Non-Fungible Tokens (NFTs) are widely used nowadays for managing digital assets in many applications due to their ability to uniquely identify an asset and securely transfer and trace its ownership. Some scenarios require digital assets to be mutable, i.e., users should be allowed to update asset attributes over time, thus introducing possible security issues, since unwanted (or even malicious) updates could significantly decrease assets’ value. While various methods for NFT mutability exist, they often lack integrated, fine-grained, and on-chain enforceable authorisation models. This paper addresses this issue by considering an NFT expansion, named Non-Fungible Mutable Token (NMT), which natively supports the update of the attributes characterising each digital asset while guaranteeing a strict and fine-grained control over such updates. In fact, the NMT approach embeds an on-chain security support based on the Attribute-Based Access Control model within the NMT architecture, aimed at regulating, through access control policies enforcement, the execution of all the update operations defined on digital assets, from new token minting to ownership transfers and attribute updates.We propose a detailed architecture for NMTs and we outline the involved smart contracts structure, including the on-chain access control system. We validate our proposal by implementing it for two common use cases, wearables and digital event tickets in the metaverse, and by conducting an experimental evaluation of the deployment and execution costs. Moreover, we simulated the usage of NMTs over a given time interval to estimate the sustainability of the proposed approach over time.
Maesa et al. (Fri,) studied this question.