The most common security concern in the NFT space has been the fact that projects require you to use the NFT from the main collection to access, claim or participate in activities.

Often times these NFTs are extremely valuable & expecting your users to hold them in their hot wallet to connect with Dapps in order to claim their perks & access servers or token gated content is a high security threat and increases the chances of your holder being caught in a phishing scam and losing their valuable assets.

The goal is to be able to preserve the primary asset ( main collection NFT ) in a hardware/cold wallet and use delegation methods to authorize other hot wallets to participate or sign transactions on your behalf.

Here are some examples of how NFT Projects can help holders stay secure:

Soon after mint, enable holders to connect their wallets ( with the NFT in it ) to your main website & assign future mint, claim & access functions/privileges to a separate hot wallet ( something that they would feel more secure about connecting to random sites )

The idea here is to minimize the number of interactions a holder has to make to access privileges/perks & eliminate the need for holders to use their cold wallet.

Here’s a scenario:

X Project mints & is sold out. Holders of project X are redirected to the main website (SETPERMISSIONS.X.IO)

Holder uses their NFT from the collection X and wallet address holder.eth to connect to the site and sets permissions for future airdrop claims, mints & all token gated access to the holder.eth address.

Holder now moves the NFT from their hot wallet ( holder.eth ) to their cold wallet/hardware wallet i.e. vault.eth

Project X drops a secondary collection only available to their original collection holders.

Holder.eth does not need their NFT ( stored in their cold wallet - vault.eth ) to claim this new perk and can instead just use their holder.eth address since the project already has permissions to allowlist the said address.

This saves Holder.eth from ever having to risk their valuable NFT by moving it or connecting their cold wallet to websites.