Privacy Policy

Information We Collect

ChainDecode is designed to minimize data collection. Here is what we collect and why.

Public blockchain data. When you analyze a smart contract, ChainDecode fetches publicly available on-chain data — contract source code, transaction history, token metadata, and market prices. This data is already public on the blockchain and accessible to anyone. We do not create private copies of this data beyond temporary caches (see Data Retention below).

Contract addresses and analysis queries. When you submit an address for analysis, we process the chain type and contract address to deliver results. Analysis results are cached temporarily to improve performance for subsequent requests (see Data Retention).

IP addresses. Your IP address is used solely for rate limiting to prevent abuse of the service. IP-based rate limit counters are stored in memory on the server and are not persisted to disk — they reset whenever the server restarts. IP addresses are also recorded in server-side request logs (requests.log.json) for operational monitoring.

reCAPTCHA tokens. Each analysis request includes a Google reCAPTCHA token to verify that requests come from humans, not automated bots. The token is passed to Google's reCAPTCHA service for verification. We do not store reCAPTCHA tokens after verification.

Wallet addresses. If you choose to connect your wallet, ChainDecode reads your public wallet address from your browser wallet extension via the wagmi library. Your wallet address is public blockchain data — it is not private information. We do not store your wallet address on our servers.

What we do not collect:

• No account creation or registration
• No email addresses (unless you contact us directly)
• No names or personal identifiers
• No advertising identifiers

How We Use Information

We use the information described above for the following purposes:

• Delivering analysis results. Processing your contract address and chain selection to fetch on-chain data, run security analysis, and return human-readable results.
• Rate limiting. Using your IP address to enforce daily usage limits per IP to keep the service available for everyone.
• Bot prevention. Passing reCAPTCHA tokens to Google to verify that analysis requests come from real users.
• Performance optimization. Caching analysis results and market data so that repeated requests for the same contract load faster.
• Operational monitoring. Logging requests for server health monitoring and abuse detection.

Third-Party Services

ChainDecode uses the following third-party services to operate. Each service receives only the minimum data necessary for its function.

Google reCAPTCHA. Verifies that analysis requests come from humans. When you submit an analysis, a reCAPTCHA token is sent to Google for verification. Google's use of this data is governed by their Privacy Policy and Terms of Service.

Blockchain data providers. ChainDecode fetches publicly available on-chain data from:

• Etherscan (via their V2 API) — for Ethereum, Polygon, and Arbitrum contract data
• Solana RPC endpoints — for Solana program and token data
• Solscan — for Solana transaction history

No user data is sent to these providers. Only public contract addresses are queried.

CoinGecko. Provides market price data for tokens. No user data is sent to CoinGecko — only public token identifiers are queried for price information.

Analytics and Tracking

ChainDecode uses analytics services to understand how visitors interact with our platform. This data helps us improve the user experience and identify technical issues. We use two analytics providers:

INKW Analytics

We use INKW Analytics, a lightweight, privacy-focused analytics service provided by OpenWord. INKW Analytics collects anonymized usage data including page views, session duration, and general geographic region. INKW Analytics does not use cookies for tracking purposes. No personally identifiable information is collected or stored by this service. Data is processed in accordance with INKW's privacy practices.

Google Analytics

We use Google Analytics 4 (GA4), a web analytics service provided by Google LLC. Google Analytics uses cookies and similar technologies to collect information about your use of ChainDecode, including your IP address (which Google may anonymize), browser type, referring pages, pages visited, and time spent on pages. This information is transmitted to and stored by Google on servers that may be located outside your country of residence. Google may use this data as described in Google's Privacy Policy. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Data Retention

ChainDecode retains data for the minimum time necessary to provide the service.

• Analysis cache: Results are cached for 24 hours, keyed by chain and contract address. After 24 hours, cached results are automatically deleted. Cached data is stored on the server filesystem.
• Market data cache: Token price data from CoinGecko is cached for 2 to 5 minutes to reduce API load.
• Rate limit counters: Stored in server memory (not on disk). Rate limit data resets whenever the server restarts. There is no persistent record of your rate limit history.
• Request logs: Server-side logs (requests.log.json) record the timestamp, IP address, requested contract address, and chain for each analysis request. These logs are used for operational monitoring and are stored on the server.

We do not maintain long-term databases of user activity or personal information.

Wallet Connection

Connecting your wallet to ChainDecode is entirely optional. If you choose to connect:

• Read-only access. ChainDecode reads your public wallet address only. We cannot initiate transactions, sign messages, access your private keys, or spend your funds.
• No server-side storage. Your wallet address is not stored on our servers. Wallet state is managed entirely in your browser by the wagmi library.
• Disconnect at any time. You can disconnect your wallet at any time through the wallet button in the header. Disconnecting immediately removes your wallet address from the application state.
• Public data only. Your wallet address is public information on the blockchain. Connecting it to ChainDecode does not expose any private data.

Your Rights

You have control over your data when using ChainDecode:

• Disconnect your wallet at any time to remove your wallet address from the application.
• Clear your browser data (cookies and local storage) to remove any client-side state related to ChainDecode.
• Contact us at [email protected] or via our Contact page if you have questions about your data or want to request information about data we may hold.

Because ChainDecode does not require accounts and collects minimal personal data, most traditional data rights (access, deletion, portability) are inherently satisfied — there is little to no personal data to act upon.

Cookies and Local Storage

ChainDecode uses minimal browser storage:

• Wallet connection state. The wagmi library stores wallet connection preferences in local storage so your wallet reconnects automatically on return visits. No personal data is stored — only connection metadata (selected wallet provider, connection status).
• Custom labels. If you use the dashboard labeling feature, your custom token labels are stored in local storage on your device. Labels are not sent to our servers.

What we do not use:

• No tracking cookies for advertising purposes
• No third-party advertising cookies
• No session cookies (there are no user accounts)

Analytics cookies. Google Analytics sets cookies (such as _ga and _ga_*) to distinguish unique visitors and track session information. These cookies contain randomly generated identifiers and do not store personally identifiable information. You can opt out of Google Analytics cookies by installing the Google Analytics Opt-out Browser Add-on. INKW Analytics does not use cookies for tracking.

You can clear all ChainDecode data from your browser at any time by clearing local storage for the chaindecode.com domain.

Children's Privacy

ChainDecode is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at [email protected] and we will take steps to remove that information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make changes, we will update the "Effective" date at the top of this page. We encourage you to review this page periodically.

Contact

If you have questions or concerns about this Privacy Policy or ChainDecode's data practices, you can reach us at:

• Email: [email protected]
• Contact page: chaindecode.com/contact

You can also find answers to common questions about data and privacy in our Documentation FAQ.