Skip to main content

My philosophy is to educate people. Those people are not just buyers but project owners. A huge proportion of projects that launch do not have contracts written that act in the way they intended. Objectively, that is the fault of the team and the developers. Being able to buy more NFTs than intended is very easy to avoid and this happens all the time. The key is  that if you read the rules (written in the contract) and it allows certain things to happen, you can follow those rules and have an advantage over those people who did not read those rules (the contract).

How To Bypass 1 Per Wallet Limit in NFT Drops

This is not a hack or a scam or anything like that. It is simply reading the rules and following them. Sometimes the words written in a project launch statement do not line up with what is written in the contract. That is because their developers have not written the rules to synchronise with what they wanted to achieve. They can avoid this by getting the contract vetted or by hiring more competent developers. But the market is inefficient and often they do not do this. I see no problem in following the rules written by the contract.

The One Per Limit Whitelist NFT Drop

This is the scenario where the aim of the project is to give one mint per person during a set period, wether that be the presale or public sale. In order to do this they must enter code into the contract that only enables each person to mint one NFT. However, the developers sometimes do not write these rules very well. This is where you can capitalise. By writing this I hope to inform the project owners, as well as the investors that exploits can be present. If investors take advantage then they just followed the rules, the developers should have done better to write the rules properly.

An in real life example could be the following; you can go get a free meal at a restaurant by wearing a hat. However, the restaurant owners did not say you could leave the restaurant, change to a different hat and come back and get another free meal. What they should do, is say that person is marked as having got a free meal after visiting the first time – rather than the hat.

How To See the Issue Inside the Contract

To understand if an NFT contract is allowing you to wear multiple hats you simply need to read the contract (the rules).

I will use the example of Fluffy Polar Bears since this was the most recent.

how to exploit nft contract

What you can read from this is that Claimed NFTs + Number of NFTs can not be more than total NFTs. That means I cannot buy more NFTs than the maximum supply (9999). Okay, looks good.

However, you look at the next line.

You see that, ‘Required Number of Tokens’ must be less than or equal to allowed balance – sender balance.

  • Required Number of tokens = 1 (whatever amount I tried to mint)
  • Sender Balance = how many Fluffy Polar Bears I have in my wallet.
  • Allowed balance = 1 ( as per whitelist parameters).

Therefore, if I buy one token from presale my sender balance = 1, Allowed Balance = 1, Required number of tokens = 1 (whatever amount I tried to mint).

Since 1 is not less than or equal to 1 -1 (0) I cannot mint. So, I would be rejected buying another Fluffy Polar Bear.

The Workaround

Since ‘Sender Balance‘ is simply defined as how many I have in my wallet, I can simply transfer the NFT to another wallet and my Sender Balance becomes 0.

The calculation then changes to Required Number of Tokens (1) must be less or equal than Allow List (1) – Sender Balance (0). Since 1 = 1 i.e. not less than, I can perform the transaction.

Now I follow the rules and my transaction executes.

If you meet these conditions, you can continue to mint for as long as you would like as long as you keep transferring the NFT to an alternative wallet and lowering your sender balance to less than 1.

I always recommend buying NFTs directly from the contract like explained in this article.

Is This Ethical?

This is a dilemma for sure. The project did not intend for this. However, they, by proxy, wrote the rules for this. Whilst I was doing this, so were 10+ other people. I personally feel that if you read and follow the rules then you are doing what is stated by the blockchain. It is no different than me leaving the restaurant, switching hats, and getting another free meal.

I write this to educate not only buyers but project creators too. It is a very easy thing to fix when writing the contract. If you don’t do it, you will have people following the rules you set regardless of whether it is me or anyone else.

Join the discussion One Comment

  • Antony Roberts says:

    Umm – yea there’s the rub – ethicalicty !
    Many a murderer have got off scot free using small print and loop holes .However business is business , so use all the advantages you can.

Leave a Reply