{"id":16339,"date":"2023-01-18T02:06:37","date_gmt":"2023-01-18T02:06:37","guid":{"rendered":"https:\/\/nftandcrypto-news.com\/crypto\/are-we-still-mad-at-metamask-and-consensys-for-snooping-on-us\/"},"modified":"2023-01-18T02:06:39","modified_gmt":"2023-01-18T02:06:39","slug":"are-we-still-mad-at-metamask-and-consensys-for-snooping-on-us","status":"publish","type":"post","link":"https:\/\/nftandcrypto-news.com\/crypto\/are-we-still-mad-at-metamask-and-consensys-for-snooping-on-us\/","title":{"rendered":"Are we still mad at MetaMask and ConsenSys for snooping on us?"},"content":{"rendered":"

<\/p>\n

\n

The cryptocurrency community has a tendency to fixate on a new issue every few weeks and then promptly forget about it. The limited attention span of this community misses the ultimate resolution of important issues. Over the Thanksgiving holiday in November 2022, ConsenSys released a disclosure about a privacy policy affecting MetaMask users that sent \u201cCrypto Twitter\u201d into a firestorm. My first reaction was also negative.<\/p>\n

\n

That\u2019s what a sly fox would say isn\u2019t it? pic.twitter.com\/PfKMTiNHoR<\/a><\/p>\n

\u2014 J.W. Verret, JD, CPA\/CVA (@JWVerret) November 25, 2022<\/a><\/p><\/blockquote>\n

The MetaMask browser extension wallet uses a node called Infura. That node is owned by ConsenSys, the same company that develops MetaMask. The press release reminded users that Infura collects the internet protocol (IP) addresses and wallet addresses of users who connect their MetaMask wallet to Infura. It also reminded them that MetaMask users don\u2019t have to use Infura, which is only a default, and that MetaMask allows connection to other public node providers such as Alchemy or Ankr.<\/p>\n

When you send or receive crypto, your wallet interacts with the blockchain. But wallets don\u2019t download the blockchain; that\u2019s too cumbersome for a wallet on your phone. Instead, when your crypto wallet sends a transaction, most wallets use a public node to request that new transactions be added to the blockchain via the mempool.<\/p>\n

Related: <\/em><\/strong>\u2018Tracers in the Dark\u2019 presents a fun crime story \u2014 and lesson in privacy<\/em><\/strong><\/p>\n

(You could set up your own node. In fact, for better privacy and speed, you probably should. More private nodes also mean a more decentralized network. But I\u2019ve tried and I don\u2019t have sufficient technical skills to do so. Maybe you will have better luck.)<\/p>\n

Now, let\u2019s remember that blockchains like Ethereum aren\u2019t private. If you want privacy, you need to use a privacy coin like Monero (XMR), which leaks some information about the sender, or Zcash (ZEC)-shielded transactions, which leak no sender information. Or you need a privacy tool, but unfortunately, the feds sanctioned Tornado Cash,\u00a0which was the most reliable privacy tool on Ethereum.<\/p>\n

Regardless, if you are using a public node or any other central service to transact in crypto, you need to use a virtual private network (VPN) or Tor (easy to use with the Tor browser) to mask your internet service provider (ISP) address. Is anyone out there using Ledger Live to transact in crypto using your Ledger hardware device? Ledger Live tracks ISPs too, and apparently keeps that information for up to five years.<\/p>\n

Privacy is a personal responsibility. No one will protect it for you. Crypto users need to learn to use privacy tools like VPNs, Tor, privacy coins, etc. The day will soon come when governments send blanket \u201cJohn Doe summonses\u201d to public node providers to get those ISPs, just like the Internal Revenue Service did to central crypto exchanges in the early days of crypto. And those intermediaries will undoubtedly comply.<\/p>\n

Related: <\/em><\/strong>Tornado Cash saga highlights legal issues affecting the crypto market<\/em><\/strong><\/p>\n

There are legitimate reasons remote procedure call providers may want to retain ISP information. Some node users who are Infura clients may want ISPs tracked because it could help to hunt down hackers.<\/p>\n

So, back to the question: Are we still mad at MetaMask? Foxes are known for being clever. However, less known is that they\u2019re also loyal, as both males and females care for a tight-knit family unit. Was the MetaMask fox too clever, or was he loyal to core blockchain principles?<\/p>\n

What sparked the outrage was public disclosure about changes to their privacy policy. Transparency is a good thing \u2014 or should be unless Crypto Twitter erupts violently in response to those disclosures. And they further refined their privacy policy in response to the criticism. Read the new Infura privacy policy for yourself here. It seems straightforward and attempts limited privacy protection.<\/p>\n

\n

Para los que se preocupan por su IP en MM recuerden que pueden cambiar el RPC de Infura en 4 pasos de la siguiente manera:<\/p>\n

\u2014 . | (@ancestral_alien) November 25, 2022<\/a><\/p><\/blockquote>\n

\n

Except you do, you have, you will always bc there is no way not to. Dont disrespect your users like that.<\/p>\n

You send every users various onchain addreses, IPs, info to mewapi (you), blockchain info, moonbeam network, on and on.<\/p>\n

The ONLY diff is that YOU blatantly lie abt it. <\/p>\n

\u2014 Tay (@tayvano_) November 24, 2022<\/a><\/p><\/blockquote>\n

Infura competitors like Alchemy and MyEtherWallet took this opportunity to throw shade Infura\u2019s way. One MetaMask developer hit back. Read Alchemy\u2019s privacy policy, which uses legalese to reserve the right to collect and use data however Alchemy chooses. Alchemy\u2019s privacy policy gets a negative recommendation from Chainlist for its poor privacy practices. Not cool.<\/p>\n

In crypto, as with life, privacy is a personal right and responsibility. Energy spent on momentary outbursts is better spent learning about privacy technology to protect yourself.<\/p>\n

\n

J.W. Verret<\/strong> is an associate professor at the Antonin Scalia Law School at George Mason University. He is a practicing crypto forensic accountant and also practices securities law at Lawrence Law LLC. He is a member of the Financial Accounting Standards Board\u2019s Advisory Council and a former SEC Investor Advisory Committee member. He also leads the Crypto Freedom Lab \u2014 a think tank fighting for policy change to preserve freedom and privacy for crypto developers and users.<\/p>\n<\/div>\n

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed here are the author\u2019s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.<\/em><\/p>\n<\/div>\n