Is it a good idea to create an update baseUri function for ERC721?


I’ve been using the ERC721PresetMinterPauserAutoId contract template for learning purposes, and have a couple of questions:

Since anything can happen to a centralized system (google drive, github, heroku, etc.), would it be a good idea to implement an “UpdateBaseURI” function in the ERC721 contract? If heroku goes belly up in 10 years, then the tokens relying on that server for the metadata are unusable and worthless.

A second question, these tokens are all the same regarding the on-chain data? Their uniqueness comes from the json metadata, is this correct?



Mh I believe that when it comes to art the uniqueness comes from the NFT id which is then socially agreed to represent ownership over a given art piece, since the piece itself can be reproduced digitally thus not itself owned.

I don’t have a clear picture of how the baseURI comes into play. I do believe it shouldn’t matter that much given that any “fake” NFT could be referencing any baseURI. Legitimacy is a social contract in the end.

Rather than heroku disappearing the thing with URIs would be for the web to disappear, right? Domains are DNS based so you can host it anywhere else as long as you hold the domain. Also, if centralization is an issue to you, you can go with IPFS instead.


I understand and I agree with you, still, would it be a bad idea to implement an “UpdateBaseURI” function? Are there security issues I’m not seeing?

1 Like

Hi @pmk,

It depends on your use case. If you control the domain name (e.g. then you may not need this as you can change the server that the domain points to. Though if you ever lost control of the domain name then your token could lose it’s off chain metadata.

If you do create an updateBaseUri function, then you will need appropriate AccessControl for this admin function, and you would ideally use a multisig such as Gnosis Safe (see:

1 Like