By Drew Hinkes, Elizabeth Thomsen, Josh Durham

As blockchain and nonfungible tokens (NFTs) are still new technologies, their legal infrastructure is still developing, creating potential vulnerabilities. Three such vulnerabilities were exposed in our previous article, available here. We have now issued a follow-up Alert that explores solutions to such licensing failures.  This blog is a high-level summary;  the full alert can be found here.

1. How to deal with NFTs that are not accompanied with appropriate licensing terms: Adopt Licenses at the Marketplace Level

If NFT creators do not accompany their NFTs with appropriate licensing terms, they may fail to protect their intellectual property. While each creator can implement their own set of licensing terms, a more universal solution is having NFT marketplaces adopt standardized licenses.

For example, one marketplace provides various Creative Commons licenses and even a full copyright transfer. Another marketplace has its own licenses with provisions such as non-commercial exploitation. Offering standardized licenses at the marketplace level enables an efficient way to ensure NFT creators are legally protecting their intellectual property.

2. How to Deal with the failure of buyers to consent to the license terms: Utilize Clickwrap and/or Cryptographic Signatures to Manifest Assent to Licenses

Licenses are typically unenforceable if buyers do not manifest their assent to them. Courts will often enforce “clickwrap” agreements where users accept an agreement by clicking “I agree” after seeing the contract.

Cryptographic signatures are general features of blockchains, not the marketplaces themselves. Such signatures are required to execute a transaction, and are usually done by clicking “sign” or “confirm” within one’s cryptocurrency wallet.  Therefore, a potential solution is having marketplaces conspicuously accompany a “proceed to checkout” button with: “by signing this transaction, I agree to the NFT’s license terms,” while conspicuously showing the terms.

3. How to deal with practical enforcement issues: Enable Role-Based Access Control in Smart Contracts

Even if NFT creators adopt license terms and they are accepted by NFT purchasers, the terms still may not be practically enforceable. For example, how will creators actually revoke the license and NFT if purchasers are anonymous individuals in foreign jurisdictions?  The answer lies in NFT’s code itself (i.e., the smart contract).

A common practice in the blockchain space is granting administrative authority over smart contracts to individuals like core developers, accomplished through what is known as “role-based access control.” While this is not a common practice with NFTs, creating such access control would enable creators to execute critical functions like revoking ownership of NFTs if the license is breached.


These approaches close the gaps between smart contracts and legal contracts to remedy core NFT licensing failures: (1) adopting standardized licenses at the marketplace level enables efficient licensing for creators; (2) utilizing cryptographic signatures allows for convenient manifestations of assent, making such licenses legally enforceable; and (3) creating role-based access control over NFTs allows for actual, programmatic enforcement of NFT licenses.

This is just a summary; for more information, see our entire article here.