MetaMask 5.0 includes an optional setting that requires dapps to ask permission to view your account address.

Bobby Dresser
Nov 5, 2018 · 3 min read

If you have MetaMask installed, you know the extension makes it possible to interact with a whole world of websites built on the Ethereum blockchain.

On any site you visit, MetaMask automatically adds in a small JavaScript object we call an “Ethereum provider.” This allows websites to do things they otherwise couldn’t: propose Ethereum transactions, ask for your signature, query the blockchain, and so on. It’s how dapps get your account balance, or what lets exchanges ask for your tokens.

But when it comes to user privacy, this behavior is less than perfect. Dapp browsers like MetaMask show the Ethereum provider object to any site you visit, which means your Ethereum address is indiscriminately exposed. Since the blockchain is public, your account balance and entire transaction history are retrievable by anyone with your address. Malicious sites can use this data to fingerprint, phish, or track unsuspecting users.

Putting you in control

Over the past couple months, MetaMask has led an effort to improve this privacy flaw across the entire Ethereum ecosystem (documented in EIP 1102). We’re excited to introduce “Privacy Mode” as the user-facing piece of this new privacy layer.

As of version 4.18, MetaMask users will see a new option in their settings.

Click the top-right icon, then click “Settings,” and find this option near the bottom

Enabling Privacy Mode means websites have to ask to see your Ethereum accounts. When a dapp asks for permission to see your accounts, you’ll see a MetaMask popup like this:

By default, we’ll remember which sites you’ve allowed to access your addresses. A future version of this feature will let users un-check an option to “Keep me connected to this site,” requiring that site to request access each time you visit.

Privacy Mode is simple for users, but it’s a significant paradigm shift for how dapps are built. (If you’re a dapp developer, read this overview for how to stay compatible.)

At first, Privacy Mode will be opt-in (and turned “off” by default). Even if you haven’t turned Privacy Mode “on” yet, we want to make it clear what’s happening under the hood, so you may start seeing the “Connect to this site” dialog as you use your favorite dapps.

If you’ve enabled Privacy Mode and are visiting a dapp that isn’t yet EIP 1102-compliant, the site may not work as expected. In this case, head to your settings, turn Privacy Mode “off,” and try again.

The MetaMask team firmly believes EIP 1102 is a crucial step towards a safe, user-friendly decentralized web. Privacy Mode will eventually be the default experience for all MetaMask users.

For developers looking for information on how to build applications compatible with EIP 1102, see this post.

Thanks to the dozens of developers and community members who have contributed to this standardization effort!

MetaMask

MetaMask is a bridge that allows you to visit the distributed web of tomorrow in your browser today. It allows you to run Ethereum dApps right in your browser without running a full Ethereum node.

Bobby Dresser

Written by

den sweeper @ MetaMask 🦊

MetaMask

MetaMask

MetaMask is a bridge that allows you to visit the distributed web of tomorrow in your browser today. It allows you to run Ethereum dApps right in your browser without running a full Ethereum node.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade