AlgoVoi Privacy Policy

Last updated: March 19, 2026 · Version 0.1.4

Short version: AlgoVoi stores your encrypted wallet data only on your own device. We do not collect, transmit, or sell any personal information. Private keys never leave your device.

1. Who We Are

AlgoVoi is an open-source Chrome extension developed by Chopmob Cloud. It provides a non-custodial Web3 wallet for the Algorand and Voi blockchain networks, along with native support for the x402, MPP (Machine Payments Protocol), and AP2 (Agent Payments Protocol) HTTP payment standards. The source code is publicly available at github.com/chopmob-cloud/AlgoVoi.

2. Data We Do Not Collect

AlgoVoi does not:

Collect, transmit, or store any personally identifiable information on external servers.
Track your browsing activity, visited URLs, or transaction history on any server we control.
Sell, share, or license any user data to third parties.
Use analytics, advertising, or crash-reporting services.
Require account registration or email address.

3. Data Stored Locally on Your Device

All sensitive data is stored exclusively in your browser's chrome.storage.local, which is private to the extension and never accessible to websites you visit.

Encrypted wallet vault — Your private keys and seed phrases are encrypted using PBKDF2 (600,000 iterations) key derivation followed by AES-GCM 256-bit encryption before being written to local storage. The plaintext is never written to disk.
Wallet preferences — Active account index, selected network (Algorand / Voi), and connected site list are stored in local storage. The connected site list is stored inside the encrypted vault.
Session state — WalletConnect pairing topics and pending transaction queues are held in memory during your browser session and are not persisted after the extension service worker is unloaded.
Unlock rate-limiting — A failed-attempt counter is held in chrome.storage.session (cleared when the browser closes) to prevent brute-force password attempts.
AI agent sessions — Active WalletConnect agent session topics are stored locally so sessions can be restored if the service worker is restarted. No agent transaction data is persisted.

4. Network Requests Made by the Extension

AlgoVoi communicates only with the following external services, solely to fulfill wallet functionality. No personal data accompanies these requests beyond what is inherent to blockchain transactions (e.g., your public wallet address).

Algorand node & indexer (mainnet-api.algonode.cloud, mainnet-idx.algonode.cloud) — to query balances, submit signed transactions, and retrieve on-chain data. Your public wallet address is transmitted as part of standard blockchain queries.
Voi node & indexer (mainnet-api.voi.nodely.dev, mainnet-idx.voi.nodely.dev) — same purpose for the Voi network.
WalletConnect relay (*.walletconnect.com, *.walletconnect.org) — to enable QR-code wallet pairing with dApps and AI agents via the WalletConnect v2 protocol. Session payloads are end-to-end encrypted; WalletConnect's relay infrastructure sees only encrypted metadata (session topic, timing). Your private keys are never transmitted. See WalletConnect's privacy policy.
enVoi name resolution service (mcp.ilovechicken.co.uk) — when you resolve a .voi human-readable name (e.g. shelly.voi), the name you are resolving is sent to this MCP (Model Context Protocol) endpoint to retrieve the corresponding Algorand address. A small VOI payment (set by the service) accompanies this request to cover the resolution fee. This service is only called on the Voi network when you explicitly initiate a name resolution. Your private key is never transmitted; only the signed payment transaction (containing your public address) and the name to resolve are sent.
x402 / MPP payment endpoints — when you approve an x402 or MPP payment, the extension constructs and submits a signed Algorand/Voi transaction directly to the blockchain node, then presents proof of payment to the merchant's server. Only the signed transaction (containing your public address) and on-chain transaction ID are transmitted to the merchant. Your private key never leaves your device.
AP2 (Agent Payments Protocol) merchants — when you approve an AP2 payment credential request, the extension signs a PaymentMandate document using your private key and returns the signed credential to the requesting page. The credential contains your public wallet address and a cryptographic signature. Your private key never leaves your device.
Wallet icon CDNs (https://static.defly.app, https://*.walletconnect.com) — wallet application icons may be loaded from these CDNs to display in the pairing and approval UI.

5. Fetch Interceptor (x402 and MPP Payment Detection)

AlgoVoi injects a lightweight script into HTTPS pages that intercepts fetch responses to detect HTTP 402 (Payment Required) status codes. This interceptor:

Reads only the HTTP status code and specific payment-related response headers (PAYMENT-REQUIRED, WWW-Authenticate: Payment).
Does not read, store, or transmit the body of any web page or any other response header.
Does not collect your browsing history or visited URLs.
Only activates when a website explicitly returns a 402 payment challenge.

When a 402 response is detected, the URL of the payment-gated resource is displayed in the approval popup so you can confirm what you are paying for. This URL is used only for display purposes and is not transmitted to any external server.

6. AI Agent Signing

AlgoVoi supports WalletConnect Web3Wallet integration, which allows AI agents to connect to your wallet via a QR code or pairing URI. When an AI agent requests a transaction signature:

A confirmation popup is always shown — no transaction is signed without your explicit approval.
The agent's name, URL, and the full transaction details (type, amount, recipient) are displayed before you approve.
Signed transactions are returned to the agent via the WalletConnect relay (encrypted). Your private key is never exposed to the agent.
You can disconnect any agent session at any time from the Agents tab in the popup.

7. Permissions Used and Why

storage — to persist the encrypted vault and preferences locally.
alarms — to maintain active AI agent signing sessions: a periodic alarm fires while an agent is connected and is cleared automatically when you disconnect all agents.
tabs — to route payment results back to the correct browser tab and to broadcast chain-change events to open pages.
windows — to open payment and signing approval popup windows.
Host permissions (Algorand, Voi, WalletConnect, enVoi domains) — to make API calls to the blockchain nodes, WalletConnect relay, and name resolution service listed above. Each host is used only for its stated purpose.
Content script on https://*/* — to inject the window.algorand ARC-0027 provider and payment protocol fetch interceptor into web pages, enabling dApps to request transaction signing and websites to offer x402/MPP payment flows. The content script does not read or modify page content; it only passes explicitly typed messages to the extension background.

8. Children's Privacy

AlgoVoi is not directed at children under 13 years of age. We do not knowingly collect any information from children.

9. Changes to This Policy

If we make material changes to this policy, we will update the "Last updated" date above and publish the updated policy at this URL. Continued use of the extension after changes constitutes acceptance of the revised policy.

10. Contact

Questions or concerns? Open an issue on GitHub.

AlgoVoi is open-source software released under the MIT License. This privacy policy applies to the AlgoVoi Chrome extension only.