Crypto Research

How to Verify an NFT Is Authentic

The contract address is the only identifier that matters for NFT authenticity — not the image, name, or listing. This post explains the five-step verification process and where it gets complicated.
Lewis Jackson
CEO and Founder

NFT authentication is less intuitive than it seems. The image isn't the NFT. The name isn't the NFT. The marketplace listing isn't the NFT. The NFT is a token with a specific ID on a specific smart contract — and that contract address is the only thing that actually matters for verification.

This is where most confusion lives. People see a CryptoPunk-looking image listed at a reasonable price and assume it must be real. But anyone can deploy a contract that mints images identical to any existing collection. The contract address is the only identifier that can't be faked.

The Verification Mechanism

An NFT exists as a token on a blockchain. It has two identifiers that both need to match:

  1. Contract address — the smart contract governing the collection
  2. Token ID — the specific ID within that contract

A correct token ID on the wrong contract is a fake. The right contract with a token ID that was never minted doesn't exist. Both have to check out.

Here's the verification workflow in practice.

Step 1: Get the official contract address

Start from the project's official source — their website, their verified Twitter/X account, or their verified Discord announcements channel. Not aggregators, not search results. The reason is simple: counterfeit collections can look nearly identical on marketplace search pages, with the same name and same images.

For major collections, most block explorers list the project's contract address, often marked as verified when the deployer has submitted source code. That verification is separate from legitimacy, but it's a useful data point.

Step 2: Cross-reference on a block explorer

Once you have the contract address, look it up on Etherscan (for Ethereum), Solscan (for Solana), or the appropriate chain explorer. Check:

  • When was the contract deployed? Does it match when the project launched?
  • How many tokens have been minted? Does it match the claimed supply?
  • What does the minting activity look like? Real projects have traceable, consistent minting history.

Counterfeit contracts often get deployed shortly after a popular collection launches — a suspicious gap between the project's announced launch and the contract creation date is worth noting.

Step 3: Verify the specific token ID

Look up the exact token ID you're evaluating. The block explorer will show:

  • Who originally minted it
  • The complete transfer history from mint to current holder
  • The metadata URI — the pointer to the NFT's attributes and image

A genuine CryptoPunk #7804 was minted in 2017 from a specific contract and has an unbroken transfer history on-chain. Any token claiming to be CryptoPunk #7804 on a different contract isn't CryptoPunk #7804, regardless of the image it displays.

Step 4: Check the metadata

The metadata URI reveals where the NFT's attributes and image actually live:

  • IPFS — decentralized content-addressed storage; the hash should be consistent across the collection
  • Arweave — permanent decentralized storage; same hash consistency applies
  • Centralized server — metadata can theoretically change; even for legitimate collections, this is a durability risk
  • On-chain — stored directly in the contract; typically the most resilient option

For collections using centralized servers, verify the domain matches what the project actually uses. Suspicious redirects or unfamiliar domains are red flags.

Step 5: Check marketplace verification

Marketplaces like OpenSea and Blur apply their own verification layers — typically a badge for collections they've manually reviewed. These aren't infallible, but a collection claiming to be a major project without any marketplace verification is worth extra scrutiny.

Where It Gets Complicated

Counterfeit collections are the obvious threat. But there are subtler authenticity questions worth knowing.

Metadata mutability. If the contract owner can change an NFT's image or attributes, what you're buying today may not be what you hold tomorrow. This is common during “reveal” mechanics — metadata updated post-mint. The question is whether mutability is bounded (“reveal once, then locked”) or ongoing.

Off-chain images. The NFT token exists on-chain, but the image often doesn't. If the server hosting the image disappears, the token remains yours — but the visual content goes with it. IPFS mitigates this if the content is actively pinned. Arweave is more durable by design. Centralized hosting is the weakest option.

Contract upgradability. Some collections use proxy patterns that allow the contract logic to be upgraded. Less common in NFTs than in DeFi, but worth checking. If the contract is upgradable, understand who holds the upgrade key.

What Would Confirm Authenticity

  • Contract address matches the project's official website and social accounts
  • Contract deployment date consistent with the project's announced launch
  • Token ID within the minted range, with a clean transfer history from the correct deployer
  • Metadata URI using IPFS or Arweave, consistent hash patterns across the collection
  • Marketplace verification badge where available

What Would Indicate a Problem

  • Contract address not listed anywhere in the project's official communications
  • Contract deployment date after the project's claimed launch
  • Transfer history originating from a contract that isn't the official deployer
  • Metadata pointing to an unfamiliar centralized domain
  • Very low on-chain activity relative to the collection's claimed prestige

Timing

Now: Contract address verification matters for any NFT transaction, regardless of value. The steps above take about five minutes on Etherscan.

Next: NFT activity is expanding to newer chains — Base, Solana, Sui. Verification workflows differ slightly by chain, but the core logic is identical: canonical contract address first, then token ID.

Later: On-chain provenance tools and metadata standards are improving. Automated verification may become more accessible. Today, it's a manual check.

Boundary Statement

This covers the on-chain verification mechanism — how to confirm an NFT's authenticity against the blockchain record. It doesn't address whether a given project has lasting value, whether off-chain metadata will survive long-term, the legal status of NFT ownership in any jurisdiction, or tax treatment. Those are separate questions.

The contract address check takes five minutes. It eliminates the most common fraud vector in NFT transactions.

Related Posts

See All
Crypto Research
New XRP-Focused Research Defining the “Velocity Threshold” for Global Settlement and Liquidity
A lot of people looking at my recent research have asked the same question: “Surely Ripple already understands all of this. So what does that mean for XRP?” That question is completely valid — and it turns out it’s the right question to ask. This research breaks down why XRP is unlikely to be the internal settlement asset of CBDC shared ledgers or unified bank platforms, and why that doesn’t mean XRP is irrelevant. Instead, it explains where XRP realistically fits in the system banks are actually building: at the seams, where different rulebooks, platforms, and networks still need to connect. Using liquidity math, system design, and real-world settlement mechanics, this piece explains: why most value settles inside venues, not through bridges why XRP’s role is narrower but more precise than most narratives suggest how velocity (refresh interval) determines whether XRP creates scarcity or just throughput and why Ripple’s strategy makes more sense once you stop assuming XRP must be “the core of everything” This isn’t a bullish or bearish take — it’s a structural one. If you want to understand XRP beyond hype and price targets, this is the question you need to grapple with.
Read Now
Crypto Research
The Jackson Liquidity Framework - Announcement
Lewis Jackson Ventures announces the release of the Jackson Liquidity Framework — the first quantitative, regulator-aligned model for liquidity sizing in AMM-based settlement systems, CBDC corridors, and tokenised financial infrastructures. Developed using advanced stochastic simulations and grounded in Basel III and PFMI principles, the framework provides a missing methodology for determining how much liquidity prefunded AMM pools actually require under real-world flow conditions.
Read Now
Crypto Research
Banks, Stablecoins, and Tokenized Assets
In Episode 011 of The Macro, crypto analyst Lewis Jackson unpacks a pivotal week in global finance — one marked by record growth in tokenized assets, expanding stablecoin adoption across emerging markets, and major institutions deepening their blockchain commitments. This research brief summarises Jackson’s key findings, from tokenized deposits to institutional RWA chains and AI-driven compliance, and explains how these developments signal a maturing, multi-rail settlement architecture spanning Ethereum, XRPL, stablecoin networks, and new interoperability layers.Taken together, this episode marks a structural shift toward programmable finance, instant settlement, and tokenized real-world assets at global scale.
Read Now

Related Posts

See All
No items found.
Lewsletter

Weekly notes on what I’m seeing

A personal letter I send straight to your inbox —reflections on crypto, wealth, time and life.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.