Magic Eden Rivals Say NFTs on Solana’s Biggest Marketplace Are at Risk

In the Solana NFT market, Magic Eden is the dominant player. As of its most recent VC investment round in June, the marketplace, which was launched last October and regularly controls 90% or more of all trade volume on Solana, was valued at $1.6 billion.

But as Magic Eden’s fame rises, the Solana NFT community’s builders and collectors are growing concerned that the platform has been far too “centralized” in its ascent. The way Magic Eden controls its custody of users’ NFTs, as well as recent adjustments that restrict access from third-party aggregators and tools, are cited as examples of these changes, which may have exposed users’ assets to risk.

People should be fully aware that a hacker may obtain the Magic Eden keys and “rug” all users of NFTs, according to Marty, the fictitious founder of Zion Labs, which creates Solana NFT tools, who spoke with Decrypt. If it were decentralized and their code was open-source, this wouldn’t occur.

NFT Marketplace Magic in Solana Eden Raises $130M, Prepares to Expand Along Multiple Chains

Magic Eden did not precisely address the apparent hazards of its escrow-based trading mechanism in remarks supplied to Decrypt, but it did state that it thinks the alternative is currently less secure for customers. Market participants intend to use escrow-free transactions in the future, but they don’t think the technology is safe enough just now.

Escrow or no?

Although the topic of Magic Eden’s practice of keeping users’ listed NFT assets in an escrow wallet has been discussed before, it is becoming more heated. All listed assets are taken into custody by Magic Eden rather than being left in users’ own wallets, and user NFTs are kept in an escrow wallet via the marketplace smart contract.

Early Solana NFT market participants frequently engaged in such behavior, while more recent newcomers to the ecosystem, such as OpenSea and Hyperspace, do not. A Solana NFT stays in your wallet after being listed for sale on such websites.

1/🧵We’ve been seeing a lot of chatter lately about Solana marketplaces taking custody of NFTs, so we wanted to share our POV on custodial listings

— OpenSea (@opensea) July 27, 2022

While Magic Eden was not specifically mentioned in a tweet by OpenSea on Wednesday regarding “Solana markets seizing custody of NFTs,” the intent was clear. At the time, OpenSea tweeted, “We feel markets that control your NFTs limit choice and utility, and jeopardize security.” The two exchanges have previously argued over this issue, with Magic Eden most recently responding with a link regarding OpenSea being sued by a user for an unintentional Ethereum NFT sale because of a UI flaw.

Without requiring a marketplace to take ownership of an asset, NFT trading is made possible via Metaplex’s Auction House protocol for Solana. Magic Eden’s marketplace contract is based on an early version of Auction House, which is intended as a permissionless, peer-to-peer trade system, according to a person close to Metaplex who spoke to Decrypt on condition of anonymity.

Safety >>>

You should try it sometime, maybe you won’t get sued

— Magic Eden 🪄 (@MagicEden) July 20, 2022

That contract code, along with the one for its launchpad contract built using Metaplex’s Candy Machine minting tool, have both undergone significant alterations thanks to Magic Eden. They are isolated from the rest of the neighborhood thanks to Magic Eden. The source claimed that they were “closed-source and permissioned versions of open-source technology that was given by Metaplex.”

For NFT traders, that strategy potentially increases risk. Closed-source software is not eligible for bug bounty schemes or community audits. What is presently written in the marketplace contract code for Magic Eden is unknown even to Metaplex.

What would happen if the escrow wallet for Magic Eden was stolen? Or what would happen if Magic Eden abruptly closed, like numerous other cryptocurrency businesses did recently amid the recent market collapse? According to the Metaplex source, as of late last week, the “centralized” escrow wallet had about 180,000 NFTs.

How Metaplex is Addressing the Network-Crashing NFT Botting Issue at Solana

Sidney Zhang, co-founder of Magic Eden and its chief technical officer, responded to Decrypt’s inquiries by stating that the market intends to switch to a custody-free model at some time, but that present solutions aren’t sufficiently safe in his team’s opinion.

