Here you will find answers to the most frequently asked questions.

Troubleshooting

• What happens if I lose my password?
  If you lose your password, there is no way to recover it. Grind Wallet does not store your password anywhere. This is not a problem, because the password is only for this specific installation. The real “master key” is your recovery phrase. Simply install the wallet again and restore your accounts using the recovery phrase.

Safety

• Is Grind Wallet safe to use?
  As of early 2026, Grind Wallet is still in Alpha and is a development build for enthusiasts. We do not recommend using it to store large amounts yet.
• Is a wallet as a browser extension safe?
  For browser-based wallets, a browser extension is generally the safest option—much safer than wallets running on a regular website or in the cloud. Extensions run in an isolated environment (separate from web pages) and also use background workers that are additionally separated. In contrast, a typical web wallet runs in the context of a website’s domain, which significantly increases risk. The best wallets in the world are either a browser extension or a standalone application.
• Are web browsers safe?
  Honestly, not really. Modern browsers are complex and are a frequent target for exploits and malware.
  If you are protecting life-changing savings, we recommend using a standalone application instead of relying on a browser. If you do use a browser wallet, create a separate browser profile dedicated only to crypto activity:
  • No other extensions installed (many extensions are risky or outright malware).
  • Block random websites, especially social media and other high-risk sites that often serve malicious scripts. Use this profile only for the sites you actually need (e.g., a DEX and essential services).
• Is disabling automatic extension updates a good security practice?
  There are two schools of thought. One says you should disable auto-updates: if a vulnerability (or a malicious update) is reported on social media, you can pause safely and avoid getting infected, then update once a verified patch is available. The other says you should keep auto-updates enabled: not everyone follows security news, and for most people the safest option is to receive fixes as soon as they are released.
  
  The best part is that you can choose the strategy that fits your lifestyle. With wallets running on regular websites, you don’t have that choice—you always load whatever version is currently served.

Privacy

• Is the wallet really private?
  Yes. Grind Wallet is one of the few wallets in the world that does not track users, has no analytics/metrics, and does not collect personal data. The only time any data can be sent is when you enable “Send errors to developer” to report crashes/bugs—these reports contain code error details (not personal information) and are disabled by default. We recommend enabling it because it helps us find and fix issues faster. In practice, most wallets collect telemetry in some form; Grind Wallet is built to avoid that.

Design

• Why is the wallet backendless?
  A backendless design means that there is no central server that processes your transactions or stores your data. Instead, all operations are performed directly between your browser extension and the blockchain.
  This design enhances privacy and security, as there is no middleman that could potentially access your information. It also reduces latency and improves performance since you are communicating directly with the blockchain nodes.
  However, we do have a central smart contract (ICP canister), which is used mainly for fetching (not sending) data:
  • You fetch: new tokens info, new NFT collections info.
  • You send (optional): anonymous error logs only if you enable “Send errors to developer” (disabled by default).
• Why are custodial and cloud wallets a bad idea?
  Because they are a service—and that’s not what the Web3 “revolution” was supposed to be. The whole point of owning a wallet is that you perform the cryptographic operation locally (on your own device) and broadcast the result to the blockchain, where other participants can verify it. In custodial/cloud setups you go back to the previous century model: you send a request to a server and the server signs/sends on your behalf. That is a fundamentally different security and ownership model.
  
  It also concentrates risk: if the service is compromised, all users can be affected at once. In a non-custodial, local wallet you are responsible for protecting your own keys, but you also keep full control over your assets and you are not exposed to a single shared point of failure.
  
  Finally, the company can go bankrupt, get shut down, or the CEO can disappear overnight on a private island — this has happened before.