1 Introduction

Identity is a traditional and unique item assigned to people for thousands of years. Attributes of people related to their identities have been used for authenticating their claimed validity [1]. In the last two centuries, physical paper-based identity cards proved users’ identities and validations, which should be kept secure by owners.

Computers and the growth of wireless communication increased the concept of digital identity, mainly used for remote connection and authentication, or digital works [2]. After that (in 1992), a new attractive concept emerged named Metaverse [3] (in this paper, known as traditional Metaverse, which was managed fully centralized). The traditional Metaverse simulated the real world, which allowed users to have remote purchases, meet with cooperators or families, and most daily behaviors of people.

In digital communications, assigning a digital string to a user’s real identity in the real world is a way to identify and authenticate their digital identity, thus proving their validity. This string is the same user’s identity card in the digital world, generally called the user’s certificate. As with the real world, it is essential to manage users’ certificates in the digital world [4], for example, issuing certificates for new users, checking expiration times, revoking invalid certificates, etc. However, like the real world, digital identity management suffers various challenges [5, 6]. To solve challenges, central authorities have much access to control, new registration, revocation, and managing users’ identities in traditional networks so that they quickly and easily add/remove users. Though, these wide accesses are not preferred by the users.

In 2008, Satoshi Nakamoto practically implemented blockchain, a technology providing autonomy, as the Bitcoin infrastructure [7]. It should be highlighted that the concept of blockchain emerged much earlier than Bitcoin. For example, it was applied for filtering spam emails [8]. Although blockchain technology has notable features such as transparency, autonomy, open-source, and accessibility, it has some challenges [9]. Although mentioned features can be assumed as opportunities for the blockchain or challenging properties for governments, it is challenging to provide a robust trade-off between security, decentralization, and scalability issue for blockchain technology.

Based on blockchain technology, new types of metaverses emerged [10, 11] (in this paper, we call them modern metaverses, which are managed distributedly). As with public blockchains, users can join by numerous pseudonyms or public addresses to modern metaverses. They can commit fraud and disable their previous identities, which are hard to trace and arrest by government agencies [12, 13]. People believe that managing identity in distributed or blockchain-based systems presents a critical challenge, particularly in modern metaverses, which offer a suitable environment for criminals, as seen in the previous example of fraud.

The regulation of user monitoring and control within each community is a crucial aspect that governments strive to oversee. Presently, modern metaverses lack adequate regulatory frameworks in this regard. To address this gap, this study presents a general concept for managing users’ identities in metaverses, aiming to establish an infrastructure that incorporates this feature into contemporary metaverses. Various existing related works have emerged to manage digital assets and metaverse-based entities within metaverses, with some of them have leveraged NFTs to accomplish their objectives. The following briefly reviews some of these works.

In [14], Ryu et al. have developed a robust system model that ensures secure communication and transparency within metaverse environments. Their proposed model leverages blockchain technology to effectively manage user identification data. Additionally, they have introduced a mutual authentication scheme that utilizes biometric information and Elliptic Curve Cryptography (ECC). This scheme guarantees secure communication between users and platform servers, as well as secure avatar interactions between avatars themselves. By combining these elements, Ryu et al.’s model establishes a reliable framework for maintaining the integrity and privacy of user interactions within metaverse environments. Nadini et al. conducted a comprehensive analysis of NFTs data from the WAX blockchain, focusing specifically on the features of users’ avatars, which serve as their identities within the Metaverse [15]. They constructed a network of interactions that revealed interesting patterns in trading behavior. The analysis demonstrated that traders often specialize in NFTs associated with similar objects, forming tight clusters with other traders who engage in the exchange of the same types of objects. A key aspect of their study involved clustering objects associated with NFTs based on their visual features, ultimately showcasing that collections typically consist of visually homogeneous objects. This work sheds light on the underlying structure of NFT trading and highlights the prevalence of visually coherent collections in the Metaverse. Dong and Wang recognized the profound impact of NFT digital works on the existing copyright system, leading to the necessity of timely amendments and responses [16]. Acknowledging this reality, they conducted an analysis of the key attributes of NFT digital works within the framework of intellectual property law. In addition, they delved into pertinent legal issues and proposed corresponding countermeasures. These included considerations surrounding the exhaustion of rights held by right-holders, the responsibilities of platform management, and the assumption of tort liability arising from transactions involving NFTs. The primary contribution of their study lies in advocating for the cautious utilization of NFT-based artworks within legal systems, facilitating their responsible incorporation in the foreseeable future. Ho and Song conducted a comprehensive examination of the impacts of NFTs on metaverse communities [17]. Their research aimed to enhance understanding by exploring the practical application and theoretical implications of NFT usage within the metaverse. By analyzing the current usage scenarios, their work shed light on the various ways in which NFTs are utilized within metaverse environments. This study contributes to a deeper comprehension of the potential and significance of NFT integration in the metaverse ecosystem.

