|
| 1 | +# Permissions |
| 2 | + |
| 3 | +The Web Monetization extension requires the following permissions for its basic functionality: |
| 4 | + |
| 5 | +## [`tabs`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/tabs) |
| 6 | + |
| 7 | +- To monitor tabs for changes (open/close/navigate) to maintain monetization state |
| 8 | +- Show content specific to the current tab in the extension's UI (popup) |
| 9 | +- To get the URL of the current tab for displaying and maintaining state to prevent overpaying a website |
| 10 | + |
| 11 | +<details> |
| 12 | +<summary>Why not <code>activeTab</code> permission instead?</summary> |
| 13 | + |
| 14 | +Because that'll require the user to click the extension icon every time they navigate to a new page to be able to send Web Monetization payments. This essentially defeats the purpose of Web Monetization - automatic passive continuous micro-payments. |
| 15 | + |
| 16 | +</details> |
| 17 | + |
| 18 | +## [`storage`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/storage) |
| 19 | + |
| 20 | +- To persist state between browser reloads (e.g. the user's wallet connection information) |
| 21 | + |
| 22 | +The state isn't synced between browsers. We only make use of `local` storage. |
| 23 | + |
| 24 | +## [`alarms`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/alarms) |
| 25 | + |
| 26 | +- To keep the extension's background service worker/script running throughout the browser session, as it's expensive to reset the monetization state. |
| 27 | +- To reset grant expiration state when the grant renews |
| 28 | + |
| 29 | +## [`scripting`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/tabs) |
| 30 | + |
| 31 | +- To inject the Web Monetization polyfill into the page |
| 32 | +- To simplify the registration of automatic key addition scripts relevant to the user's wallet. |
| 33 | + |
| 34 | +There's no remote code execution involved here. |
| 35 | + |
| 36 | +## [`host_permissions`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#host_permissions) |
| 37 | + |
| 38 | +We require access to all `https://` websites and `localhost` for the extension to work. The user might see this as a warning in their browser (e.g. this extension can read/edit content from any website you visit). We require this extensive permission in order to: |
| 39 | + |
| 40 | +- Detect and monitor Web Monetization link elements on any given page the user visits via the content script. |
| 41 | + - We require these link elements to identify the receiving wallet addresses to be used for payments, and to inform the website about those payments via the Web Monetization JavaScript API. |
| 42 | +- Inject the Web Monetization polyfill into any page the user visits. |
| 43 | +- Fetch the wallet address info from any domain that's provided by those link elements. |
| 44 | + |
| 45 | +--- |
| 46 | + |
| 47 | +Note that no data other than the minimal data required by the [Open Payments APIs](https://openpayments.dev/) is transmitted to any server. |
| 48 | + |
| 49 | +All data remains within the browser only. Browsing history isn't stored or transmitted to any server. |
| 50 | + |
| 51 | +The Open Payments wallets do not have access to browser history either. |
0 commit comments