Privacy with Ethereum? Metamask privacy leaks

So I had heard rumors that Metamask has been selling wallet data to chainalysis and others so I went to dig into this some more. Even using multiple wallet addresses doesn’t break privacy if all the wallets are controlled by metamask. Metamask’s privacy policy says they log IP addresses and other data. Here’s their policy.

Also, it seems that metamask is using the same infura API for all wallets—so infura also has a large database of user data. What I can’t figure out is if each metamask installation gets the same API or if there. If all metamask’s used the same API, that would be a lot better. Does anyone know?

I went searching for an alternative, especially for web3 integration, and I couldn’t find anything that really interests me or that I think is any more private. Thoughts? Seems like walletconnect could integrate with any type of app—but generally I think the phone apps leave more of a fingerprint and they run 24/7 so who knows what they are doing in the background. I’m not sure, however. I know incognito is an app but I trust they aren’t logging my data since they are privacy oriented by design.

Tornado Cash has some interesting things to read about here on their medium post. It’s a lot harder to cover our footprints than I had originally thought.

Is there any way to run a lightweight ethereum node ourself and connect it to metamask via RPC? Or any other metamask replacement that you’d recommend?

I tried to download GRID but I can’t seem to get it to work. It may not be a supported project anymore.

Has anyone else gone down this rabbit hole?


@Taind is trying to create an Incognito based wallet extension that would be similar to metamask. Here is a sample of what it looks like.

If your looking for Ethereum specifically, i’m not sure what the contenders are for secure web3 integration. I know there are dApp wallets that inject into their native web browser. For exsample, I use coinbase wallet and it allows me to use uniswap through their browser. So maybe there is an alternative wallet app that you can use that allows web3 injection.