1.1 Contribution

This study relies on an idea called NFT-based digital identity management. This idea offers to link users’ real identities to NFTs or create a new NFT for each real user in metaverses. The NFT-based digital identity management states the creation of an NFT equal to the user’s real identity and managing the newly-created NFT instead of the user’s identity, in metaverses. Inherent features of NFTs, such as uniqueness, non-fungibility, transparency, and accessibility, are the main reasons for proposing this idea.

To clarify the margins of the mentioned idea, this paper explains the necessity of using NFT as a tool for identity management in digital worlds, especially in metaverses. Discussing the challenges of this idea shows that it is a considerable but challenging idea. However, possible solutions indicate that all obstacles can be solved using cryptographic tools, tricks, and networking concepts. In the following, opportunities are reviewed for using NFTs as management tools indicating that experts in various fields can play notable roles in this regard.

1.2 Organization

The remainder of the paper is organized as follows. Section 2 presents paper preliminaries. The main part of Sect. 2 is the explanation of the system model and describing the workflow of our contribution which is summarized in Fig. 1. As the main section of this paper, Sect. 3 identifies the importance of identity management in the Metaverse, reviews challenges and possible solutions of using NFTs as a management tool in the Metaverse, and presents some opportunities for this idea. Section 4 discusses solutions and tries to propose a general method. Finally, Sect. 5 concludes this paper and guides researchers for future studies.

2 Preliminaries

This section presents the paper’s prerequisites, used components, and their roles in this study. Figure 1 illustrates the relationship and workflow of using the preliminaries presented in the paper’s main idea.

Fig. 1
figure 1

The Relation Between Paper’s Preliminaries and the Paper’s Main Idea

Full size image

2.1 Identity and Authentication

Identity, as a string assigned/linked to a user, should prove the validity of the user and whatever it claims. Authentication refers to proving the user’s identity or validity [18]. In traditional computer-based user authentication, only a password (what the user knows) was used. In the next evolution of authentication, two-factor and three-factor were applied (what the user is, e.g., biometric, and what the user has, e.g., smart card). In modern authentication methods, AI [19], and machine learning (ML) are also used to identify users (e.g., users’ typing or mouse-moving patterns) [20, 21].

To launch a manageable digital environment, monitoring and controlling existing users are the primary requirements. Therefore, a unique identity and reliable authentication method are necessary to identify valid users and implement the paper’s idea (see Flows 7 to 10 in Fig. 1).

2.2 Blockchain

As an immutable and distributed ledger, blockchain technology records users’ data and cryptocurrencies’ transactions [7, 9]. In the last five years, blockchain has been applied as the infrastructure of distributed systems to record data and execute smart contracts. Modern metaverse is one of these distributed systems providing digital environments similar to the physical ones (for detail, see Sect. 2.4).

This applies blockchain as the metaverse infrastructure and a database responsible for users’ authentication requests (see flows 4, 5, 8, and 9 in Fig. 1).

2.3 Non-fungible Token

Generally, NFTs are unique token-looking strings mainly linked to a valuable thing [22, 23] (e.g., artworks, music albums, or games [24]). The \(ERC-721\) standard (Ethereum Request for Comments), as the most famous, determines conditions for tokens launched in the Ethereum blockchain to be non-fungible (called NFT).

