This page describes exactly what data the Ghast AI Chrome extension collects, where it is stored, where it is sent, and what user controls are available. This disclosure is provided in compliance with the Chrome Web Store User Data Policy.
Summary: Ghast AI stores all data locally in your browser. Sensitive data (private keys) is encrypted with AES-256-GCM and never transmitted. Optional features may sync data to decentralized networks (0G) or third-party APIs — each is independently disableable.
| Data Type | Collected? | Purpose | Stored Where | Shared? |
|---|---|---|---|---|
| Email address | Optional | Google OAuth sign-in for account identification | Local | Google APIs (auth only) |
| Display name & avatar | Optional | Personalization when signed in | Local | No |
| Wallet address | Yes | Blockchain interaction, balance queries | Local | Blockchain RPCs (public data) |
| Private key / mnemonic | Yes | Local transaction signing | Local (AES-256-GCM encrypted) | Never transmitted |
| Conversation history | Yes | AI context and continuity | Local | 0G Compute (inference only) |
| Memory files (soul.md, user.md, etc.) | Yes | AI personalization and long-term memory | Local + 0G Storage (optional) | 0G Storage KV (if enabled) |
| Page content (Web3 sites) | Conditional | Context-aware AI assistance | Ephemeral (in-memory only) | 0G Compute (as AI context) |
| Page URLs | Conditional | Detect page type for context extraction | Ephemeral | No (sensitive params stripped) |
| Usage metrics | Optional | Anonymous model/tool usage stats | Local | Backend (if configured) |
| Browsing history | No | — | — | — |
| Form data | No | — | — | — |
| Cookies | No | — | — | — |
| Destination | Data Sent | Why |
|---|---|---|
| 0G Compute Network | System prompt, conversation context, tool definitions | AI inference (core functionality). No private keys, balances, or raw wallet data. |
| 0G / Ethereum RPC | Wallet address, transaction data (when signing) | Blockchain queries and transaction submission |
| Destination | Data Sent | Enabled By |
|---|---|---|
| 0G Storage KV | Memory files (soul.md, user.md, etc.) | Settings → Memory → Enable 0G Sync |
| Google APIs | OAuth token (one-time exchange) | Settings → Account → Sign in with Google |
| Telegram Bot API | Notification messages | Settings → Remote Control → Configure Telegram |
| Local Companion (localhost) | Shell commands, MCP tool calls, code agent prompts | Settings → Companion → Connect |
| Brave Search / DuckDuckGo | Search queries | AI-initiated web search during conversation |
| GitHub (raw.githubusercontent.com) | None (download only) | Settings → Skills → Install from Store |
| User backend server | Anonymous usage metrics (token counts, tool names) | Settings → Account → Configure Backend |
| Permission | Why It's Needed |
|---|---|
storage | Store encrypted wallet, conversations, memory files, and settings locally. |
unlimitedStorage | Memory files and context database grow beyond the default 5 MB quota over long-term use. |
activeTab | Read the current tab's URL when the side panel is open to provide context-aware assistance. |
sidePanel | The extension's primary UI is a browser side panel. |
alarms | Schedule memory sync, heartbeat checks, cron tasks, and service worker keepalive. |
contextMenus | Right-click "Ask Ghast" menu to send selected text to the AI. |
tabs | Query active tab URL for context detection. Not used to read browsing history. |
scripting | Inject content scripts on declared Web3 sites to extract on-page data (balances, transactions). |
nativeMessaging | Communicate with the optional local Companion daemon for shell commands and MCP servers. |
notifications | Alert on completed tasks, scheduled reminders, and wallet auto-lock. |
identity | Google OAuth sign-in. Only userinfo.email and userinfo.profile scopes are requested. |
Content scripts only run on the following site categories and only extract publicly displayed data:
Sensitive URL parameters (tokens, API keys, passwords, session IDs) are automatically removed before any data is processed. Users can disable content scripts entirely via Settings → Capture Mode → Off.
eval(), Function(), or remote script loading.Every data-sharing feature can be independently disabled:
| Feature | How to Disable | Effect |
|---|---|---|
| Page context capture | Settings → Capture Mode → Off | Content scripts stop extracting page data |
| 0G Storage sync | Settings → Memory | Memory stays local-only |
| Google sign-in | Settings → Account → Sign Out | Session cleared, no Google data stored |
| Telegram | Settings → Remote Control → Disable | No messages sent to Telegram |
| Companion | Settings → Companion → Disconnect | No local command execution |
| Backend sync | Settings → Account → Remove backend URL | No usage metrics sent |
| Scheduled tasks | Settings → Scheduled Tasks → Disable | Cron jobs and heartbeat stop running |
~/.trapezohe/companion.json.For questions about this disclosure, see our full Privacy Policy or contact [email protected].