How smart contracts really work

Today I want to show you how smart contracts actually store your NFTs and what happens behind the scenes, how the metadata is stored, if all info about the NFT is stored on the blockchain and which functions exist.

No worries I'm here to explain technical concepts in an easy way so even if you're not a tech person you will definitely understand what I'm talking about here.

Funny meme trust me im an engineer

Open Contract on Etherscan

First of all, we need to open a contract that we want to explore. I chose the Bored Ape Yacht Club and got their contract address from the official Opensea Collection. Below each BAYC NFT you can see the contract details and if you click on it then Etherscan opens. In case you don’t know Etherscan allows everyone to view what is going on on the Ethereum blockchain in terms of transactions, contracts etc. Also, you can do the same checks with any NFT. However, make sure to always use the original contract which you can usually get from Opensea, the official discord or website.

View Contract on Etherscan

There are all the transactions and a lot of information on Etherscan but what I want to direct your attention to is the “contract” tab and you can see it has a green checkbox which means that the board ape yacht club put their contract code open source here for everyone to look at. Now that's very nice of them to do. They don't have to do that but they do it because it shows that their code is fine and they're not afraid to show what their contract looks like. A very welcome side effect of revealing the code is that Etherscan can show you the contract`s “read” and “write” functions which is actually exciting stuff and that's what we're going to talk about today in detail.

Checking the owner of a certain token ID

If you go here to the “Read contract” tab you can see all the functions that allow you to read from that smart contract. One of the things you can do in the “Read Contract” Tab is to check the owner of a certain NFT. If we want to know for example who the owner of ape number 13 is, then we can simply ask the contract and the contract will say hey the owner is this address over here. You can see that's a basic function because an NFT smart contract stores ownership of a specific NFT. Interestingly enough is that not all information about the NFT is stored on the blockchain. It just stores who the owner of a certain token ID is, but it does not store the picture or the metadata. The blockchain could do that but that would be too expensive to do.

Getting the metadata and the picture

Moving on to the next function which is vital and necessary when it comes to NFTs which is the token URI (=Uniform Ressource Identifier). In contrast to the URL (=Uniform Ressource Locator) which is the web address of a typical website, the URI does not point to a website but to a place where information like the metadata or the image of the NFT is stored. As a result, the token URI is a function that tells which NFT you want to get the metadata for and what it will return you is this URI. It's an identifier for the tokens metadata and where it's stored.

It's not a URL because you cannot just copy this and put it in the browser because you will not get far. Instead what you have to do is copy this part of the URI, so forget the IPFS slash part just copy this and you just simply put + the copied URI into the browser´s address bar and what you get is the metadata of the NFT.

Finally, we get the metadata, which is not part of the contract; the contract is just linking you to a location where this metadata is stored.

In order to get the image you need to copy again the URI part in the same line as image. See below.

You replace the URI from before and press enter. Then you see the stored picture. Again the smart contract just points you to the stored picture.

Why am I stressing so much that the metadata and the image are not part of the smart contract well because when i first started with NFTs I thought somehow they are close together so you cannot change them and so the NFT will live forever. Well sure the NFT can live forever but only if it's done right as you have seen in the previous section and also if the developers or the project owners don't decide to change stuff. They can always change something because they are the owners of that smart contract. The only way to not have access to change these things anymore is to resign as the owner of the contract. There is a function for that and they have to call it and remove themselves as the owner, so the owner becomes nobody and then you can't make any changes anymore but seldom NFT projects do that because they still have plans for the future and they still want to be able to make changes.

Looking at metadata of other IDs

The URI consists of a base part, which does not change. You can compare it to being a folder for all the NFTs of the same collection. The part behind the “slash” represents the token ID. So in case you want to view the metadata of another NFT in the same collection. Just replace 13 with 16 (for example).

What does that mean exactly? Well, it means that somebody stored in IPFS a bunch of NFTs usually 10 000 or so and if you want to get there you have to know the path to that folder and this is exactly what happens.

NFT metadata and images stored on IPFS

IPFS is a decentralized file storage and stands for “interplanetary file system” and it's just a decentralized way of storing data. It's pretty similar to S3 from amazon but it's decentralized meaning that nobody can shut it down and the files are all gone which would be pretty bad for NFTs. Most NFT projects are storing their data on IPFS or on the competition called Arweave for this exact reason. If you see something else over here maybe a https or a standard URL to a server then keep in mind that this only makes sense when the NFT metadata should change for example when you play a game and you can level up your characters. Other than that the data should be stored on IPFS or a similar decentralized competitor as otherwise the data can change without you knowing and that's pretty bad. Next time when you are researching an NFT project, you can now find out where they are storing their data and if they are doing it correctly.

How is the information stored in IPFS

Okay that is all nice and all but how do they set this information in the first place because it is not part of the contract. They can do this with the “Write” Functions on Etherscan. They can connect with their metamask wallet and execute certain commands. The “setBaseURI” function points the smart contract into the right folder on IPFS.

You can try and connect with your metamask wallet. However, you will not be able to run this command, as they have set in their contract´s code that only the owner (=deployer of the contract) can run this command. You can go to the “Code” tab and search for “setbaseURI” and you will find this function.

Now imagine if they had a bug in the contract and they forget to put only owner over here then everyone could change the path to where the metadata is stored. It is also pretty much standard and the reason why they can change the path where the metadata is stored meaning that the metadata can change even after minting. In case, for example, they had any bugs in creating the metadata or the images they can still make changes by simply pointing to a different folder on IPFS.

For you to remember is that NFTs can change using this “setBaseURI” function.

Get how many NFTs an address has

In order to be able to read that we need to change the tab to “read contract” again. Like before we search for the owner of the token ID 13 with the “ownerOf” function.

And then we copy this wallet address and paste it into the “balanceOf” function, where we find that this particular wallet owns 11 BAYC. I think we just found a whale.

Get total supply of NFTs

For that we check the “totalSupply” function in the “Read contract” tab. In the case of BAYC the total supply is 10000. These are the apes currently in circulation.

If you want to know what the maximum amount of NFTs for this collection will be then you need to check “MAX_APES”. This tells you that all apes have been purchased and the project is sold out.

In theory, the code of the contract could contain a function which allows the deployer of the contract to change the maximum amount of NFTs. However, you can check within the code if you search for “MAX_APES”. In this case, however, as you would expect no function like this was found.

Withdraw money from an NFT contract

This can be done simply by using the “withdraw” function in the “write contract” tab. Of course, you need to have the permission to do so, which NFT projects allow only for their own or community wallets.

Executing this function withdraws the remaining balance of ETH and sends it to the owners wallet address.

You can find that in the code when you search in the “code” tab for the “withdraw” function.

This function basically says that only the contract owner can withdraw the balance on the smart contract address. If this function would be forgotten within the contract then this would mean that the balance is stuck on the contract and cannot be withdrawn from the address. The projects however need this crypto to continue delivering on the roadmap.


After reading this you should be better able to research projects and inform yourself about the different functions of their smart contract. Amongst others, you should be able to check the owner of certain NFTs, the balance of NFTs they have and how many NFTs are there in total. Also, you should be able check how and where the metadata plus the pictures are stored and how the withdraw function has been set.

All in all, I hope that this article gives you a better insight into how NFT smart contracts work. Also, I hope you learned something today and would love you to consider following me on my on my twitter @0xCryptonite

Back to blog