first implementation for nearly 40 ETH. 

For today’s post, let’s walk you through the Infinity collection’s basics, its exploit, and why its design is definitely here to stay regardless of the attack! 

-WMP

🦊 Thanks to MetaMask Portfolio 🦊

👉 Your web3 assets in one place, and much more

To Infinity and Beyond, Visualize Value Style 🌌

The Infinity collection 101

Introduced by jalil.eth on August 7th, 2023, the Infinity collection is an experimental cryptoart project designed to facilitate the creation of “infinite editions” with an “infinite supply of each piece.”

Unlike traditional limited-edition NFT drops, where one piece of work is made mintable a specific number of times, the Infinity collection has employed an uncapped supply mechanism, so countless variations are technically possible, plus each of these variations can be minted infinitely. 

Non-tradable and fully onchain in being created and completely stored on Ethereum, the pieces cost a fixed 0.008 ETH price to mint. Mint payments were deposited into the Infinity collection’s smart contract, which bears a refund option: burn your piece to redeem your underlying 0.008 ETH at any time, the goal being to make ownership risk-free beyond gas costs. 

The big idea here? 

With no fees, non-tradability, and the possibility of refunds at any time, the Infinity collection was created to explore art appreciation shorn of financial incentives, and all powered on Ethereum. 

Go deeper: Learning Solidity? Check out these helpful Infinity collection smart contract overviews by marka.eth and onion 🧠

🚨 Bankless Airdrop Hunter coming soon! 🚨

Become a Bankless Citizen for Access

The Infinity exploit

Today, August 10th, jalil.eth sounded the alarm after an attacker discovered a flaw in the Infinity collection smart contract and used it to drain the nearly 40 ETH stored within. 

These funds were supposed to be earmarked for minter refunds per the refund mechanism described in the previous section. In the wake of the attack, jalil.eth and software engineer cygaar published threads separately breaking down the exploit of this mechanism. 

Per these debriefs, we now know the attacker specifically took advantage of a loophole inside the contract’s “regenerateMany” function, which was intended to allow users to change the visuals of their tokens. The exploit process was as follows:

  • Step 1: The attacker passed in a single token ID but mismatched amounts to “degenerate” (e.g. 0 and 4341) and “generate” (e.g. 4341 and 0), taking advantage of the lack of a check for matching token counts. 
  • Step 2: The contract was then commanded to burn 0 tokens and mint 4,341 new tokens for free. 
  • Step 3: The newly minted tokens were then used to withdraw the contract funds, effectively stealing the ETH. 

In response to the attack, jalil.eth has temporarily shuttered the Infinity collection’s website (previously available at infinity.vv.xyz) and Visualize Value announced full refunds for all affected depositors. 

Why Infinity mints are here to stay

To be sure, this incident serves as a reminder that rigorous testing and careful code review is always a good thing. Yet on the flip side, the Infinity exploit almost didn’t happen. 

“In an earlier test contract on the Goerli test network, this bug did not exist since I checked the length of the inputs are the same,” jalil.eth noted in his initial post-hack thoughts. 

This checking function was cut later to save on gas costs, hence the mainnet exploit. That said, the flaw is now understood by the creator and the community, so it’s no stretch to assume the Infinity collection and other inspired projects will rise with updated implementations. In the very least, it’s totally possible. 

Down for now but not out, right. The collection’s original announcement noted plans for new features and compatibility across multiple Ethereum Virtual Machine (EVM) chains, so rebooting the project would allow Visualize Value to follow through on its expansion plans. 

Yet it’s not just VV and an official Infinity collection reboot that’s of interest here. This “infinity edition” format is a new style altogether in the NFT ecosystem, and it points to new design spaces regardless of what VV does next here. 

What I’m getting at is how others can expand on the model!

For example, consider how an artist could add something like a 5% mint tax to an infinity-style mint, so they could keep a portion of the proceeds and minters could still get refunded with 95% of their underlying deposit later. Boom! New monetization model for creatives. 

There are other instances you can imagine here, like an infinity-mint system employed in a web3 game as refundable deposits players use to access a rare dungeon, and so on and so forth. 

My grand point, then, to close things out? There’s no going back. We’re now poised to see many more “infinity edition” experiments in the years ahead, and it’ll be interesting to track all that’s to come here accordingly!

Action steps

A Bankless Citizen ⚑ turned $264 into $6,077 last year. A 22x ROI 🚀 in a bear market!

Level up

🙏 Together with 🦊 MetaMask Portfolio 🦊

The web3 ecosystem is an expansive world, full of endless opportunities for those curious enough to explore them! Head over to MetaMask Portfolio to get started, where you can view your assets in one place and discover other features such as Buy, Swap, Bridge, and Stake.

Not financial or tax advice. This newsletter is strictly educational and is not investment advice or a solicitation to buy or sell any assets or to make any financial decisions. This newsletter is not tax advice. Talk to your accountant. Do your own research.

Disclosure. From time-to-time I may add links in this newsletter to products I use. I may receive commission if you make a purchase through one of these links. Additionally, the Bankless writers hold crypto assets. See our investment disclosures here.

Comments

All Comments

Recommended for you

  • Whale Transfers 1,133 BTC to Coinbase Prime, Valued at $71.48 Million

    According to Onchain Lens monitoring, a whale transferred 1,133 BTC from Coinbase to Coinbase Prime through an intermediary wallet, valued at $71.48 million.

