MetaMask Adds New Wallet Settings, But Is It Enough for User Privacy?
MetaMask has added new privacy features to its browser extension Thursday, allowing users to enable phishing detection and enable advanced settings like choosing their own remote procedure call (RPC) network and adding a custom IPFS gateway.
MetaMask is a popular Ethereum crypto wallet with over 21 million monthly active users. Back in November, the wallet came under fire after parent company ConsenSys notified MetaMask users that it would begin collecting users’ IP addresses and ETH wallet addresses via its infrastructure provider Infura (the default RPC network) whenever users make a transaction.
Now, users will be able to choose a different RPC provider instead of Infura, a feature that ConsenSys said it was developing back in December.
The new features can be found under the MetaMask browser extension’s Security and Privacy Settings and can be tweaked during initial crypto wallet setup or modified after the fact for existing wallets.
“We have updated the MetaMask extension to maximize the control you have over your data,” MetaMask said on Twitter Thursday.
Starting today, extension users will see an updated experience when creating a new wallet, as well as an update in their privacy and security settings.
We have updated the 🦊 extension to maximize the control you have over your data.
— MetaMask 🦊💙 (@MetaMask) February 2, 2023
In its new settings interface, MetaMask warns that “any RPC will receive your IP address and Ethereum wallet to make transactions.” This means that true privacy is virtually impossible via MetaMask, as users will have to choose which RPC will handle their data, even if it’s not Infura.
While users might have more options now, it could be argued that MetaMask is providing users with an illusion of choice. Less tech-savvy users may not know how to optimize their privacy settings, let alone know what an RPC network is or how to choose an alternative.
Mina Protocol Cofounder Evan Shapiro is a Web3 privacy advocate who believes in the privacy benefits of Zero-Knowledge Proof (ZK proof) technology. When asked for his thoughts on MetaMask’s update, Shapiro told Decrypt via email that he isn’t sure it amounts to much increased privacy at all.
“As far as I understand, they’re still collecting IP addresses. And, they have the ability to change these features at any time as they see fit,” Shapiro said. “You’re still dependent on a centralized RPC. These issues won’t go away until there are easy to run full nodes available to run on browsers and phones.”
David Schwed, COO of blockchain security firm Halborn, called MetaMask’s new settings “positive.” That said, he still sees MetaMask’s ongoing data collection as risky for users.
“The capturing of IP addresses and their associated transactions are both security threats as well as privacy concerns,” Schwed told Decrypt via email. “A threat actor with access to this information would be able to potentially launch a spear phishing campaign against targeted users based on IP address and wallet balance.”
“The change does not allow you to opt out of them collecting IP addresses, they are simply allowing/advising you to utilize another RPC provider to broadcast transactions,” he added.
Users concerned about their privacy should note that the Ethereum network itself has never been fully anonymized. Etherscan offers detailed information on wallet transactions, and since the U.S. government sanctioned the Ethereum privacy mixing tool Tornado Cash, there aren’t many options to increase user privacy or conceal transaction data.
In December, ConsenSys published a lengthy explanation of its privacy policies and how and when it collects user data. It claimed that it never sells user data and shared plans to automatically delete user data within seven days—though it’s unclear when exactly that practice will be adopted.
Representatives for ConsenSys, Infura, and MetaMask were unable to provide comments to Decrypt before publication. ConsenSys is one of 22 strategic investors in Decrypt.