“We are actively exploring escrowless models and plan to move to an escrowless model, but we believe the current smart contracts to implement escrowless mode that other marketplaces use are unsafe,” he says. “There are many security implications of this transition, and we want to do it carefully to ensure that our users do not get their assets inadvertently lost through stale listings.”

Zhang cited the earlier-mentioned OpenSea problems where some customers’ Ethereum NFTs were sold for significantly less than market value. OpenSea eventually refunded consumers $1.8 million in ETH after attributing the “inactive” offers’ successful completion to a miscommunication between its user interface and the Ethereum network.

“Fairly complex smart contract changes need to be made to prevent these scenarios,” Zhang added. “We’re actively exploring how to do them in the best way.”

Recent tweaks

Magic Eden

Along with longstanding concerns regarding Magic Eden’s escrow-based business model, the marketplace has recently been under additional attention due to modifications made to how its platform functions and how outside programs and protocols may be added to it or used in conjunction with it.

The debate gathered traction last week as a result of a popular Twitter thread from user “Pland,” who claimed that Magic Eden is “no longer a permissionless dapp” as a result of recent changes to smart contracts. The code that powers decentralized apps (dapps) and NFT assets is stored in smart contracts. In June, there were some similar rumblings on Twitter, but the most recent thread gathered more attention.

Magic Eden is not a permisionless Dapp anymore

Me had a smart contract upgrade that went for most users unnoticed but does have a big impact on the ecosystem

In order to buy an NFT from ME, you need 2 signers for each transaction and one of the signer is ME

— Pland (@Pland__) July 24, 2022

Developers who talked with Decrypt claim that as a result of the contract modification, Magic Eden is now required to sign each transaction that occurs on its marketplace, as opposed to the prior situation. As a result, several third-party applications that compile listings from various markets as well as so-called “sniper bot” programs that may be used to purchase particular NFTs were damaged.

Decrypt has undergone a modification, and Magic Eden recognized the change by stating that transactions now require two signatures: one from the end user and one from an API key that Magic Eden has supplied. Developers and outside applications that want to access an application or service must first authenticate using an API key. OpenSea and other Ethereum-focused markets offer an API mechanism as well.

“This change was rolled out so that we can maintain core site reliability and reduce botting that would jeopardize our users’ listings and trades,” Magic Eden co-founder and chief engineering officer Zhuojie Zhou told Decrypt. “We very much welcome the ecosystem to take part in our API program.”

Solana’s New Gas Fees Won’t Make the Network ‘Expensive,’ Says Co-Founder

The Solana network as a whole has occasionally been completely shut down in the past due to excessive activity by automated bot programs, most notably in April. Recently, Solana Labs implemented a number of improvements in an effort to increase network stability.

According to Zhou, Magic Eden has so far distributed more than 300 API keys to developers, including those from wallet software developers Exodus and Slope as well as aggregators Tensor and NFTSoloist. He said that Magic Eden was obliged to have an API by Phantom, the company behind the well-known Solana wallet, in order to confirm that transactions originated from their servers.

“We believe in supporting a formal developer ecosystem that enables a secure and reliable marketplace,” Zhou added, “and remain open to evolving the API program based on partner developers’ needs.”

An ‘anticompetitive move’

However, several developers in the Solana sector saw the change as a violation of decentralized ideals, not to mention a choice designed to thwart future competing NFT developers.

“We were surprised to learn they were doing this, because it’s completely centralized with no plausible benefit to end users,” a representative from NFT marketplace aggregator Hyperspace told Decrypt. “It’s in fact detrimental to users, as it increases reliance on their servers and consequently leads to an increased failure rate of transactions.”

The spokesperson, who wished to remain anonymous, said that Magic Eden contacted Hyperspace in advance of the shift “and threatened to shut us down if we didn’t adapt our platform to totally benefit/service them.” According to the representative, Magic Eden demanded that Hyperspace “exclusively direct listings to Magic Eden and only function via their API.”

🪄@MagicEden is down but you can browse & trade all their listings on

Thank God for open Web!

