Privacy Policy
Last updated: 2026-05-20
XRP Tip Club is a non-custodial Chrome extension. We do not store passwords or seed phrases, we cannot move your XRP, and we do not run any tracking, analytics, or ad pixels inside the extension.
1. What the extension does
XRP Tip Club is a browser extension that lets you send and receive XRP tips on tweets posted to X (formerly Twitter), settled on the XRPL EVM Sidechain. All signing is performed locally inside MetaMask; the extension never sees your private keys.
2. Data we process
To deliver the product the extension and our backend process the following data, and nothing else:
- Your X handle — only the public handle, only at the moment you choose to link it.
- Your wallet address — the public EVM address you connect through MetaMask.
- A one-time signed message and tweet ID — used to verify that you own both the wallet and the handle, then stored as proof of the binding.
- Tip events — public on-chain logs emitted by the XRP Tip Club smart contract on the XRPL EVM Sidechain. These are already visible to anyone with a block explorer.
- Cached tweet text and author handle — pulled from X's public API to render tweet previews in the popup dashboard. We cache it server-side to avoid re-fetching the same tweet for every user.
We do not collect: emails, phone numbers, IP addresses (beyond what any standard web server logs ephemerally), browsing history, DMs, or the content of tweets you read but don't tip.
3. Data we store
The backend keeps a Postgres database containing:
- The handle ↔ wallet address binding (one row per verified user).
- One-time verification nonces, which expire and are deleted after use.
- The tweet ID and signature you posted publicly during verification, kept so anyone can re-verify the binding.
- The lazy cache of tweet text described above.
Inside Chrome, the extension uses chrome.storage.local to remember which wallet you connected and a small preferences object (e.g. whether to show the on-tweet tooltip). This data stays on your machine and is wiped when you uninstall the extension.
4. Permissions, and why we ask for them
- storage — to remember your connected wallet, your preferences toggle, and your in-progress onboarding draft (so MetaMask's signing flow doesn't lose state when the popup briefly closes).
- activeTab + tabs + scripting — to inject the badge into x.com tabs, and to talk to MetaMask's
window.ethereumobject throughchrome.scripting.executeScript. MetaMask doesn't inject intochrome-extension://contexts, so the only way for a popup wallet to reach it is through the active web tab. - host_permissions: https://*/* — same reason: MetaMask might live on any https tab the user has open. We do not read page content; we only call
window.ethereum. This is the standard pattern used by every Chrome wallet (Phantom, Rabby, Coinbase Wallet, Trust Wallet, etc.). - host_permissions: x.com / twitter.com — to render the tip badge inside the tweet's action row.
- host_permissions: backend-production-4600.up.railway.app — to talk to our own backend API for identity verification, leaderboards, and tweet metadata.
5. Third parties
- MetaMask — handles all signing and transaction approval. Its own privacy policy applies inside MetaMask.
- XRPL EVM Sidechain — the public blockchain that records tip transactions. Tip events are public.
- X (Twitter) public API — accessed by our backend, via TwitterAPI.io, only to fetch the public text and author of tweets you are about to tip or that already received tips. We do not authenticate as you.
- unavatar.io — fetches the public profile picture for an X handle so the leaderboard can show avatars.
6. Tracking and analytics
The extension itself contains no analytics, no telemetry, no ad pixels and no third-party scripts. The marketing website (xrptip.club) uses Google Analytics for aggregate page-view stats; the extension's content scripts and popup do not.
7. Your rights
Because the binding tweet you publish during verification is intentionally public on X, "deletion" of the verification proof is not enforceable by us — but you can:
- Delete the verification tweet from your X account at any time. This does not break tips already received; it only removes the public proof.
- Email us to ask for your handle ↔ address row to be removed from our database. Tip events on-chain are immutable and cannot be removed.
- Uninstall the extension at any time to wipe all local Chrome storage.
8. Contact
For privacy questions or data-removal requests: hello@xrptip.club
9. Changes to this policy
If we ever change how the extension handles data, we will update this page and bump the "Last updated" date above. For material changes, we'll also surface a notice in the extension popup.