An unofficial and experimental Ethereum standard dubbed “ERC-404” — proposed to become a hybrid of fungible and nonfungible tokens (NFTs) — is “working around the clock” to submit an Ethereum Improvement Proposal (EIP), according to one of its inventors.
Created by pseudonymous developers known as “ctrl” and “Acme” under a project called Pandora, the standard mixes the tech behind ERC-20 fungible tokens with ERC-721, which is used for one-of-one tokens — such as the NFTs in the Bored Ape Yacht Club (BAYC) collection.
However, despite the moniker, ERC-404 hasn’t been audited, and the “ERC” is in name only.
Speaking to Cointelegraph, ERC-404 developer ctrl said getting an approved EIP is “one of the more bureaucratic things you can do.”
“It’s a lengthy process, there’s a lot of politics […] Usually, the process takes a couple of weeks.”
Ctrl was tight-lipped on who was working on the proposal, only that they have “had success with this before” and were “in a very good spot” to soon submit an EIP.
ERC-404 aims to bind ERC-721 NFTs to the ERC-20 tokens, allowing for what some have described as fractionalized NFTs, allowing multiple wallets to each own a portion of a single NFT — such as a BAYC NFT — and use that portion to trade with or stake for loans.
The ERC-404 GitHub page says the standard is experimental and the two standards it aims to mix “are not designed to be mixed,” but the project aims to fuse them in “as robust a manner as possible while minimizing tradeoffs.”
The disclaimer hasn’t stopped debate over the safety of the project. A Feb. 8 X post from a developer going by “quit” claimed NFTs that use the ERC-404 standard are possibly vulnerable to theft by ERC-404 tokenholders if the NFT was deposited in a lending protocol not correctly configured for ERC-404.
They claimed a wrongly configured protocol may not differentiate between an ERC-404 NFT and ERC-404 tokens, allowing token depositors to withdraw an NFT they don’t own.
9/ You might be able to guess what happens.
This is a valid withdrawal amount, because the depositor has a balance much higher than the request.
However, Pandora interprets it as an ERC721 transfer, and thus our token depositor is able to steal the NFT from our NFT depositor. pic.twitter.com/sQwn9828Jp
— quit (,) (@0xQuit) February 8, 2024
Ctrl brushed off the concerns raised in the post when speaking to Cointelegraph, arguing that quit “made a contract that uses ERC-404 improperly,” and because of that, “there’s a vulnerability.”
“That’s like me posting a picture of a car and explaining how I would break into it because the door is unlocked.”
Crypto wallets from exchanges Binance and OKX have announced support for ERC-404, with ctrl adding that “something would have been exploited already” if quit’s concern was an issue. He said Pandora was auditing a “more mature iteration of the standard which addresses integration.”
Related: Ethereum upgrade aimed at lowering L2 TX costs eyes mainnet deployment
Pandora — the first ERC-404 token launched on Feb. 5 by the project — has seen gains of over 1,850% in four days and a market cap of nearly $293 million, according to CoinGecko.
CoinGecko lists 12 other projects that have launched using ERC-404, including a frog-themed copy of the DeGods NFT collection that’s pulled in a market capitalization of nearly $30 million and another which is a collection of ERC-404-based NFT pet rocks.
Magazine: Ethereum restaking — Blockchain innovation or dangerous house of cards?