Last Updated: May 28, 2025
FabricVault is a secure browser extension wallet for Hyperledger Fabric. This Privacy Policy describes how FabricVault ("we," "our," or "us") handles user data. Our primary goal is to provide a secure and private experience for managing your Fabric identities and interactions.
1. Data We Do Not Collect or Transmit
FabricVault is designed with a strong commitment to user privacy. We want to be absolutely clear:
- We do not collect, store, transmit, or sell any personally identifiable information (PII) to our servers or any third parties.
- We do not collect your browse history, clicks, keystrokes, or any general user activity data outside of the direct interactions with the FabricVault extension itself.
- Your private keys and other sensitive authentication information are encrypted and stored exclusively on your local device. They never leave your browser and are never transmitted to our servers or any third parties.
- We do not use or transfer user data for purposes unrelated to the extension's single purpose.
- We do not use or transfer user data to determine creditworthiness or for lending purposes.
2. Data Handling (Local Only)
FabricVault interacts with and processes certain types of data locally within your browser to fulfill its core functionality:
- Authentication Information: FabricVault stores your Hyperledger Fabric identities, including private keys and certificates, encrypted within your browser's local storage. This data is essential for signing transactions and authenticating with Fabric networks. This information remains solely on your device.
- Transaction Data: When you initiate a transaction via a dApp and confirm it using FabricVault, the extension processes the transaction payload locally to enable you to review and sign it. This transaction data is not transmitted to us.
- User Activity (within the extension): Interactions you perform directly within the FabricVault extension (e.g., clicking to approve a transaction, navigating settings) are processed locally to facilitate the wallet's operations. This activity is not monitored or collected by us.
- Website Content Interaction: FabricVault, through its host permissions, may interact with the content of web pages (e.g., to read transaction requests from dApps). This interaction is purely for the purpose of enabling the wallet's functionality and does not involve collecting or transmitting the full content of web pages to our servers.
- Extension Settings: Your personalized settings for the FabricVault extension are saved locally in your browser's storage.
All data processed and stored by FabricVault remains on your local device and is under your control. We do not have access to it.
3. Permissions Used and Justification
FabricVault requests the following permissions, strictly for its intended purpose:
- `storage`: This permission is essential for securely storing your Fabric identities (e.g., private keys, certificates), transaction history, and application-specific settings locally within your browser. This ensures your data is persistent and readily available for managing your wallet.
- `activeTab`: The activeTab permission is utilized by FabricVault to allow the extension to temporarily access and interact with the currently active tab when the user explicitly invokes the extension (e.g., by clicking its icon). This is essential for features such as: Contextual Actions: If FabricVault needs to read the current URL or perform actions on the active page, like checking if the active tab url is connected to any identity in the vault and displaying a ui option to connect. User-Initiated Interactions: For example, when a user clicks the extension icon on a dApp to connect their wallet or sign a transaction, activeTab grants the necessary, temporary access to that specific page's context. This permission ensures that FabricVault's functionality is directly tied to user intent on the current tab.
- Host Permissions (`https://*/*`, `http://*/*`, `ws://*/*`, `wss://*/*`): The https://*/*, http://*/*, ws://*/*, and wss://*/* host permissions are essential for FabricVault to function as a universal, configurable wallet for Hyperledger Fabric. These broad permissions allow FabricVault to interact directly with various RPC gateways and Fabric network services. Users configure their wallet to connect to diverse Fabric networks, each potentially exposed via different gateway URLs (e.g., https://myfabricgateway.com, ws://anothernode.org, http://localfabric:8080). Without these permissions, FabricVault cannot connect to user-defined endpoints, which is critical for: Fetching real-time data (ledger state, transaction status, etc.) Broadcasting signed transactions to the network Performing other essential network-level operations Granting access to *://*/* ensures FabricVault can connect to any required service, supporting full compatibility and functionality across the Hyperledger Fabric ecosystem.
4. Third-Party Services
FabricVault does not directly integrate with or transmit data to any third-party analytics services or advertising networks.
5. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.
6. Contact Us
If you have any questions or concerns about this Privacy Policy, please contact us at:
Email: valentineifeanyiugwu@outlook.com