Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Non-Fungible Token Security



Peter Mell, Dylan Yaga


Non-fungible token (NFT) technology provides a mechanism to enable real assets (both virtual and physical) to be sold and exchanged on a blockchain. While NFTs are most often used for autographing digital assets (associating one's name with a digital object), they utilize a strong cryptographic foundation that may enable them to regularly support ownership-transferring sales of digital and physical objects. For this, NFT implementations need to address potential security concerns to reduce the risk to purchasers. This publication explains NFT technology and then identifies and discusses a list of 27 potential security issues. All of the identified issues can be addressed through use of a systematic security approach that promotes a secure design and implementation.
NIST Interagency/Internal Report (NISTIR) - 8472
Report Number


blockchain, definition, ERC-721, non-fungible token, properties, security, smart contract


Mell, P. and Yaga, D. (2024), Non-Fungible Token Security, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed April 19, 2024)
Created March 1, 2024