​ConsenSys and Ledger heads deny claims of client data collection

What’s new? Joseph Lubin, the CEO of ConsenSys, an Ethereum software company, said that the MetaMask crypto wallet does not collect users’ IP addresses. He explained that MetaMask sends the information needed to process customer transactions through Infura, a remote procedure call (RPC) provider. For his part, Carl Anderson, vice president of consumer engineering at Ledger, a hardware crypto wallet maker, also said that the firm does not collect user data. According to him, “self-storage and sovereignty above all else.”

MetaMask does not collect IP addresses. @MetaMask routes information necessary for your transaction to be processed by an RPC provider. @infura_io is the default RPC provider in MetaMask, which we also develop. 3/21 — Joseph Lubin (@ethereumJoseph) November 25, 2022

What other statements have been made? According to Lubin, Infura takes requests from MetaMask and returns answers to them. Some of these requests require reading data from the blockchain. Others request a user-signed transaction to be executed on the blockchain. Once the work is done, Infura passes the result back to the sender of the request in MetaMask for display, he added. Lubin said that Infura manages an extremely complex system, unlocking the capabilities of blockchain and allowing developers to serve their users in the most efficient way possible.

Lubin noted that to process requests from a wallet like MetaMask, Infura needs to know the device’s IP address and the address of the blockchain. This data is necessary because it is part of the request being sent to the public registry. The IP address is also needed to send a response back to the sender of the request.

Despite user dissatisfaction, “all sorts of web3 dapps use RPC providers, which also need this data to service users,” Lubin emphasized. The alternative is little or no useful products in the Web 3.0 space.

The head of ConsenSys said that the company’s goal has always been and will always be to serve and protect the end user. Lubin says that Infura retains information subject to the restrictions described in the “Use of Personal Information” section of ConsenSys’ privacy policy.

Lubin emphasized that Infura does not use client data, nor does ConsenSys monetize it. Infura is looking for technical solutions to minimize data collection, including anonymization methods and complete deletion of collected information, and is working on decentralization to further reduce the platform’s risk to software developers and end users. Lubin added that ConsenSys was created to ensure that users are not subjected to improper exploitation by Internet products or services.

According to Lubin, ConsenSys will always allow users to use its products in a way that maximizes decentralization and minimizes risk to the platform. He said the firm’s lawyers regularly consult with product development teams to ensure that published usage rules are up-to-date, as the software is constantly evolving. ConsenSys’ legal team tries to lay out the rules accurately and clearly, but because the systems are complex, ambiguity is sometimes possible, Lubin noted and apologized for that.

Carl Anderson also said that the way Ledger computes assets protected by its devices is 100% anonymous and uses publicly available data.

2/ We don’t know who you are, and at no time are we linking on-chain data with other personal data, not even your IP address. Reminder: we never want to do know. Self-custody and sovereignty above all else. — Carl Anderson (@CRLNDRSN) November 26, 2022

He explained that public addresses are sent by Ledger Live to BTC and ETH nodes. The processing team then analyzes the public information available on the blockchain to estimate the total value associated with these wallets. In addition, Anderson said that an even more private option is available for users to run their own BTC node and set up Ledger Live.

What happened before? On November 17, the decentralized exchange Uniswap updated its privacy policy. The platform collects data tied to users’ cryptocurrency wallets. The information includes publicly available blockchain data, information from localStorage and other tracking technologies.

On November 24, Uniswap founder Hayden Adams denied claims about tracking users’ IP addresses. He said that the exchange could prevent such actions by third-party applications.