Infura is to blame for MetaMask’s violation of the crypto spirit

Censorship resistance is the backbone of cryptography, so for many cryptocurrency proponents, the November 23 announcement by ConsenSys, the New York-based company that developed the leading browser-based Ethereum wallet, informs 20 million MetaMask users that their IP and wallet addresses will be collected. was just a gross violation of the cryptographic spirit.

In the weeks that followed, ConsenSys first responded by saying that the collected data would only be kept for seven days, and then updated the MetaMask features to allow users to opt out of Infura. However, the question remains: Have they done enough to establish cryptographic strength?

While many may agree that MetaMask tracks user wallets and IP addresses, many of us disagree because the blockchain is supposed to be decentralized and allow people to control their data and their finances without intermediaries like banks and government.

Are we still mad at MetaMask and ConsenSys for snooping on us?

For the sake of healthy discussion, let’s assume that we’re fine with MetaMask tracking users’ wallets and IP addresses in certain acceptable cases. These reasons may be in case of a malicious attack. The information gathered by the Infura protocol could help track down the perpetrators involved.

Perhaps more importantly for ConsenSys, “espionage” may have more to do with official regulations such as Know Your Customer laws, anti-money laundering and anti-terrorist financing laws.

However, the reason behind the decision to “spy” or disable the privacy features of MetaMask users is of great concern – and even a little scary – because it clearly goes against the crypto spirit.

Control and ownership returned to users

The crypto spirit is focused on giving people back control of their assets so they can do what they want with them when they want and have ownership of their data so they can participate in a decentralized economy like a machine economy, by monetizing its information. .

Infura is mainly to blame for breaking the crypto spirit by monitoring user IP addresses and Ether (ETH) wallet addresses while advising MetaMask users to spin up a brand new Ethereum node or use a different node provider if they are so concerned about Infura intrusions.

Let’s say Infura (or any other API provider) stores IP addresses and ETH addresses of users. In this case, it can quickly locate the user’s home and link it to all ETH assets and network transactions made by users. It’s pretty scary.

Controversial invasions

This caused a heated discussion in the crypto community. While the Ethereum blockchain provides censorship resistance, API providers such as Infura that provide access to the Ethereum blockchain are not required to oppose censorship.

This poses a significant risk to users of MetaMask or any other wallet such as these Ethereum API nodes as it leaves them vulnerable to censorship without any prior notice or warning.

Coinbase fights back as SEC moves closer to Tornado Cash

And then came Alchemy and MyEtherWallet, which tried to “cash in on MetaMask users’ problems,” but emerged as two cryptocurrency wallet solutions that also track user data.

It is true that anyone can send bitcoin (BTC) to anyone, even if the police or the government do not approve of it. However, if BTC was not censorship resistant, these authorities could confiscate or block this bitcoin. Cryptocurrency was created with censorship resistance in mind, because we need and cherish our right to privacy.

It’s also ironic. Blockchain developers have been racking their brains to design a censorship-resistant chain. However, the API host provider “intercepts” the original intent and silently changes it, and potential victims—users—are not informed of the changes.

In light of Infura’s violations of the “crypto spirit”, there are two considerations.

Crypto enthusiasts should continue to monitor API providers and notify communities when they are acting unethically.

  • Public monitoring is required, as two whistleblowers are doing through their Twitter accounts.
  • MetaMask and other wallets should immediately inform users and clarify their privacy terms. For example, they must tell users that they are using Infura, which does not guarantee their 100% privacy. This may not have been done properly or explicitly enough in November.
  • Decentralized Applications (DApps) developers should be responsible for notifying people that an API node being used is not secure or censorship resistant in order to raise awareness.

What type of technology can solve this problem?

  • API Node as a Service allows non-technical users to easily run API nodes for their wallets. It should be as easy for both users and developers as buying a VPN service.
  • We trust mathematics. Technology is always fighting for freedom on behalf of people. Ethereum co-founder Vitalik Buterin recently published The Incomplete Guide to Hidden Addresses, which does not require new technologies. However, if implemented on Ethereum, they would partially address the privacy concerns raised by Infura. People can still find a user’s home using Infura, but not their transactions or assets on the network.
Raullen Tea is the co-founder and CEO of IoTeX. Previously, he worked for companies such as Google, Uber and Oracle. He has a Ph.D. from the University of Waterloo, where his research focused on the development and analysis of lightweight ciphers and authentication protocols for the Internet of Things. At Google, he led technical infrastructure security initiatives, including SSL attack mitigation, privacy-preserving SSL offloading, and certificate transparency for all Google services. He was also the founding engineer of Google Cloud Load Balancer.

This article is for general informational purposes and is not intended and should not be taken as legal or investment advice. The views, thoughts and opinions expressed here are those of the author only and do not necessarily reflect or represent the views and opinions of Cryptooshala.

Credit :

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker