One-time minting policy with Simple Scripts

Hello guys,

I have been reading a lot through the different documentation of the current minting policy available on mainnet via simple-script.
Mostly these two links were the best for me:

When it comes to NFT, I have seen many tutorials on this internet and most of them, are generating the NFT policy with a simple script using a flow like:
“type”: “sig”,
“keyHash”: “e09d36c79dec9bd1b3d9e152247701cd0bb860b5ebfd1de8abb6735a”

Where keyHash is the key hash of a payment address from the wallet used to mint…

However to me, either I am missing something (probably the case) or there is a flow in this pattern that people are presenting.
Even if you mint only one token with a transaction, it still not an NFT, cause you would be able to mint another one in a future transaction because the policy only requires to be verified by the keyHash of the payment address.
So if the wallet holder, is malicious enough, he/she generates the token once, and a couple of months can do it later again? because the hashKey is still valid is still valid as it’s bound to the payment address?

So is there a real way, to create an NFT, via a simple script?
I saw solutions with bundling the JSON policy with the before type, could be a way… However, I believe that these solutions still have potential flows…

In the high-level doc of minting policy, there are mentioning, the one-time minting policy, but I was wondering if this was feasible only using simple-scripts, or we would need a Plutus smart contract to have a bulletproof solution?

Thanks again and looking forward to hearing your comments, as I have the impression it’s only a misunderstanding on my part.

Have a nice day,

1 Like

You can use time locking to do the minting. Here is an example script that uses the before constraint. After the time of the before slot has passed, it will be impossible to mint more or to burn any.

1 Like

thanks bwbush so that is indeed the only feasible solution at the moment.
My only issue is still that you have to plan a slot number with a time margin error till the transaction get on the blockchain right?
Like “cardano-cli query tick” will return you the current slot, but you will have to plan around + 5 min to make sure the transaction does not fail, if it takes longer to be validated on the blockchain?

I know it’s a bit far-fetched and only theoritical, but in case you have a compromised machined, an hacker would still be able to generate another NFT within this 5minutes buffer?

My questions are purely for me to understand as well, and to see if ultimately the only solutions would only rely on PlutusContract?

Thanks for your time anyway

Yes, @Anslume, that is the only feasible solution until smart contracts. I usually include a generous time window when I mint NFTs, just in case I mess up and need to burn them; I wouldn’t distribute them until after the before slot has passed, of course. I think either a Marlowe or Plutus contract could implement a minting policy where a maximum of one token could ever be minted; optionally, one could set up the contract so they either are or aren’t ever burnable.

And yes, a compromised machine could generate more NFTs during that time window.

1 Like

@bwbush thanks. Happy to see that I understood the logic concretely… Surely with programming, it will be more flexible in the logic.
I definitely need to get into haskell… I had a brief look, I’m more used to high level programming (such as web development) and haskell seems a bit more medium level in the terms of syntax… But nothing is impossible just need to spend some time on that…

Anyway thanks again and have a nice day,


1 Like