I Hacked Rarible.com — Here’s how I did it
A step-by-step walkthrough on how I hacked Rarible.com to mint my own programmable art on their platform.
*DISCLAIMER* The word Hacking is used in its primary meaning here. Which is to use something for a purpose it wasn’t meant for.
You know how you sometimes wake up with an idea, and you just can’t take your mind off of it ?
What if I could have programmable art on Rarible ?
I. Toolbox
What we will want to create is something like this:
This Artpiece is minted on Rarible and displays the current highest Bidder (Quasimondo at the time of writing this article).
To hack our favorite NFT platform we will need:
- Firefox & Chrome
- Postman App & Postman Interceptor Extension for Chrome (to mess around with their API)
- Powershell (or any Command Line Interface really)
- IPFS Desktop
- Etherscan.io
I. IPNS (Inter Planetary Name Service)
Our biggest challenge is that Rarible (and actually other platforms) all display a Static Image hosted on IPFS.
That doesn’t sound very dynamic ? It’s not. but there’s a twist.
IPNS is a new IPFS feature that isn’t much known yet. What is it ? Well, let’s put it that way, IPNS is to Domain Names what IPFS is to server IPs. Basically you don’t call a specific IP anymore (IPFS) but you call a “domain name” (IPNS).
Why is it important you ask ? Well that enables us to have links to images that can change ! Just like this :
II. The Rarible API
First let’s listen to the API calls our browser does when we mint an artpiece on Rarible (basically the messages our computer exchanges with Rarible).
I do that using Firefox’s dev tools (Chrome has a bug regarding multi-part formdata)
If we filter out all of the logging and trackers we get:
- STEP 1: Request to Upload our Image on IPFS (not relevant, since we want to use our own image, we won’t use that one)
The Response to that Upload Request is the IPFS Link to our image.
- STEP 2: Request to Upload the Token URI on IPFS (containing title, IPFS link to the image, description etc. that’s what we want to change !).
The Response to that request is the IPFS link to the Token URI.
It’s worth noting that Rarible does all that, without you actually minting. That means that Rarible basically hosts files on IPFS for you, for free, without needing any IPFS node. Neat.
III. The Hack
1.Etherscan setup
Ok guys, this is where the fun-fun starts !
Did you know you can use Etherscan.io to interact with contracts ? It’s really useful !
- ID: you might be able to put whatever you like here.
- V, R & S: Those are values that are retrieved from a signature to get the a public key.
- Fees: A tuple containing Recipient & “Value” variables for fees.
- supply: Editions of 10/10, 100/100 etc.
- URI: The Token URI talked about above, in the form of an IPFS link: “/ipfs/<CID>”
Just know that ID, V, R & S are values we will retrieve from Rarible’s responses (like earlier). Fees, supply I’ll just use standart ones. URI is the field we will tamper with.
2. Postman setup
Next step is to get into Postman, which allows us to make API calls we can tweak easily.
First we use the Postman Interceptor + Chrome to retrieve the API calls because we’re lazy. (I’ll let you check the Postman documentations to do that)
Then we simulate our browser asking for STEP 2 (see above API calls) directly, since we already have our image (I’ll get to how we generate IPNS etc. later)
3. Starting the Mint
We now get back to Firefox and start a mint on Rarible.com, which generates an ID, V, R & S (see your browser’s console.)
We now have everything we need to mint the artpiece ! We go back to Etherscan.io, mint it, aaaaannnd we’re done !
We basically have an artpiece with an image that can be changed by changing where our IPNS link points to (using just two command lines).
Next step is to create a script hosted somewhere that updates the link for example every hour, and there you have a Rarible NFT Clock for example.
Conclusion
Alright, I showed you how we can mint an artpiece containing an image that is not stored on IPFS directly but rather containing an IPNS link to an image.
As I said earlier, this means that we can change the image, and IPNS will always load the newest image in our IPNS node.
But Nahiko, how do I setup the IPNS link ?
Well regarding that, I’ll let you check out this tutorial. I’m sure you guys will be smart enough to figure out how it works ! After all, hacking is about finding out yourself ;)
