Dan Finlay, the co-founder of MetaMask, stated that they are not utilizing IP addresses even in the case of storing them momentarily though they do not require doing so because they do not utilize them for no matter what.
This statement comes after the disclosures by ConsenSys (the parent firm of MetaMask) regarding GDPR that the IP addresses as well as Ethereum addresses would be collected by Infura.
MetaMask Confesses Recording IP Addresses Temporarily
Infura plays the role of a provider of node infrastructure and MetaMask’s default node. An Ethereum developer named Micah Zoltu stated that the collection of IPs is not just carried out when the consumers execute a transfer, but also at the time of signing into as well as unlocking MetaMask.
Zoltu mentioned that as soon as the account is unlocked by the consumers, the IP address along with all the addresses associated with them would be collected by Infura.
As per Finlay, it is only for batching requests to display balances. Finlay disclosed that they are not engaged in anything wicked. He insisted that everyone is only projecting their nastiest apprehensions.
Finlay establishes that in the case of utilizing another point of Remote Procedure Call (RPC), analogous to an individual node, MetaMask would not record IPs.
However, operating the individual nodes can include a difficult procedure requiring additional storage as compared with the normal computer’s capacity, but anyone can have the storage cheaply to accomplish privacy.
To operate a node the intending person can move to Raspberry Pi. In addition to this, one can also operate a virtual private network (VPN) – in the case of crypto consumers, particularly those living in the United States.
This will bypass the prohibition for a few projects and dapps in line with the restrictions posed by the SEC. In the case of general privacy, a VPN’s utilization should become frequent.
Even then, most of the people would likely connect via their normal IP as well as via Infura instead of their node. Finlay claims that even in the case of the respective consumers the collection of IPs is accidental.
According to Finlay, a few software (taking into account cloud infrastructure) that might be utilized by them, may log without being noticeable.
That is why, he added, they require disclaiming that hazard while pursuing to detect and eliminate them. Finlay specified that if someone happens to observe a public server it would be apparent that several risk logs take place even accidentally.
MEW Denies Collecting IP Addresses
ConcenSys founder, Joseph Lubin, clarified that the IP and address interact with the blockchain or Infura, and the browser is required to offer the service. In Lubin’s words, the 1st requirement is the blockchain address as it is included in the request directed to a blockchain.
Another requirement is related to IP address to lead the reply back to the one who made the request. Nevertheless, MyEtherWallet (MEW) has declared that no IP addresses are collected by them.
MEW explained by saying that they have never gathered any identifiable information and do not intend to do this even in the future. It appears that MEW operates its distinctive infrastructure along with having a separate browser extension named Enkrypt.
Eknrypt’s code is open source and one can verify that the platform does not collect data. However, the node infrastructure run by MEW is not open-source.