The firm clarified that it does, in fact, collect users’ IP addresses and wallet information when they make a MetaMask transaction through Infura – but plans to reduce its retention of such data down to seven days.
Privacy Concerns at ConsenSys
Per the company’s statement on Tuesday, November’s policy update did not reflect a change in business practices at ConsenSys but rather served to clarify its existing practices. The update revealed that the company’s key products, MetaMask and Infura, collected both users’ wallet and IP addresses, raising privacy concerns.
"ConsenSys is committed to maintaining the highest standards when it comes to your privacy"
Also, we collect basically every available piece of data from you other than a DNA sample.
If you aren't using a custom RPC for Metamask, I'd suggest doing so now. pic.twitter.com/WizpplYRFE
— ℭ𝔶𝔭𝔥𝔯.Ξ𝔱𝔥 (@CyphrETH) November 24, 2022
“We are committed to protecting the privacy of people who use our products so that they will not—and, ultimately, cannot—be betrayed by yet another centralized entity,” wrote ConsenSys.
Both MetaMask and Infura are pillars of the infrastructure that keeps Ethereum usable today. The former is the smart contract platform’s most widely used software wallet, while the latter is the API and archival node provider used by MetaMask for broadcasting transactions. Infura has also been used by various centralized exchanges like Binance and Bithumb when processing deposits and withdrawals.
As ConsenSys noted, its data collection policy comes with limits. For example, Infura does not store users’ wallet address data for ‘read’ requests, such as checking one’s account balance on MetaMask.
By contrast, wallet and IP data for “write” requests (transactions) are collected “to ensure successful transaction propagation, execution, and other important service functionality such as load balancing and DDoS protection, as provided by Infura.”
Still, ConsenSys said that wallet and IP address information is stored separately so that each piece of data cannot be associated with the other within the company’s systems.
“We have never and will never sell any user data we collect,” it continued.
Infura was one of the node providers to limit access to the privacy protocol Tornado Cash following OFAC’s sanctions against it in August.
Using Other Nodes
To work around the issue entirely, ConsenSys will roll out a new advanced settings page within MetaMask this week that allows wallet users to select their own RPC node provider outside of Infura. While previously possible, this new page will be seen by new users during the onboarding process, allowing them to never use Infura as their server if they so choose.
The company also plans to improve UX around the existing means for changing one’s RPC node, including making steps not to over-caution the user away from doing so.
Nevertheless, ConsenSys did have a certain warning about the practice of using non-default RPC nodes, including self-hosted nodes. “Alternate RPC providers have different privacy policies and data practices, and self-hosting a node may make it even easier for people to associate your Ethereum accounts with your IP address,” it said.
Ethereum archival nodes are recognized by the Ethereum foundation for generally being difficult to run for average users.