Table 1 The list of several famous NFT standards
Full size table

Most NFTs have been established based on this standard. However, developers releasing NFTs on other blockchains should follow standards related to the selected blockchain. Table 1 lists several other famous NFT standards with their hosting blockchain (it is highlighted that BRC-721, BRC-69, SRC-721, DRC-721, SRC-721, LRC-721, etc., as newly-proposed standards, are currently highly discussed on social media).

In this study, NFTs are assumed as tools for identity management in modern metaverses in such a way that they are linked to users’ real identities and play the role of users’ digital identity in the Metaverse (see flows 2 and 3 in Fig. 1).

2.4 Metaverse

Metaverse is a joint digital space that enables users to remotely interact [10, 11]. Modern metaverse, the focus of this study, refers to a virtual three-dimension space where people can join using virtual reality (VR) glasses, smartphones, personal computers, and gaming consoles. In addition to the attractiveness of the metaverse technology, it suffers various challenges [25], such as the existence of many malicious users, the absence of regulation, users with multiple identities, and users’ identity management.

2.5 The Concept of NFT-based Identity Management (system model and work flow)

Figure 1, as the system model of our idea, involves several entities linked together. They are able to send/receive data over public channels. This section describes the concept of our idea which provides identity management in metaverses using NFTs.

2.5.1 Entities and Components

In the following, they and their roles in our system model are defined.

  • Metaverse and virtual entities: Concerning the preceding subsection, the notion of an optimal Metaverse entails the creation of a digital replica of the physical world. Consequently, this specific facet of the proposed system model is referred to as a virtual realm, analogous to the concept of the metaverse, which encompasses digital representations of tangible entities found in the real world, including financial institutions, cinemas, gaming establishments, fashion hubs, and more.

  • Blockchain: As an established component in the realm of technology, the blockchain assumes a crucial role within the proposed system model by serving as an unalterable and transparent database for storing information and facilitating transactions. Its primary function encompasses the handling of all inquiries within the system. Notably, the blockchain allows for universal participation, wherein any individual is capable of submitting data to the network and accessing the entirety of recorded information stored within it.

  • Metaverse owner or government: Typically, the development of a metaverse on a public blockchain involves a multidisciplinary team comprising proficient experts in various domains, including 3D design, computer science, security, marketing, management, economics, and more. While the management of blockchain-based technologies inherently leans towards decentralization, there are instances where this team may collaborate with government entities or regulatory agencies to establish specific access privileges.

    These collaborative efforts aim to accommodate the unique requirements and concerns of governing bodies, ensuring compliance with applicable regulations and fostering an environment of responsible usage. By forging partnerships with relevant authorities, the team seeks to strike a balance between decentralized principles and necessary regulatory measures, thereby promoting a harmonious coexistence between the metaverse and the established governance frameworks.

  • User(s): They are participants in metaverses from both the real world and the digital network, who actively engage in these immersive virtual environments and avail themselves of the various virtual services offered within. These individuals can be classified as customers, market owners, service provider owners, or even teenagers seeking to participate in metaverse-based gaming experiences. Each participant assumes distinct roles and objectives within the metaverse, contributing to the overall dynamism and functionality of the virtual ecosystem.

  • NFT generator/issuer service: Within our proposed system model, there exists a comprehensive NFT issuer service, such as Rarible or OpenSea (or others), which serves as a centralized platform for generating and managing NFTs. In compliance with relevant regulatory policies, the NFTs commissioned by the metaverse owner through this designated service attain legal validity exclusively within the corresponding metaverse. As a result, it becomes imperative for each metaverse owner to diligently select the NFT issuer service that aligns with their specific requirements and adheres to the regulatory standards governing their jurisdiction. This proactive determination of the NFT issuer service ensures the lawful and authorized utilization of NFTs within the designated metaverse environment.

2.5.2 Work Flow

As previously mentioned, every Metaverse owner or expert team has the capability to conceive and construct a Metaverse on a public blockchain. This Metaverse encompasses a range of elements such as business models, smart contracts, digital twins, and monitoring entities, all of which are meticulously designed. The interconnections among these entities and components are visually depicted in Fig. 1 through ten numbered arrows. Figure 1 visually captures the intricate relationships and interactions among these entities and components, forming a comprehensive and intelligently designed ecosystem within the Metaverse. In the following, mentioned relations are explained.

