0xSauce

According to this Dune Analytics dashboard and by the end of July 2022, NFTs blacklisted by the marketplace came to 24,000 ETH. This number is according to the floor prices of each aforementioned NFT collection. Centralized marketplaces such as OpenSea blacklists an asset and prevents it from trading after it is tagged as stolen or suspicious. With the emergence of more and more decentralized NFT financialization protocols such as NFT AMM, NFT loan, or NFT fractionalization, there is a solid need to source the NFT before a user can trade or perform other financialization tasks. Otherwise, blacklisted NFT will flow into the permissionless decentralized protocols and cause unfair trading for the user. The initial motivation for 0xSauce is to build an NFT sourcing oracle as a guard for future NFT financialization.

To address the issue above, 0xsauce will provides three services:

1. An on-chain NFT source oracle that saves blacklisted NFT item ID with its collection address.
2. A website( 0xsauce.xyz) that can allow users to check if a specific NFT item is tagged as suspicious.
3. A EPNS message notifier that updates the newest blacklisted NFT item information to address who enables the notification setting.

The data source:

Our current blacklisted NFT data come from two sources: NFT marketplace snapshot such as OpenSea and blockchain security groups such as SlowMist and Scam Sniffer. The first source is constantly snapshotting OpenSea blacklisted tags and updating to 0xSauce dynamic DB. The second source is that we monitor all the NFT scam addresses that are tagged by blockchain security organizations and we blacklist the current holding NFTs in the scam address or any incoming NFTs. This is our current approach to reaching blacklisted NFT data. This method is still quite centralized and exposed to certain attacking risks. We have a few ideas to improve the existing data sourcing platform and we would love to hear any suggestions from you.

The Oracle Architecture:

The general idea is to collect blacklisted NFTs and store these data in the blockchain through a smart contract. Other NFT Dapps can call the 0xSauce contract to check if the specific NFT is suspicious or not before a user initiates an NFT financialization task. However, storing and updating each blacklist item and corresponding collection is expensive. We come up with the idea of performing Merkle tree as data verification and synchronization. The generated root is 32 bytes. Instead of storing all the blacklisted addresses with a specific ID, we only need to store a 32-bytes root. When the dynamic database updates and monitors a change in blacklisted items, 0xSauce oracle will generate a new Merkle tree and update the most current root to the blockchain. The leaf of generated Merkle tree is then stored publicly and permanently on IPFS. For the convenience to query the proof, we have created a subgraph in The Graph. Other Dapps can easily query the most updated token proof in the 0xSauce subgraph.

Amazing Protocols Used in Our Project:

@Polygon We deployed our NFT Oracle contract on Polygon mainnet to build a healthy NFT ecosystem on Polygon. Link: https://polygonscan.com/address/0xBcD3e73d06E1F2B546cca0BA0686c466Ac396192

@Optimism We deployed our NFT Oracle contract on the Optimism mainnet to build an NFT infrastructure and together we can build a healthy NFT ecosystem on Optimism. Link:https://optimistic.etherscan.io/address/0xBcD3e73d06E1F2B546cca0BA0686c466Ac396192

@IPFS & Filecoin We are using IPFS storage to host and publish the blacklist NFT Merkle tree data. Since the Merkle tree proof is an essential part of our oracle, the leaf of generated Merkle tree should be stored publicly and permanently. We pinned each NFT collection Merkle tree data to IPFS and here are the links. Link: ipfs://QmP5cySG7cCJSW7fQJXriUDdUQ7dACXpxmLHoDZm6NiN2s; ipfs://QmVkaY3vq7uRXsSXT77uAgbpRnRnbusdWvsCrpqoC4uLh6; ipfs://QmWEStk6ik9xC6oH6pHfCujBEmapRE3BRgih5LYF9MtDDY; ipfs://QmV9X8FSCDWc1jiAvFnNafhxFmMSYfLprg5VjBeJpUiXhz; ipfs://QmartzWuNMPXQaM85fnAUz5i7EVaZ7Ch23Sf8yrotqMRcP; ipfs://Qmc9njMV5uvEN6aM48TtocQ5SEXom13fN8jDokKHXFCA2D

@The Graph We have created a subgraph in The Graph to share 0xSauce proof. Other Dapps can easily query the most updated token proof in the 0xSauce subgraph. 0xSauce Subgraph. ID: QmTCo1cNSoTDZmpcNXvSwpjyerGHo7ubniPPYfxAz8dWrc; Link: https://thegraph.com/hosted-service/subgraph/lljxx1/0xsauce-dev

@EPNS We implemented EPNS notification in our front-end web. We also set up our EPNS channel. Users who opt-in to our channel will be pushed to the hottest NFT blacklisting information. Link: https://app.epns.io/#/channels?channel=0xEf0D8F546880d1D41e7F35c5BA06a43C7F42FF2f

@Covalent We implemented amazing covalent services to lookup blacklisted addresses and monitor the most recent transactions of these addresses. The API we called is : https://api.covalenthq.com/v1/1/address/${address}/transactions_v2/?key=${Covalent_API}&page-size=${size}.

@ QuickNode We used QuickNode services to deploy contracts on Ethereum Mainnet. QuickNode provides great node services and have amazing add-ons. Our RPC has the Flashbots Protection and Single Flight RPC added. RPC: https://light-little-sanctuary.discover.quiknode.pro/6556bef83624e969dc756ac0219251b786433890/

For more info: https://medium.com/@0xsauce/about-0xsauce-62cae2763f53

Our Twitter handle: @0xSauce_xyz