# Extension Development Guide

## <mark style="color:purple;">Extension Development Guide</mark>

Build privacy-respecting browser extensions for Macro.

![Diagram 1](https://content.gitbook.com/content/12iOS9xiOBrGJgaaBtCR/blobs/koIEwFr4buDNlnASlHpy/Screenshot_3.png)

### <mark style="color:purple;">Extension Philosophy</mark>

Macro discourages extensions (they expand attack surface), but supports limited extension API for essential tools.

#### Guidelines

* Most features should integrate via Web3 API, not extensions
* Extensions undergo privacy review
* Minimal permissions required
* Open source preferred

### <mark style="color:purple;">Supported APIs</mark>

Macro supports Chromium Extension API v3.

#### Manifest V3 Only

Macro only supports Manifest V3 (MV2 deprecated).

```json
{
  "manifest_version": 3,
  "name": "My Privacy Extension",
  "version": "1.0.0",
  "permissions": ["storage"],
  "host_permissions": ["https://api.example.com/*"]
}
```

#### Available APIs

* `chrome.storage` (local storage only, no sync)
* `chrome.tabs` (limited)
* `chrome.windows` (limited)
* `chrome.scripting` (content scripts)
* Service workers

#### Restricted APIs

* `chrome.webRequest` (limited to declarative net request)
* `chrome.cookies` (requires explicit permission)
* `chrome.history` (blocked)
* `chrome.browsingData` (blocked)

### <mark style="color:purple;">Privacy Requirements</mark>

**All extensions must:**

#### No Telemetry

* No analytics
* No tracking
* No external data transmission without explicit user consent

#### Minimal Permissions

* Request only necessary permissions
* Explain why each permission is needed
* Use optional permissions when possible

#### Profile Isolation

* Respect Privacy Profile boundaries
* Don't correlate data across profiles
* Store data per-profile when possible

### <mark style="color:purple;">Testing</mark>

#### Load Unpacked Extension

1. Open Macro
2. Go to `macro://extensions`
3. Enable "Developer mode"
4. Click "Load unpacked"
5. Select your extension directory

#### Test in Different Profiles

* Load extension in Work profile
* Switch to Degen profile
* Verify data isolation
* Check permission scoping

### Submission

**To list extension in Macro directory:**

1. Open source your code (GitHub)
2. Submit for privacy review
3. Provide detailed permission justification
4. Pass security audit

**Review criteria:**

* No telemetry
* Minimal permissions
* Profile-aware
* Open source
* Clear privacy policy

### Best Practices

* Use Web3 API instead of extensions when possible
* Store sensitive data in user's wallet, not extension storage
* Respect Macro's privacy principles
* Provide clear opt-in for any external requests
* Document all permissions in README

***

Build privacy-respecting tools.