Hyperspace ✨ Solana NFT Marketplace & Aggregator (@hyperspacexyz) May 23, 2022

In these conversations, we unequivocally deny threatening them, a Magic Eden official informed Decrypt. “In order to offer the best technical and operational assistance, we strongly advise our partners to integrate with Magic Eden as thoroughly as possible. Unfortunately, Hyperspace was not keen on such a collaboration and has since remained hostile.

Although Hyperspace claims to have found a solution for Magic Eden’s API and is now able to continue serving aggregated listings, other aggregators (like CoralCube) appear to have lost functionality as a result. The Hyperspace representative accused Magic Eden of continuing to try to keep us out and actively working on how to do so since that time.

CoralCube used to have a migrate listing button but MagicEden recently took another step towards becoming a web2, centralized platform. You can not delist items without ME centralized signature. That’s why we removed the migration button and now NFTs are stuck in ME escrow.

— CoralCube – NFT Marketplace – EARN REWARDS (@coralcubenft) June 10, 2022

Some developers in the Solana area told Decrypt that they think Magic Eden’s approach was planned to exclude NFT aggregators that have gained popularity lately. As a result, Magic Eden has control over who may access its listings and take use of its liquidity.

The Hyperspace representative stated, “We have been outspoken about what has been a strictly anticompetitive move and a breach of open web principles.” We believe it is our duty to defend decentralization and interoperability in the Web3 environment, and the Solana Foundation and the whole Solana ecosystem should be [up] in arms to stop this from progressing any further.

The debate rages

Additionally, Magic Eden has received criticism for adding new features that seem to have been heavily influenced by third-party Solana applications. The Magic Eden List feature, which enables projects to build user allowlists ahead of NFT drops, received criticism this week for being strikingly similar to Blocksmith Labs’ Mercury tool.

“It seems like a direct attempt to box out anyone who can do anything remotely better,” pseudonymous NFT collector Topo Gigio told Decrypt of Magic Eden’s feature additions. Meanwhile, Marty of Zion Labs alleged that Magic Eden is “using venture capital as a weapon” as it rapidly expands to become an all-in-one Solana NFT resource.

Say goodbye to other WL wallet collection projects because ME must eat the whole pie. They must do it all; can’t let others win… 😬

— blockchainpan.sol 👁️🐢👻🦉 (@blockchainpan) July 27, 2022

Magic In response, Eden’s Zhou said the business is a “user-first company” and bases most of its product expansions on customer requests. He opposed the centralized discussion and asserted that the platform’s expanding capabilities serve collectors.

The overall discussion surrounding Magic Eden, in the opinion of some Web3 participants, is heavily focused on the centralization vs. decentralization debate, including how a major player in the space ought to handle issues like asset custody, open-source software, and the modularity of blockchain assets and protocols.

Magic Eden’s recent moves, like its prolonged usage of escrow and API-centric improvements, haven’t gone down well with everyone. However, Magic Eden continues to hold sway as the principal marketplace for Solana collectors.

Magic Eden is receiving increasing amounts of criticism, but it is unclear whether many NFT projects will decide to debut elsewhere (as several did lately on OpenSea) and whether well-known collectors will decide to take a public stance and leave the market.

“This conversation is not about centralization vs. decentralization, and never has been,” Zhou said. “Partner toolings have existed on top of Magic Eden’s evolving marketplace experience since we launched, and we have no plans to change that approach.”

I’ll fall on my sword here, I’ll be forgoing liquidity moving forward and no longer listing on or buying from @MagicEden.

I am AFK, so need a day to delist what i got and move it to @hyperspacexyz and @coralcubenft

No longer feel comfortable escrowing my expensive NFTs

— Topo Gigio | topogigio.sol 🥐 (@TopoGigio_sol) July 24, 2022

One of them persons is Topo Gigio. The collector tweeted that he would “fall on my sword” and forego liquidity, asserting that he will no longer utilize the market and mentioning Magic Eden’s escrow policy and contract modifications. He also mentioned its alleged “deflection of responsibility” about a contentious NFT drop, DegenTown, in a message to Decrypt.

All of the liquidity is at Magic Eden—they won’t miss me,” he told Decrypt. “I was happy to take my high-value assets, but low-volume trading elsewhere.”


Back to top button