How to verify the authenticity of NFTs migrated to XLS-20 on the Sologenic Marketplace
October 31st, 2022 09:00 AM PST | Sologenic Development Foundation
Amidst the launch of the new XRPL-native NFT standard, the Sologenic team has devised a tool to verify the authenticity of XLS-20 NFTs that have been upgraded from the previous standard. This tool aims to detect forged NFTs by validating the signed and encoded JSON Web Token (JWT) on each NFTokenMint transaction considering Sologenic’s Public Key signature cannot be forged.
Sologenic’s Public Key
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
The user-end tool will be available on sologenic-conversion verification as soon as the amendment goes live on the XRP Ledger. Moreover, the following article will elaborate on how to verify such signature and NFT data without the tool programmatically and manually.
In order to execute the verification programmatically, Sologenic is providing an npm library to facilitate the process. The library can be installed following this path:
npm i sologenic-nft-conversion-verifier
GitHub library: https://github.com/sologenic/nft-conversion-verifier
Alternatively, follow these steps to verify the converted NFT manually:
- Grab the NFTokenID
Example NFT 000C0000ACCB60DD01C1C54C54C8155CABDAAAF18D374E9616E5B76200000001
- Search the Ownership history of this NFT, to find the NFTokenMint Transaction
Example TX E5CB61CECF5ADDA8C4C3C3AFE97ADB9AE181389470D0596A331A85A39DB3B34E
- Find the largest MemoData hex, and convert it from Hex to a String using the next tool.
- Grab the resulting JWT from the Hex decoding and head to jwt.io
- After pasting the JWT in the decoding part, head to the “Payload” section where the NFT data is put. Example payload.
6. In the payload object, you will be able to find the “token_id” property. This “token_id” should be compared to the NFTokenID of the actual NFT on the ledger, and they should match. If they don’t match, the NFT might be a forge. As well, you will be able to find the XLS14 data of the NFT; currency code as “internal_token_id” and issuer as “collection_id”
7. After verifying the data, head to the section below “Verify Signature” and paste the provided Sologenic Public Key:
— — -BEGIN PUBLIC KEY — — -
— — -END PUBLIC KEY — — -
8. Lastly, after completing the previous step successfully, you should see the “Valid Signature” message on the bottom left of the screen. If the information displayed in this section is anything else other than this, the NFT is invalid and might be a forge or it wasn’t migrated through Sologenic.
This verification path is forgery-proof, as even if the same MemoData is pasted in another NFTokenMint transaction, that MemoData contains the NFTokenID of the correct NFT and should always match. There is no possibility of forging the NFTokenID as it is encoded with a Transaction Initiator Address.
The “Sologenic Development Foundation” is an independent community of developers actively working on various open-source projects and use-cases around the SOLO and CORE tokens. More information can be found on www.sologenic.org