  1. 1.

    Every user, who wants to join Metaverse, sends a request to the Metaverse owner with its real identity.

  2. 2.

    By assisting an NFT issuer service, the Metaverse owner generates a digital identity for the user. The digital identity appears as an NFT.

  3. 3.

    The generated digital identity related to the user’s real identity is returned to the metaverse owner by the NFT issuer service.

  4. 4.

    The Metaverse owner submits the received NFT on the public blockchain hosting the launched Metaverse.

  5. 5.

    Blockchain returns the address of the recording acknowledgment (e.g., block number or transaction ID) to the Metaverse owner.

  6. 6.

    The Metaverse owner then sends the user’s sensitive information, involving log-in details and its digital identity as NFT, to the user through a secure channel.

  7. 7.

    To enter the Metaverse, the user sends a log-in request to the Metaverse. This method is a fully digitizing form of authentication method, generally called “something the user has”. In other words, NFT is a digital thing user has, and to use it as its identity, the user should be able to prove its ownership.

    It is noted that the detail of the authentication phase is out of this study’s scope; This phase is presented in a generic form, and every NFT-based authentication protocol can be applied in this phase (e.g., [14, 17] and many others).

  8. 8.

    Using blockchain data, the related smart contract authenticates the user.

  9. 9.

    Blockchain says ’the user is valid’ if the related NFT is found on its data; Else, the user is known as an invalid user who does not allowed for access to the Metaverse (the log-in request has been aborted).

  10. 10.

    The user now can enter the Metaverse and use/enjoy the virtual services if its authentication process has been passed successfully.

2.5.3 Further Details

While our suggested system model represents a pioneering approach in this field, it is essential to address certain ambiguities that may arise. The subsequent sections aim to provide clarity on these concerns and uncertainties, ensuring a comprehensive understanding of our proposed model. By addressing these ambiguities and providing comprehensive responses, we aim to foster a clear understanding and build confidence in the viability and potential of our suggested system model within the emerging field of Metaverse technology.

  • The usage of NFTs for authentication: Within the context of NFTs, the central component is the ’Comment,’ which essentially represents a bit-string. This ’Comment’ possesses characteristics of being publicly accessible and immutable, enabling a wide range of information to be encapsulated within it. In the suggested idea put forth in this study, the ’Comment’ is regarded as the user’s authentic identity, containing pertinent associated information. In essence, every minted NFT serves as the user’s digital identity, providing authentication capabilities for their participation in Metaverse applications. Consequently, Metaverse-based services, including smart contracts and entities, can leverage these NFTs to authenticate users effectively.

  • How can embed confidential information in public NFTs? The aforementioned ’Comment’ can also encompass confidential information within its digital string representation. While visually nonsensical and ambiguous, this type of Comment serves as a means for anonymous authentication, among other potential applications. It should be noted that the primary focus of this item is not limited solely to anonymous authentication, but rather highlights the capability of the digital string to accommodate confidential information securely. This feature enables the utilization of the ’Comment’ in a wider range of applications beyond authentication.

  • Why should use NFTs for identity information? Transparency and reliability are paramount objectives in blockchain-based technologies, particularly within the context of Metaverse environments, as emphasized in this study. To achieve these goals, NFTs are deemed an optimal choice for assigning users’ identities. By employing NFTs as digital identities in Metaverse-based environments, a range of benefits is attained, including enhanced transparency, immutability, and verifiable proof of ownership for identity holders. These attributes contribute to a more trustworthy and accountable ecosystem within the Metaverse, fostering greater confidence among users and stakeholders.

3 Challenges and Opportunities of the NFT-based Identity Management in Metaverse

This Section first explains the importance of using NFTs as a tool for identity management in Metaverses. It then reviews the challenges of this idea and presents possible solutions for them. Finally, the opportunities are identified in this Section for NFT-based identity management in Metaverse (Fig. 2).

Fig. 2
figure 2

NFT-based Identity Management in Metaverse: The Importance, Challenges, Possible Solutions, and Opportunities

Full size image

3.1 The Importance of Applying NFT

In this section, the explanation of the idea of using NFTs as tools for identity management in metaverses will be now described.

