All NFTs are contained in non-custodial smart wallets (Vaults) generated by the Tessera protocol’s smart contracts. The assets (NFTs, ETH, etc.) within a Vault can only be withdrawn based on the given permissions of a Vault, which are generally subject to governance voting of all Vault token owners. For example, if a Vault has applied the standard Buyout Module, the only way to withdraw the assets in the Vault is to have a Buyout proposal accepted by token owners, or to own 100% of the token supply.

An NFT within a given Vault cannot be withdrawn unless its modules allow for it. These modules are set by the curator upon fractionalization and can be adjusted via governance vote of token holders. Each vault is responsible for its own security and governance. If a Vault is deployed with no modules that allow for the assets within the Vault to be withdrawn, there is a risk the assets will be stuck. Additionally, users should only interact with Vaults that have been deployed using modules that they trust, since a malicious actor could deploy a Vault with malicious modules.