  • U.S. AI Chip Stocks Decline Before Market Open, Intel Falls Over 3%

    On July 7, U.S. AI chip stocks experienced widespread declines before the market opened. Intel dropped over 3%, while AMD, Qualcomm, and NXP fell more than 2%. TSMC, Broadcom, and Tesla decreased by over 1%, and NVIDIA declined by 0.7%.

  • China's Central Bank Increases Gold Reserves for the 20th Consecutive Month

    As of the end of June, China's gold reserves stood at 75.44 million ounces (approximately 2,346.446 tons), an increase of 480,000 ounces (about 14.93 tons) from the end of May, which reported 74.96 million ounces (approximately 2,331.52 tons). This marks the 20th consecutive month of gold accumulation.

  • China's Foreign Exchange Reserves in June at $341.6262 Billion

    On July 7, China's foreign exchange reserves for June stood at $341.6262 billion, a decrease of $26 billion from the end of May, representing a decline of 0.75%, with expectations set at $343.2 billion.

  • U.S. Storage Stocks Drop Pre-Market, SanDisk and Micron Down Over 4%

    On July 7, U.S. storage concept stocks collectively fell in pre-market trading. Western Digital dropped over 5%, SanDisk and Micron Technology fell over 4%, Seagate Technology declined over 3%, Rambus fell over 2%, and SMI fell over 1%.

  • U.S. Stocks in Optical Communication Sector Drop Pre-Market

    On July 7, stocks in the optical communication sector of the U.S. market collectively fell pre-market. Astera Labs dropped over 4%, while Marvell Technology, Credo Technology, and AXT Inc. fell more than 3%. Tower Semiconductor, MaxLinear, Corning, Applied Optoelectronics, GlobalFoundries, Lumentum, and Qorvo all declined by more than 2%. Coherent, Nokia, Amphenol, and Broadcom dropped over 1%.

  • Pre-market Decline in U.S. Storage Stocks

    In pre-market trading, U.S. storage concept stocks experienced a widespread decline, with Micron Technology falling by 4.8%, SanDisk dropping over 4%, Corning down more than 2%, and Intel decreasing by over 3%.

  • Two Departments: Support for Reinsurance Institutions to Increase Capital and Issue Supplementary Capital Tools

    On July 7, the National Financial Supervision and Administration Bureau and the Shanghai Municipal Government released several measures to accelerate the construction of the Shanghai International Reinsurance Center. Among these measures, they proposed to enhance the quality and efficiency of the reinsurance industry, support reinsurance institutions in increasing capital and expanding shares, and issuing supplementary capital tools to improve the capacity for internal capital accumulation and external capital supplementation, thereby strengthening the reinsurance industry's capabilities. The initiative aims to guide the insurance industry to focus on major national projects, strategic emerging industries, and livelihood security, consolidating insurance and reinsurance underwriting capabilities to enhance risk protection levels. It also supports reinsurance institutions in leveraging their professional technical advantages to assist the insurance industry in reducing risk.

  • Sources: Saudi Arabia Plans to Expand Oil Pipeline to Red Sea, Increasing Capacity by 2 Million Barrels Daily to Bypass Strait of Hormuz

    On July 7, five informed sources revealed that Saudi Arabia is considering expanding the crude oil pipeline capacity to its western coast on the Red Sea, allowing Saudi Arabia and its neighbors to transport more oil without passing through the Strait of Hormuz. This east-west pipeline, built in the early 1980s, has gained strategic importance since the outbreak of the Iran war in February and the disruption of shipping in the Strait of Hormuz. The pipeline can deliver up to 7 million barrels of crude oil per day to the Red Sea port. The CEO of Saudi Aramco stated in May that approximately 2 million barrels are supplied to west coast refineries, while about 5 million barrels are for export. Sources indicate that Saudi Arabia is in preliminary discussions with some neighboring countries regarding the pipeline expansion, aiming to add about 2 million barrels of pipeline capacity per day. It remains unclear whether Aramco's planned expansion involves upgrading existing infrastructure or constructing new pipelines. One source mentioned that the expansion plan also includes a smaller refined oil pipeline. Two sources indicated that the expansion scale could range from 1 million to 2 million barrels per day, with refined oil also being considered. Another source stated that the project would take several years and cost billions of dollars, requiring adjustments to Saudi crude pricing mechanisms.

  • Citi: Tencent's WorkBuddy Gains Momentum, Maintains 'Buy' Rating

    On July 7, Citi released a research report stating that, according to the latest industry data, Tencent's AI agent product WorkBuddy has reached 20 million monthly active users (MAU) and over 13 million daily active users (DAU), with a DAU/MAU ratio between 65% and 75%. Considering the product has only been launched for a few months, user stickiness and daily engagement are performing strongly. Citi quoted Tencent's management as saying that in terms of daily active users, Tencent is leading its Chinese peers in the deployment of AI agents. Early user data reflects strong natural growth for both CodeBuddy and WorkBuddy, with high retention rates. Early users are interacting with the AI agents for long durations and with high frequency, creating a positive feedback loop. It is expected that AI products will become a key revenue source for Tencent Cloud. The firm believes that WorkBuddy's success demonstrates the strength of Tencent's ecosystem, the synergy between various productivity tools, and users' trust in Tencent's products and security. Citi maintains a 'Buy' rating on Tencent with a target price of HKD 763 unchanged.