Zum Hauptinhalt springen

MetaMask profile and privacy

MetaMask now allows you to receive notifications and sync data in a privacy-preserving manner across devices. To use these features, you will need to enable profile sync.

We'll cover its rationale, the details of how it works, the privacy safeguards in place, and how you can control and opt out of this new system.

What are the benefits of creating a profile?

Enabling profile sync will allow you to:

  • Receive notifications about your wallet activity.
  • Sync your user configurations and settings across different devices with MetaMask installed. Over time, we will start backing up and cross-syncing your address book, transaction history, imported tokens, and watched addresses.
  • Back up your configurations for when you change or reset your browser.

How is the profile created?

When you opt-in to a feature that uses a profile, your MetaMask instance generates both a public key and a private key. These keys are derived from your Secret Recovery Phrase, which means that you will have the same profile on other MetaMask instances where you use the same Secret Recovery Phrase.

info

These keys are derived from your Secret Recovery Phrase, meaning they don't threaten your MetaMask security in any way. These keys cannot be used to control your funds or addresses and are unrelated to your assets.

This profile will allow you, e.g., to keep the same notification settings on multiple devices or receive wallet activity notifications on multiple MetaMask instances without having to 'mark as read' on each device.

The private key stays within your MetaMask instance, and the public key is shared with MetaMask servers to provide services that require your profile, such as syncing your user configurations. Your Secret Recovery Phrase is never shared with MetaMask servers.

How does profile sync respect my privacy as a MetaMask user?

When using profile sync, your settings are synced without compromising the confidentiality of your MetaMask activity. Instead of web2-like architectures, where service providers host user data, we use a privacy-first approach. Your information is encrypted on the client side (i.e., locally, on your device), and the server acts as a storage and relayer of encrypted data. MetaMask, therefore, has zero visibility of which users or addresses are using this service and how.

When you enable wallet activity notifications, MetaMask must store your address on MetaMask servers to track activity on the blockchain and provide you with notifications.

Where and how do you store user configurations?

User configurations are stored on MetaMask servers, encrypted with a specially generated key that only you own and can access. Nobody else can read the configurations.

In this context, MetaMask is merely storage and cannot read who is using the service or the content of the configurations since everything is encrypted on the client side. The encrypted information can be decrypted on another device when the same Secret Recovery Phrase is used.

We are also actively working with the ecosystem to explore opportunities to decentralize the user configuration storage in the future.

Which user configurations do you store?

You control what data is stored by enabling features in settings that use the profile and storage solution. We don’t store, transfer, or backup your private key or Secret Recovery Phrase, both of which are only accessible to you.

How do wallet activity notifications work?

We monitor blockchains for you and send you push notifications when relevant events occur to your addresses, such as receiving tokens, NFTs, or unstaking.

Unlike the user configuration service, which only hosts data encrypted client-side, the notifications service needs to save unencrypted versions of the monitored addresses on the server side.

How can I opt out?

You are free to do so if you don't wish to use any of the features that make use of a profile. Your MetaMask client will continue to work like you're used to, but you won't be able to use additional functionality such as wallet activity notifications. Wallet activity notifications rely on profile sync being enabled; if you opt out of profile sync, you also opt out of wallet activity notifications.

You can opt-in again anytime to enable features that use a profile.

To opt out of profile sync, go to Settings > Security & Privacy and turn off the 'Profile sync' toggle. Doing so will also turn off wallet activity notifications.