Privacy Policy
1. Who we are
Otterly Wallet ("Otterly", "we", "the extension") is an open-source self-custodial cryptocurrency wallet browser extension for the Arc Network. The source code is published at github.com/joymadhu49/otterly-wallet under the MIT license.
2. What we do not collect
Otterly does not collect, transmit, store on remote servers, sell, share, or analyze any of the following:
- Personally identifiable information (name, email, phone, address, IP).
- Seed phrases, private keys, passwords, or any vault material.
- Wallet balances, token holdings, NFT inventory, or transaction history (as a remote record).
- Usage analytics, click events, page views, dwell time, or feature telemetry.
- Device fingerprints, advertising identifiers, or cross-site tracking signals.
- Health, location, financial, authentication, or personal communications data.
The extension makes no outbound calls to our own servers. We don't operate any.
3. What is stored locally on your device
Everything Otterly needs lives in chrome.storage.local on your device, inside your browser profile:
- Encrypted vault — seed phrase and private keys, encrypted with AES-GCM using a key derived from your password (PBKDF2-SHA256). Decryption happens only in-memory inside the extension's service worker after you enter your password to unlock.
- Account names & selected account — display labels only (e.g. "Arc Vault 1"). Addresses are stored in plain text since they are public.
- Per-origin connection permissions — which sites you've connected, and to which accounts.
- Local transaction record — pending tx hashes you've sent, merged with public on-chain data for display.
- Settings — auto-lock timer, etc.
None of this leaves your device through Otterly. Uninstalling the extension wipes the storage.
4. Third-party services Otterly contacts
To function as a wallet, Otterly must read the blockchain. These are read-only public endpoints — the same ones every wallet on Arc uses. No personal data is sent.
| Service | Purpose | Sent |
|---|---|---|
| Arc Network RPC rpc.testnet.arc.network + fallbacks | Read balances, gas price, broadcast signed transactions. | Your address (public), signed tx bytes when you confirm a send. |
| Arc Blockscout explorer API testnet.arcscan.app/api | Fetch your transaction history and NFT holdings for the History/NFT tabs. | Your address (public). |
| Google favicon service www.google.com/s2/favicons | Display small icons of sites you've connected. | Domain name of each connected site (which you chose to connect). |
| Google Fonts fonts.googleapis.com | Load the Inter and JetBrains Mono typefaces. | Standard browser headers per Google Fonts policy. |
| IPFS public gateway ipfs.io | Resolve ipfs:// NFT image links. | The CID embedded in NFT metadata. |
These services have their own privacy policies that apply when Otterly contacts them. We do not influence what they collect.
5. Browser permissions and why we ask
Otterly declares the minimum permissions needed for a Chrome MV3 wallet to function:
| Permission | Why |
|---|---|
| storage | Persist the encrypted vault and settings locally. |
| notifications | Surface approval requests when a dApp asks to connect or sign. |
| idle | Detect inactivity for the auto-lock timer. |
| alarms | Schedule the auto-lock check. |
| system.display | Position the approval popup at the top-right of the focused display. |
| <all_urls> host access | Inject the EIP-1193 provider (window.ethereum / window.arc) into web pages so dApps can request connections. The provider is dormant until you connect a site. |
6. The wallet vault & cryptography
- Seed phrases are generated using BIP39 with cryptographically secure browser RNG.
- Account keys derive from the seed via BIP32 / BIP44 path
m/44'/60'/0'/0/i. - The vault is encrypted with AES-GCM. The encryption key is derived from your password with PBKDF2-SHA256 (10,000+ iterations).
- Your password is never persisted. It only exists transiently in the service worker after unlock.
- On lock, on browser close, or on idle timeout, the decrypted vault and password are wiped from memory.
7. Children
Otterly is not directed to children under 13 (or the equivalent age in your jurisdiction). We do not knowingly collect data from children.
8. Your responsibilities
Because Otterly is self-custodial, you hold and manage your keys:
- Write down your seed phrase. Store it offline, ideally in two physical locations.
- We cannot recover your seed phrase, password, or funds. Lost seed = lost funds.
- Never share your seed phrase or private keys. No legitimate party will ever ask for them.
- Always inspect approval popups — verify the origin, the recipient address, the amount, and the calldata before confirming.
9. Security disclosure
Found a vulnerability? Open a private security advisory on GitHub at github.com/joymadhu49/otterly-wallet/security/advisories/new, or open an issue marked as security. Please do not disclose publicly before a fix is available.
10. Changes to this policy
If we update this policy, the new version will be published at the same URL with an updated Effective date at the top. Material changes will be flagged in the GitHub release notes for the version that ships them.
11. Compliance with Chrome Web Store
Otterly Wallet's data handling complies with the Chrome Web Store User Data Policy, including the limited use requirements. Specifically:
- Otterly does not sell user data.
- Otterly does not transfer user data for advertising, credit, or to data brokers.
- Otterly does not use user data for purposes unrelated to the wallet's single core function.
- Otterly does not allow humans to read user data, except (a) with your explicit consent, (b) when required by law, or (c) for security investigations.
12. Contact
Open an issue at github.com/joymadhu49/otterly-wallet/issues for any privacy-related question.
Otterly Wallet is open source under the MIT license. The full source code, including every network call this extension makes, is publicly auditable at github.com/joymadhu49/otterly-wallet.