# Safety & Privacy

> **Your Personal Data Stay Private - We never share your Private Wallets or Labels with anyone else**

### Frontrun Safety & Privacy Overview

Frontrun is a lightweight Chrome extension that layers **read‑only insights** on top of the sites you already use (X, Solscan, GMGN, Axiom, Photon, and more). It *never* alters core site code or intercepts transactions—you simply see extra labels, tooltips, and analytics that help you trade smarter.

***

#### 1. **Open‑sourced Plasmo build**

The *exact* bundle that ships to the Chrome Web Store is public here: <https://github.com/FrontrunPro/frontrun-extension>.\
Anyone can clone, diff, and audit it line‑by‑line.

<details>

<summary>Instructions for self auditing</summary>

Prefer to verify things yourself? Copy the open‑sourced bundle—or any file within it—into:

1. **ChatGPT code‑inspection mode** (or any LLM of your choice) to scan for suspicious patterns.
2. Traditional static‑analysis tools like ESLint, SonarQube, or malware‑scanners.

A quick run‑through in ChatGPT o3([example](https://github.com/FrontrunPro/frontrun-extension?tab=readme-ov-file#privacy--security)) showed **no credential stealers, no hidden miners, and content scripts limited to six whitelisted domains**—but don’t just take our word for it. You can reproduce that check in minutes

You can chat with the codebase using [DeepWiki](https://deepwiki.com/FrontrunPro/frontrun-extension).

</details>

<details>

<summary>why only open source the build?</summary>

We’ve open-sourced **the exact Plasmo build** that we publish to the Chrome Web Store. This bundle contains every line of code that actually runs in your browser when you use the Frontrun extension.

We haven’t released the entire development repository because we work in a monorepo that also includes private packages and internal tooling unrelated to the extension. Those components contain proprietary logic and infrastructure code, so keeping them private protects both intellectual property and security.

By sharing the Plasmo build, we provide full transparency into what’s shipped to users while sensibly separating out non-essential, internal modules. If you’d like to audit the build, you can even paste it into ChatGPT for a line-by-line review: <https://chatgpt.com/c/684bb27d-5ebc-8003-acb5-58f730904425>

</details>

***

#### 2. Why We Request Each Permission

| Chrome Permission       | What We Use It For                                                                          | Your Benefit                                |
| ----------------------- | ------------------------------------------------------------------------------------------- | ------------------------------------------- |
| `storage`               | Keeps your labels, watch‑lists, and UI preferences **locally**—nothing goes to our servers. | Your settings persist between sessions.     |
| `scripting`             | Injects tiny scripts that draw overlays on supported sites.                                 | See wallet labels, fee‑cut indicators, etc. |
| `sidePanel`             | Renders the Frontrun control panel.                                                         | Manage features in one click.               |
| `webRequest`            | Caches API calls and throttles network traffic.                                             | Faster page loads & lower data usage.       |
| `windows`               | Opens pop‑ups for settings and onboarding.                                                  | Clean UX without cluttering new tabs.       |
| `identity` *(optional)* | OAuth sign‑in **only if you choose** to sync settings across devices.                       | Seamless experience from laptop to desktop. |

> **Note:** This list is a strict **subset** of the permissions requested by most Web3 wallets (e.g., Phantom wallet).

***

#### 3. Your Security, Front and Center

| ✅ What We *Do NOT* Collect            | 🛡️ What We *Do* for Safety                                            |
| ------------------------------------- | ---------------------------------------------------------------------- |
| Private keys or seed phrases          | Open‑sourced the shipped build for public scrutiny                     |
| Clipboard data (no read/write access) | Run all logic client‑side—no keystrokes or browsing history sent to us |
| Hidden background crypto‑miners       | Use battle‑tested libraries and standard MV3 architecture              |

#### 4. Still Have Questions?

Join our [Telegram group](https://t.me/frontrun_community) or open a GitHub issue. We’ll walk you through the code, permissions, or architecture in real time.

**Frontrun is built by traders, for traders—with privacy and security baked in from day one.**


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.frontrun.pro/safety-and-privacy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.