3.1.1 Uniqueness

Each human has its unique identity or biometrics. Hence, in the present study, it was tried to find a similarity between humans’ unique attributes (e.g., biometrics) and the uniqueness of NFTs. As mentioned previously (Sect. 2.3 and [22, 23]), NFTs are assumed as immutable and unique strings that are considered in the present study equal to users’ real identities.

3.1.2 Revocation

Assuming NFTs as digital users’ identity cards in metaverses provides features of NFTs for them. If suspicious behavior is observed, one of the features of NFTs is that they become invalid in public [26, 27]. Although no one can remove NFTs from blockchains, worthless and scam NFTs are assumed invalid. Consequently, the created digital identity will be invalid to the public. Although the constructed unique digital identity will continue to exist in the metaverse, its importance is considered revoked and no longer assumed.

3.1.3 Loyalty and Reputation

Loyalty is a parameter for determining the allegiance of the users, and reputation presents the level of validity and a user’s past behavior [28] (both parameters can be assumed as quantitative parameters, e.g., 0 to 10). Therefore, the value of an NFT linked to the user’s real identity can be directly related to the user’s loyalty or reputation. Hence, the value of the NFT increases if the user accumulates a higher reputation. Consequently, NFTs price analysis (only the NFTs assumed as users’ identities, not all) is replaced instead of metaverse monitoring to illustrate the situation of digital communities. The analysis of the average prices of mentioned NFT by data scientists indicates the status of digital communities.

3.1.4 Monitoring

Uniqueness makes monitoring easy since authorities know that each user only has a unique identity. This property is suitable for distributed systems in which there is no centralized administration because any misbehavior is detected and attributed to its source [29]. Therefore, regular network users or groups of authorities (who manage a distributed system) are enabled to monitor users with unique digital identities (NFTs) in metaverses. Additionally, tracking NFTs is more straightforward than managing anonymous users, who may be malicious, with multiple identities.

3.2 Challenges and Possible Solution

This section reviews the most critical challenges that NFT-based identity management suffers; Additionally, possible solutions that can wholly or partially solve the mentioned challenges are offered.

3.2.1 Multiple Metaverse - Multiple Identity

One of the main challenges of metaverses is the conflict between different programming languages in different metaverses so that a generated object in a metaverse is unknown in another one [31, 32]. This challenge can be generalized to creating NFTs that are considered equivalent to users’ real identities in multiple metaverses on different blockchains. As a result, each real user could link numerous valid digital identities to its unique real identity, which is equal to the number of launched metaverses. Unfortunately, this is against to uniqueness of real identity, and each user can be assumed loyal in a certain metaverse and malicious in another one.

The utilization of the same NFT for authentication purposes across multiple metaverses presents a potential increase in linkability risk. This scenario could enable collusion among metaverse providers, enabling them to compile user profiles, leading to unintended consequences. In response to this concern, it should be noted that different metaverses adhere to distinct NFT standards, as outlined in Table 1. Consequently, even if two NFTs possess the same “Comment” attribute, they are inherently dissimilar. These differences encompass various aspects, including standards, headers, mint time, issuer, and more. Consequently, any attempt by a hacker to engage in fraudulent activities by leveraging the same NFT across multiple metaverses would be futile, as the divergences in key attributes would prevent successful manipulation. Indeed, in this perspective sheds light on the fact that even if NFTs appear distinct based on technical attributes such as standards, headers, mint time, issuer, and more, the potential risks arise from the content encapsulated within these NFTs. If these NFTs contain identity information that can be correlated across metaverses, the risk of users’ activities being tracked and collusive behavior remains a valid concern.

The basic solution is to unify metaverse codes or propose a method to allow metaverses to call other codes. In more detail, offering a unique standard focusing on creating NFTs related to users’ real identities and forcing metaverse developers to follow is the best solution. As the metaverse landscape evolves, it is crucial to expand our examination beyond technical disparities and take a holistic view of identity management and associated risks. By acknowledging the referee’s insightful observation and considering their suggestions, researchers and practitioners can work towards devising comprehensive solutions that address privacy, security, and user experience concerns in the context of multi-metaverse interactions.

