跳到主要内容

Privacy Policy — Monolythium Wallets

Effective Date: February 8, 2026 Last Updated: February 24, 2026

Mono Labs R&D LLC 28 Geary St STE 650, Suite 568 San Francisco, CA 94108 联系方式:legal@mono-labs.org

This policy covers the following Monolythium wallet products:

  • Browser Wallet (Chrome extension)
  • Desktop Wallet (Tauri 2 desktop application)
  • Mobile Wallet (React Native / Expo mobile application)

All three wallets share the same privacy model: no data is collected, and all information is stored locally on your device.

Data We Do NOT Collect

  • Private keys or seed phrases
  • Wallet addresses or balances
  • Transaction history or details
  • Browsing history or website activity
  • Personal information (name, email, location)
  • Analytics, telemetry, or usage metrics
  • Cookies or tracking identifiers

Data Stored Locally

All wallet data is stored exclusively on your device and never transmitted to Mono Labs servers.

Browser Wallet

Data is stored using Chrome's chrome.storage.local API:

  • Encrypted keyring — Private keys encrypted with AES-256-GCM using a password-derived key (PBKDF2, 600,000 iterations). Plaintext keys are never written to storage.
  • Network configuration — Chain RPC endpoints, chain IDs, display preferences.
  • Connected sites — Website origins you have approved for wallet connections.
  • User preferences — Auto-lock timeout, active network, UI settings.

Desktop Wallet

  • Encrypted keys — Stored in the OS keychain via Tauri secure storage.
  • Wallet metadata — Account labels, contacts, and settings stored in local application data.
  • No cloud sync — Data is never uploaded or backed up to any remote service.
  • Ledger support — Optional hardware wallet integration communicates directly with the Ledger device over USB/Bluetooth. No data is sent to Ledger servers.

Mobile Wallet

  • Encrypted keys — Stored in expo-secure-store, which uses the OS keychain (iOS Keychain / Android Keystore).
  • Wallet metadata — Account labels and settings stored in AsyncStorage (local, non-encrypted).
  • Biometrics — Optional biometric unlock. Biometric data is handled entirely by the OS and is never accessible to the app.
  • No cloud sync — Data is never uploaded or backed up to any remote service.

Network Requests

All three wallets make the same types of network requests, initiated only by user action:

RequestPurposeDestination
Balance queriesDisplay token balancesBlockchain RPC/REST endpoints
Transaction broadcastSubmit signed transactionsBlockchain RPC/REST endpoints
Block/account queriesFetch account info and transaction historyBlockchain RPC/REST endpoints

All RPC endpoints are user-configurable. No requests are made to Mono Labs servers or any third-party analytics services.

Permissions

Browser Wallet (Chrome Extension)

PermissionPurpose
storageStore encrypted wallet data locally
alarmsAuto-lock wallet after inactivity
activeTabIdentify the requesting dApp during connection approval
sidePanelRender wallet UI in Chrome's side panel
host_permissionsInject Web3 provider into web pages for dApp connectivity; proxy RPC requests to blockchain nodes

Desktop Wallet

No special OS permissions required beyond standard application access. Ledger integration uses USB/Bluetooth access granted at the OS level.

Mobile Wallet

No special permissions required beyond standard app storage. Biometric authentication uses OS-level APIs with user consent.

Third-Party Services

None. Monolythium wallets do not integrate with any third-party analytics, advertising, tracking, or data processing services.

Data Retention

All data is stored locally and persists until you:

  • Uninstall the application or extension
  • Manually clear application data
  • Reset or delete your wallet within the app

Mono Labs has no ability to access, modify, or delete your local data.

Security

  • Private keys are encrypted at rest (AES-256-GCM for Browser Wallet; OS keychain for Desktop and Mobile)
  • Browser Wallet key derivation uses PBKDF2 with 600,000 iterations
  • Auto-lock after configurable inactivity period
  • No remote code execution — all code is bundled locally
  • All wallet applications are open source and available for audit on GitHub

Children's Privacy

Monolythium wallets are not directed to children under 13. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the product after changes constitutes acceptance of the updated policy.

Contact