NFT Metadata Storage

An NFT token is a ledger entry. What collectors care about — the image, traits, animation — usually lives in a JSON file somewhere else. That split is where rug pulls hide: change the JSON at the same URL and the on-chain token ID is unchanged but the art is not.

OpenSea and other marketplaces cache metadata aggressively. Even after you pin correctly, stale CDN cache can show old images for hours. Use content-addressed image fields inside JSON so trait URLs cannot be swapped without changing the parent CID.

Audit collections before buying: resolve tokenURI from contract storage, fetch from multiple gateways, compare image hashes, and check whether the contract owner can still call setBaseURI. A decentralized pointer with a centralized update key is theater, not security.