It is highlighted that the suggested solution is one of the general challenges in blockchain-based systems, especially in Metaverse environments. Providing a unified code for multiple blockchains or metaverses will be known as a revolution in this field and transforms these types of technologies.

3.2.2 Key Management and Certificate

Even centralized systems suffer key and certificate management problems (e.g., issue, revoke, revival, security, expire, etc.) [33]. When no individual authority exists in a distributed system and many users are registered, this issue becomes more critical. This challenge’s importance is the need for management, otherwise, everyone can generate numerous public and private key pairs, for example, in the Bitcoin community. However, this study reviews the identity management challenges in somewhere that expect to be safe and provide orderly organization.

Using certificateless systems is a conventional method that solves most certificate problems [34]. However, designing these schemes in distributed systems can solve the above problems. Based on this solution, it is suggested to create NFTs as users’ digital identities, using users’ real identities and their certificateless public keys. This solution provides security against curious or malicious insiders and solves certificate problems.

3.2.3 Decentralized Management

Decentralized and mainly distributed systems suffer distribution challenges such as delay, consensus, responsibility, and security. Blockchain-based systems are no exception to mentioned challenges [30]. Identity management in metaverses is also a challenging issue where no central authority exists, and group consensus/decisions require the trust of the majority, in addition to delay and scalability issues.

Threshold schemes are generally suggested for groups of members that cannot be presented partially, and a threshold number of them handle the process [35]. Designs using threshold schemes (e.g., encryption, signature, secret sharing) are suitable for applying in distributed systems, and managing metaverses, for example. Accordingly, these schemes should be used in metaverses with owners’ duties assigned to groups of authority. As a result, a group of leaders manages users’ digital identities in metaverses to provide distributed management and reliability.

3.2.4 Authentication and User Privacy

As with all identity management systems, user authentication methods and verifying users’ validity are essential. Nevertheless, in infrastructures that welcome a considerable number of users, the need for users’ privacy is requested. In general, it is recommended to use anonymous authentication protocols [18]. Although centralized systems have mainly addressed this challenge, it still persists in distributed systems with no central authority, where identity management is of great concern.

Based on the idea of assuming users’ digital identities as NFTs, the proof of NFTs’ ownership is equal to users’ authentication. Additionally, to support anonymous authentication and users’ privacy simultaneously, zero-knowledge protocols can provide much assistance in this regard. By applying these protocols, users prove their validity without revealing details of NFTs (without revealing bits of knowledge about their identities).

3.2.5 Malicious Insiders and Users

Connecting users expect to be safe in which no one abuses their information. Various cryptographic tools and protocols provide privacy-preserving in such a way that no insider or outsider can obtain users’ sensitive information [5, 36]. However, specializing them to be worked in metaverses to satisfy identity management’s policies is still open.

Some mentioned solutions, such as certificateless and threshold schemes [34, 35], are suitable to provide security against malicious insiders. However, to present methods for protection against both privileged insiders and regular users, it is needed to combine mentioned schemes with protocols providing conditional privacy for blockchain-based systems [37]. Therefore, applying a threshold scheme supporting conditional privacy is an excellent way to solve this challenge.

3.2.6 Trust

Joining each virtual system taking users’ information (e.g., real identities or maybe their sensitive information) requires ensuring the existence of trusted authorities. Users who join these systems expect that the system supports safety and reliability where perhaps malicious insiders exist [37, 38]. Similarly, users’ trust management is vital in using NFTs as identity management tools in which users have to register on metaverses using their real identities.

In the conclusion of this subsection, it can be said that attracting trust and reliability are the primary communications requirements. These items are more considerable when users face a newly-emerged infrastructure or environment such as modern metaverses. Manageable (regulation-supported) modern metaverses, which have been reviewed in this study, are similar to centralized metaverses. However, by implementing the suggested solutions, the desired balance between regulation and users’ privacy-preserving to attract users’ trust will be provided.

3.3 Opportunities

Against to mentioned challenges of using NFTs as a tool for identity management in the Metaverse, this paper believes that this idea provides various opportunities in this field for experts and the public. This section identifies some of their mains as below.

