Privacy Policy — GG Wallet
GG Wallet is a browser extension developed by gonkalabs.com that allows users to interact with the Gonka blockchain. This policy explains what data the extension handles and how it is protected.
Summary
GG Wallet operates entirely on your device. We do not collect, transmit, or store any user data on our servers. There is no analytics, telemetry, or tracking of any kind.
Data Handled by the Extension
Authentication Data
- Password: You create a password to encrypt your wallet. This password is held in memory only while the wallet is unlocked and is never transmitted anywhere. It is automatically cleared after 5 minutes of inactivity.
- Mnemonic phrase (seed phrase): Your mnemonic is encrypted using AES-256-GCM with a key derived from your password (PBKDF2, 600,000 iterations) and stored locally in
chrome.storage.local. It is never sent to any server. - Private keys: Derived in memory from the mnemonic when needed for signing transactions. Never stored in plaintext. Never transmitted.
Financial Data
- Wallet addresses: Stored locally to display your account and facilitate transactions.
- Balances: Queried directly from the Gonka blockchain's public RPC nodes (
node1.gonka.ai,node2.gonka.ai). These are public blockchain queries — no authentication or personal data is sent. - Transaction history: Fetched from the gonka.gg Explorer API using a public API key. The API receives only your wallet address (which is already public on the blockchain) to return transaction records.
Data NOT Collected
We do not collect:
- Personal information (name, email, phone number, IP address)
- Location data
- Browsing history or web activity
- Analytics or usage metrics
- Crash reports
Data Storage
All data is stored locally on your device using Chrome's chrome.storage.local API. Specifically:
| Data | Storage | Encryption |
|---|---|---|
| Encrypted mnemonic | chrome.storage.local |
AES-256-GCM |
| Wallet addresses | chrome.storage.local |
None (public data) |
| Wallet names | chrome.storage.local |
None |
| Connected dApp permissions | chrome.storage.local |
None |
No data is synced to the cloud via chrome.storage.sync or any other mechanism.
Network Requests
The extension makes network requests only to:
| Destination | Purpose |
|---|---|
node1.gonka.ai, node2.gonka.ai |
Blockchain RPC/REST — query balances, broadcast transactions |
gonka.gg |
Explorer API — fetch transaction history |
No data is sent to gonkalabs.com or any third-party analytics, advertising, or tracking service.
dApp Provider (Content Script)
GG Wallet injects a content script into web pages to allow decentralized applications (dApps) to request wallet interactions (similar to MetaMask or Keplr). This script:
- Only responds to messages from dApps that explicitly request a wallet connection
- Requires user approval before sharing any wallet information
- Does not read, collect, or modify page content
- Does not track browsing activity
Third-Party Services
The extension does not integrate with any third-party analytics, crash reporting, or advertising services.
Children's Privacy
GG Wallet is not directed at children under 13. We do not knowingly collect data from children.
Changes to This Policy
We may update this policy from time to time. Changes will be posted at this URL and noted with an updated "Last updated" date.
Contact
If you have questions about this privacy policy, contact us at privacy@gonkalabs.com.