ERC-5008: ERC-721 Nonce Extension
ERC-5008 adds a per-token nonce that increments on every transfer of the NFT. Used for:
- Replay protection in off-chain signed actions tied to a specific NFT — the nonce binds the signature to a specific NFT state, invalidating if the NFT moves.
- Optimistic listings — marketplaces can list signed orders that auto-cancel when the NFT changes hands.
- Authentication freshness — when an NFT is presented as a credential, the verifier checks the nonce hasn't advanced since the credential was issued.
Required Interface
solidity
interface IERC5008 {
function nonce(uint256 tokenId) external view returns (uint256);
}The nonce starts at 0 (or 1) at mint and increments on every transfer. Implementations may optionally also expose nonceUsedSince(tokenId, timestamp) for richer queries.
Neo Equivalent: NEP-11 + Per-Token Nonce
csharp
public static BigInteger NonceOf(ByteString tokenId)
=> (BigInteger)(Storage.Get(Storage.CurrentContext, NonceKey(tokenId)) ?? ByteString.Empty);
// Nep11Token<T> has no virtual hook; use `public new static` to bump
// the nonce after a successful base transfer.
public new static bool Transfer(UInt160 to, ByteString tokenId, object data = null)
{
var ok = Nep11Token<TokenState>.Transfer(to, tokenId, data);
if (ok)
{
var nonce = NonceOf(tokenId) + 1;
Storage.Put(Storage.CurrentContext, NonceKey(tokenId), nonce);
}
return ok;
}| ERC-5008 (Ethereum) | Neo Equivalent | Notes |
|---|---|---|
nonce(tokenId) | NonceOf(tokenId) view | Direct port |
| Increment on transfer | OnTransfer override | NEP-11 base hook |
| Mint sets to 0 | Same — storage absent = 0 |
Composition
- ERC-7634 — limited transfer count. Both extensions track per-token transfer activity; ERC-7634 caps it, ERC-5008 just exposes it.
- ERC-6066 — NFT signature validation. The nonce can be folded into the signed message to invalidate signatures after transfers.
- ERC-5646 — state fingerprint. Nonce is one component of the fingerprint hash.
Migration Notes
For NFT marketplaces:
- Sign listing orders against
nonce(tokenId)— orders auto-cancel when the NFT changes hands. - Check the nonce on every fill attempt; reject if it's advanced.
- The on-chain footprint is one storage write per transfer (negligible).
For NFT-as-credential systems, include the nonce in any signed attestations so old attestations don't re-validate after the NFT changes ownership.