3.3.1 New Jobs

As with most fields of computer science, providing security in computer networks is a vital duty, and security officers play critical roles. Therefore, in addition to numerous newly-emerged jobs related to this study’s main idea [39, 40], cybersecurity is one of the prominent positions in this regard. Other jobs raised based on this idea are i) New field in NFTs to create unique digital identities based on users’ real identity, ii) Proxy as a user (PaaU) to do user’s works in metaverses by proxy user identity created based on the user’s identity and the proxy user’s identity, iii) Creating virtual real estate agencies to prepare documents based on users’ digital identities, iv) Releasing certificates issuing centers for creating users’ certificates based on NFTs, and v) Metaverse-atop digital ticket issuing based on users’ digital identities or NFTs.

3.3.2 Investment

The leading investment in this field is projects providing NFT-based identity, or in a clarified statement, projects relying on this paper’s main idea. Manager or staff training for handling these projects is another way for investing to earn.

3.3.3 Development

Developers are not left out of this idea in which they can develop and support software. Two examples of software assisting this idea, which should be launched by developers are identity (NFT)-based software working on metaverses and customer relationship management (CRM) software for metaverse-based markets working based on NFT.

3.3.4 Digital Twins

Digital twins [41], as highly-accurate simulations of physical things, play prominent roles in virtual worlds. The existence of digital twins in metaverses [25] assists in providing more natural senses in metaverses. However, their provable ownership right is an essential issue, which could be supported using NFTs. Therefore, assigning unique identities to physical things to create their related NFTs is an opportunity for developers and an advantage for industry owners to prove their product ownership rights.

3.3.5 Advertising

Advertising based on the history of users’ purchases and activities is a well-known issue in marketing and advertising for data scientists. Therefore, by having users’ unique identities in metaverses and monitoring them, data scientists can select the best ways for virtual companies’ advertisements to achieve the highest efficiency.

4 Discussion

According to the mentioned main idea, its challenges, proposed solutions, and identified opportunities, this section presents the final discussion of this paper and concludes the proposed solutions.

Blockchain and modern metaverses are newly-emerged technologies, mainly in the first or second evolutions. Therefore, it is obvious to have numerous main and marginal challenges and weaknesses. Concepts launched based on these technologies, such as NFTs, virtual cities [42], and other services,also suffer the same drawbacks. The challenges of applying NFTs as tools for identity management in metaverses, as mentioned earlier in Sect. 3.2, are mainly reduced to blockchain and metaverse challenges.

As a result, the improvements of basics get much assistance to the growth of outsider layers and applications. Therefore, it is anticipated that applying NFTs as proof of users’ digital identities will be the most popular idea for managing users in future metaverses. The next generations of blockchains and metaverses, empowered by AI [19], is accelerating the evolution of this idea to be more popular.

As a general solution for most challenges, this study believes that applying the robust idea named “Certificateless threshold secret sharing” suggested in [29] is the best choice. The use of advanced cryptographic tools is suggested as a means to strike a balance between preserving privacy and enabling regulation. This approach allows users to maintain their privacy while also facilitating monitoring by governments or privileged insiders.

5 Conclusion

This study presented a significant and cutting-edge proposition for managing identities within modern metaverses. The central idea revolved around utilizing NFTs as a means of identity management, as it offers a more streamlined approach compared to handling anonymous users with multiple identities. NFTs are uniquely suited for assigning to individual users’ real identities, providing a robust solution for identity management in metaverse environments. The study further examined the main challenges associated with this idea and proposed potential solutions to address them effectively. Additionally, the research identifies and discusses compelling new opportunities that have emerged in light of this approach, offering a comprehensive solution for managing identities within modern metaverses.

Future directions: Solutions described in Sect. 3.2 are a good guideline for researchers and academics to carry out their basic and academic works. For example, proposing a method for unifying metaverse programming is an open problem, and presenting a secure fully-distributed key generation protocol solves numerous challenges in this field. On the other hand, Sect. 3.3 attracts developers, investments, traders, and industry owners who can invest in the mentioned fields.