Recently there's been a concerning trend of "blue chip" crypto projects diminishing user privacy. First it was @Uniswap Labs 🦄, now it's @MetaMask 🦊💙. Here's everything you need to know

.@Uniswap Labs 🦄 remains one of the largest DEXs on @Ethereum & has continued to innovate with new features such as their 'efficient AMM' (from Uniswap V3) & expanding its offerings (see Genie acquisition). However, they've recently ruffled feathers with updates to their privacy policy

The privacy policy starts off reasonably by stating they use publicly available blockchain data. But then it starts to get concerning... They go on to suggest that they also gather information from "localStorage and other technologies"... uniswap.org/privacy-policy

These other technologies include: mobile deviceID, cookies, web beacons, and other similar technologies. While they frame this tracking as being needed to "improve the user experience," it's clear that there is another angle at play here...

A little further down the page we see that Uniswap will share the data to comply with "litigation, regulatory proceedings, compliance measures". This comes right on the heels of Uniswap blacklisting 253 addresses tied to @🌪️ Tornado.cash 🌪️

Uniswap CEO @hayden.eth 🦄 responded to criticisms by pointing out that Uniswap does not collect personal data such as IP addresses. And that the team released a reverse proxy server to sit between devices and 3rd party tools... twitter.com/haydenzadams/s…

However, user @CryptoShine (💙,🧡) pointed out how Uniswap's integration with @Amplitude could still compromise user privacy on the IP front, even with a reverse proxy server: twitter.com/CryptoShine/st…

Just a few days after the Uniswap news, it was revealed that popular crypto wallet @MetaMask 🦊💙 was also encroaching on user privacy. For context, Metamask is owned by @ConsenSys, which was launched by Ethereum co-founder Joseph Lubin.

Specifically, Consensys announced that any user leveraging @Infura as their RPC provider, would have additional data collected. This includes IP address and Ethereum wallet address, every time a transaction is made. (effectively doxxing wallets)

Users can work around this invasion of privacy by working with an alternative RPC, as pointed out by @ℭ𝔶𝔭𝔥𝔯.Ξ𝔱𝔥: twitter.com/CyphrETH/statu…

So what to make of these privacy updates from these leading DeFi projects? Here's 3 thoughts: 1) Both of these companies are US-based, which means they were likely pressured by US regulators to make these updates The alternative was that they'd likely face legal consequences

2) It further emphasizes the need for DeFi users not to aggregate around just a few providers/dApps. This creates targets for regulators to go after. By diversifying across wallets/dApps (based in different countries), it will force the US to have to adapt to remain competitive

3) Lastly, it underscores the need for privacy-preserving technologies. Over the coming months I am going to spend more time researching privacy solutions such as @Monero (XMR), @Zcash 🛡️, and @Dash

While blockchains are transparent, it's vital that this transparency doesn't come at the risk of other core tenants such as censorship-resistance & its permionless nature Doxxed wallets + regulation, threaten these 2 tenants, which is why new tools are needed to protect privacy