This policy explains what Dungeon Wallet (the “Extension” and the DungeonWallet mobile apps, collectively the “Wallet”) collects, what it does with it, and what it never does. It is written to be read, not to hide things.
Nothing on our servers. We do not run analytics, tracking pixels, or account telemetry against the Wallet. We have no record of who installed it, when, or how often it is used.
The Wallet stores the following only on your device, in chrome.storage.local (extension) or the OS keychain / encrypted AsyncStorage (mobile):
enable() permission toThis data never leaves your device unless you take an explicit action that requires it (signing a transaction, broadcasting it, sending a chat message).
The Wallet makes network requests only when you initiate an action:
api.dungeongames.io for Dungeon Chain, rpc.cosmos.nodestake.org for Cosmos Hub). Your wallet address is included so the LCD can return your data — this is unavoidable and identical to how every Cosmos block explorer works./cosmos/tx/v1beta1/txs endpoint. Public, on-chain by definition.https://chat.dungeongames.io (REST + WebSocket). Message bodies are end-to-end encrypted (X25519 + ChaCha20-Poly1305) between participants — the server stores ciphertext only and cannot read your messages. The X25519 key is deterministically derived from your wallet seed via HKDF, so re-installing the extension with the same seed restores access to existing chat history. Server-visible metadata: who-talks-to-whom, when, message length, recipient X25519 pubkey. This is the same metadata Signal, iMessage, and other modern E2E services leak. Group chats are encrypted once per recipient. We do not yet ship forward secrecy (key ratcheting) — a future compromise of one party's wallet exposes their chat history with that peer; this is on the roadmap. When chatting with a peer who hasn't yet upgraded to an E2E-capable wallet (mobile catching up), messages fall through to plaintext-on-server with a clear UI indicator.relay.walletconnect.com, operated by WalletConnect Inc., who has its own privacy policy at walletconnect.network/privacy.storage (encrypted wallet on device), activeTab (origin of the page calling window.keplr), alarms (auto-lock timer), notifications (chat message alerts), and host permissions for *.dungeongames.io (chain RPC and chat backend). Each is justified in the Chrome Web Store listing.
Because all sensitive data lives on your device, you control it directly:
The Wallet is not directed at children under 13. Cryptocurrency wallets generally are not appropriate for minors.
We will update this page when material changes happen. The “Last updated” date at the top reflects the most recent revision.
The Extension is open source. You can audit every line of code we run against your wallet at github.com/Ninjaxan/dungeon-wallet-extension.
Questions, complaints, or requests for deletion of any data we may hold server-side (chat) → admin@dungeongames.io. We respond to good-faith requests promptly.
Crypto Dungeon LLC · Dubuque, Iowa, USA