left-caret

PH Privacy

It’s Been Quite a Month for NFT Games: the Axie Infinity Hack and the F1 Delta Time Closure

April 11, 2022

By

Andy LeGolvan

& Behnam Dayanim

In the last month we have seen two major actions in the non-fungible token (NFT) gaming space, raising a host of consumer protection and intellectual property issues.  First, the popular NFT game Axie Infinity suffered a devastating security breach resulting in the loss of over $600 million in user assets, which may be the single largest breach of an online gaming platform.  Second, Animoca Brands – developer of the Formula One-based NFT game F1 Delta Time – announced the closure of the game after Formula One ended the licensing deal with Animoca, resulting in significant loss of value for NFT holders.  Below we discuss what is currently known and the potential legal implications arising from these unfortunate incidents.

The $600 Million Axie Infinity Hack

Axie Infinity is a wildly popular NFT-based game in which players collect and mint Pokemon-style pets and battle each other’s pets within the game.  Players earn cryptocurrency rewards during gameplay, and they can stake tokens to earn additional cryptocurrency. 

On March 23, 2022, Sky Mavis (the game’s developer) announced that the “bridge” to the Ronin Network – the Ethereum-linked sidechain underlying the game – was hacked, resulting in the theft of approximately $625 million in players’ cryptocurrency assets (173,600 Ether and 25.5 million USDC.).  Sky Mavis posted in a blog that it takes full responsibility for the breach, and it has reportedly raised over $150 million in an effort to compensate players for their losses.

Security breaches are not new to tech companies or even online gaming companies – but the nature and extent of this incident (a direct theft of user assets) appears to be unprecedented in the gaming space.  For example, Twitch recently suffered a data breach resulting in exposure of sensitive consumer information, and Electronic Arts recently suffered a data breach resulting in hackers accessing its source code and related tools.  These breaches, of course, can result in potential downstream harm to consumers, and thus can present liability exposure for the companies from a consumer protection standpoint.  But the impact of the Axie Infinity hack – resulting in a direct theft of users’ staked cryptocurrency – is more akin to the type of security breach risk faced by an online bank or other financial institution.

As more game developers dip their toes into the cryptocurrency and NFT space – effectively providing real-world value and transferability to virtual items traditionally deemed valueless and non-transferable by games’ terms of service – the lesson learned from the Axie Infinity hack is that developers venturing into this space would be wise to up their security efforts commensurate with the value of the virtual items, and recognize the immense risk of liability that comes with handling valuable assets. 

The F1 Delta Time Closure

Animoca Brands’ game F1 Delta Time has been described as one of the first major NFT games, gaining viral popularity even before the NFT boom.  The game largely revolved around collecting and racing NFT cars, which players acquire by converting Ethereum into REVV tokens (developed by Animoca).  One of the big selling points for the game was its official licensing deal with Formula One, permitting F1 branding for the NFTs.

However, on March 15, 2022, Animoca announced that the game would close operations due to the inability to renew the F1 licensing deal with Formula One.  In other words, without a license from Formula One, the game as it stands with F1 branded NFTs cannot lawfully operate; and, with the game shut down, the once-valuable NFTs are now reportedly worthless.  Described by some as perhaps ironic, Animoca has offered to reimburse players for their loss of non-fungible tokens with replacement tokens and other assets.

What happens to NFTs when the intellectual property associated with it ceases to be available presents a novel question in this space – one that token issuers and game developers need to consider carefully as they set out the ground rules for their offering and in negotiating their IP licenses with IP rights holders. 

Introducing NFTs into games may carry with it, for some players, an indelible feeling as to the virtual items and the game (whether justified or not).  Representations and limitation provisions clarifying these points are critical, and potential post-licensing uses for existing NFTs should be considered in any licensing deal.  NFTs are creating market and legal disruption in a number of ways – this month’s events just illustrate a few more.