rustokprivacy

Your keys. Your machine. Your data.

Effective date: June 24, 2026

Summary

Rustok is self-custody by design. The wallet runs as a local Docker image and speaks MCP over stdio — your private keys, seed phrase and password are generated and stored on your machine, encrypted at rest, and are never transmitted to us. There is zero telemetry. The website sets no cookies, runs no analytics, and self-hosts its fonts, so it makes no third-party requests for content. When the wallet operates, it talks directly to the Ethereum RPC endpoints you configure; those providers see your IP and request data, which we neither proxy nor log.

Who this applies to

This policy covers the Rustok agent wallet — distributed as the Docker image ghcr.io/rustok-org/rustok-wallet and run as an MCP server — and the website at rustokwallet.com. Together these are referred to as “Rustok” below. Rustok is open-source at the skill layer (MIT-0); the core is proprietary. You can review the public code at github.com/rustok-org.

What we do not collect

  • Seed phrase, private keys, password. Generated and stored locally inside the wallet core, encrypted at rest with Argon2id + AES-256-GCM. They never leave your machine and are never sent to us.
  • Balances, positions, addresses. Derived on your machine from public blockchain data. We do not receive or store them.
  • Personal information. No account, sign-up, email, phone, or identity check is required to run Rustok.
  • Analytics and telemetry. No crash reporters, usage analytics, or tracking SDKs — in the wallet or on the website. This is verifiable from the public code.

What happens when you run Rustok

A self-custody wallet necessarily talks to public blockchain infrastructure. When your agent previews or sends a transaction, your machine makes requests directly to the Ethereum RPC endpoint(s) you configured via RUSTOK_RPC_URLS_*. Those endpoints see your IP address and the content of the request. We do not run a server in this path and we do not have access to their logs. Capability gating is fail-closed: a session can be scoped to read only, prepare only, or execute — nothing more than you grant.

Third-party services

Rustok relies on the following third parties, each with its own privacy policy.

Ethereum RPC providers
The wallet reads chain state and broadcasts signed transactions through the RPC URL(s) you configure (for example an Alchemy key URL, or a public endpoint). The provider you connect to sees your IP address and the requests your machine makes. You choose the provider; we do not proxy these requests.
Address-risk data (txguard)
Before you sign, txguard parses the transaction and flags scam addresses and risky approvals. Where it consults external risk data, the queried address may be sent to that source. txguard flags — it does not block.
GitHub Container Registry (GHCR)
The Docker image is pulled from ghcr.io. GitHub sees your IP address when you pull the image.
Vercel
Hosts this website. Receives standard HTTP request metadata (IP, user agent, referrer) when you load a page.
Cloudflare
DNS for rustokwallet.com and email routing for [email protected].

Cookies and browser storage

The website does not set cookies and does not use localStorage or sessionStorage. Fonts are self-hosted, so loading a page makes no request to Google Fonts or any other third-party content host.

Security

Keys live only in the local Rustok core and are encrypted at rest with Argon2id + AES-256-GCM. txguard risk-flags transactions before you sign. Self-custody means your risk: there are no hard-coded spending limits — txguard warns, it does not block. The keys, crypto and keyring boundary has had a security review; this is not a full external audit.

Children

Rustok is not directed to children under 13, and we do not knowingly collect information from children.

Your rights

Because Rustok stores no personal information on our servers, most data-subject rights are satisfied by design — there is no profile to access, export, or delete. To remove all local data, delete the Docker volume (rustok-wallet). Make sure you have backed up your 24-word recovery phrase first — we cannot recover it for you.

Changes to this policy

If we change this policy we will update the effective date above. Because the site is open-source and version-controlled, you can always view the full history. Material changes are announced on GitHub and @rustokwallet.

Contact

Questions about this policy: [email protected].

← Back to home