search
Website

Extension Development Guide

hashtag
Extension Development Guide

Build privacy-respecting browser extensions for Macro.

Diagram 1

hashtag
Extension Philosophy

Macro discourages extensions (they expand attack surface), but supports limited extension API for essential tools.

hashtag
Guidelines

  • Most features should integrate via Web3 API, not extensions

  • Extensions undergo privacy review

  • Minimal permissions required

  • Open source preferred

hashtag
Supported APIs

Macro supports Chromium Extension API v3.

hashtag
Manifest V3 Only

Macro only supports Manifest V3 (MV2 deprecated).

hashtag
Available APIs

  • chrome.storage (local storage only, no sync)

  • chrome.tabs (limited)

  • chrome.windows (limited)

  • chrome.scripting (content scripts)

  • Service workers

hashtag
Restricted APIs

  • chrome.webRequest (limited to declarative net request)

  • chrome.cookies (requires explicit permission)

  • chrome.history (blocked)

  • chrome.browsingData (blocked)

hashtag
Privacy Requirements

All extensions must:

hashtag
No Telemetry

  • No analytics

  • No tracking

  • No external data transmission without explicit user consent

hashtag
Minimal Permissions

  • Request only necessary permissions

  • Explain why each permission is needed

  • Use optional permissions when possible

hashtag
Profile Isolation

  • Respect Privacy Profile boundaries

  • Don't correlate data across profiles

  • Store data per-profile when possible

hashtag
Testing

hashtag
Load Unpacked Extension

  1. Open Macro

  2. Go to macro://extensions

  3. Enable "Developer mode"

  4. Click "Load unpacked"

  5. Select your extension directory

hashtag
Test in Different Profiles

  • Load extension in Work profile

  • Switch to Degen profile

  • Verify data isolation

  • Check permission scoping

hashtag
Submission

To list extension in Macro directory:

  1. Open source your code (GitHub)

  2. Submit for privacy review

  3. Provide detailed permission justification

  4. Pass security audit

Review criteria:

  • No telemetry

  • Minimal permissions

  • Profile-aware

  • Open source

  • Clear privacy policy

hashtag
Best Practices

  • Use Web3 API instead of extensions when possible

  • Store sensitive data in user's wallet, not extension storage

  • Respect Macro's privacy principles

  • Provide clear opt-in for any external requests

  • Document all permissions in README

Build privacy-respecting tools.

PreviousPerformance Optimization GuideNextRoadmap

Last updated