When you install the Phantom browser extension, you might see a message asking for permission to “Read and change all your data on all websites.” This sounds serious, but it’s needed so Phantom can connect to apps (dApps) and help you use your wallet securely.
Why this permission is needed
Phantom injects a small piece of code (JavaScript) into the websites you visit. This allows apps to detect your wallet and connect to the blockchain. It’s how you can view your NFTs, sign transactions, and check balances directly from the site.
How you stay in control
We know this permission may feel like a lot, so here’s how you can protect your browsing: use a separate browser profile just for Phantom. This gives you a clean, isolated environment for crypto activity and limits exposure to other sites or extensions.
Security is our top priority
Phantom is built with strong security practices to keep your data and funds safe. While the permission may seem broad, it’s essential for the wallet to work properly with apps, and it doesn’t mean we access or store your personal browsing data.