MetaMask is a software cryptocurrency wallet available as a browser extension (Chrome, Firefox, Brave, Edge) and mobile app (iOS, Android). With over 30 million monthly active users, it is the dominant interface through which users access Ethereum and EVM-compatible blockchains. MetaMask allows users to store crypto assets, sign transactions, and interact directly with decentralized applications (dApps) — from DeFi protocols like Uniswap and Aave to NFT marketplaces like OpenSea. It is owned by ConsenSys, the Ethereum infrastructure company founded by Joseph Lubin.
How It Works
MetaMask functions as a self-custodial wallet — the user holds their private keys locally (encrypted by a password), not on any company server. The wallet generates a 12-word seed phrase at setup; whoever controls this phrase controls the wallet.
dApp Connection: When a user visits a compatible website, MetaMask injects window.ethereum into the browser, exposing an API that sites use to request signatures and transactions. Users approve each request in a popup.
Network Switching: MetaMask supports adding custom RPC endpoints, allowing connection to any EVM-compatible network — Polygon, Arbitrum, Optimism, BNB Chain, Avalanche, Base, and hundreds more. Most networks can be added with one click via Chainlist.org.
MetaMask Swaps: An in-wallet aggregator that compares DEX prices and executes swaps with a 0.875% fee. Integrates Uniswap, 1inch, and other liquidity sources.
Key Features
- Self-custody: Private keys never leave the device
- Multi-network: Supports all EVM chains via RPC configuration
- Swaps: In-app token swap aggregator across 20+ liquidity sources
- Portfolio dashboard: Track all holdings across connected wallets
- MetaMask Snaps: Third-party extension marketplace enabling non-EVM chains (Bitcoin, Solana, etc.) via community plugins
- MetaMask Institutional: Enterprise version with custody integrations (Fireblocks, Qredo)
- Gas fee estimation: Automatic slow/medium/fast gas suggestions with manual override
Fee Structure
- Swaps fee: 0.875% per swap transaction
- Sending ETH/tokens: No MetaMask fee; users pay network gas only
- Bridge fee: Variable depending on bridge provider used
- Network fees: Paid directly to validators; not controlled by MetaMask
Security
MetaMask has been the #1 target of phishing attacks in crypto due to its market dominance. Common attack vectors include:
- Fake MetaMask websites with lookalike URLs
- Browser extension clones published to app stores
- Discord/Twitter phishing DMs with “support” links
- Malicious “approval” transactions draining wallets
ConsenSys caused controversy in November 2022 by updating their Privacy Policy to reveal that MetaMask’s default RPC provider (Infura) logs user IP addresses and Ethereum addresses. Users concerned about privacy can switch to custom RPC providers (Alchemy, QuickNode, or self-hosted nodes).
History
| Year | Event |
|---|---|
| 2016 | Aaron Davis and Dan Finlay build MetaMask at ConsenSys |
| 2016 | Beta launch on Chrome |
| 2019 | Mobile app launched |
| 2020 | DeFi Summer drives MetaMask installs from ~500K to 1M+ monthly users |
| 2021 | 10 million monthly active users; NFT boom further accelerates growth |
| 2021 | MetaMask Swaps launched |
| 2022 | 30 million monthly active users reported |
| 2022 | IP logging disclosure causes community backlash |
| 2023 | MetaMask Snaps launches in open beta; enables non-EVM chains |
| 2023 | Portfolio dashboard and Ethereum staking integration added |
| 2024 | MetaMask Delegation Toolkit announced for advanced account abstraction |
Common Misconceptions
“MetaMask stores your crypto.” MetaMask stores nothing — it’s an interface for your keys. Your assets exist on the blockchain. If you lose your seed phrase, no one (including MetaMask) can recover your funds.
“Connecting MetaMask to a site can drain your wallet.” Simply connecting is harmless; it only reveals your public address. Funds can only be moved if you sign a transaction or approval. The danger is signing malicious approvals (e.g., approve(attacker, unlimited) for a token contract).
Criticisms
- IP address logging by Infura (default RPC) is a privacy concern for privacy-conscious users
- The 0.875% swap fee is higher than using DEXes directly
- MetaMask’s browser extension model has a fundamentally large attack surface compared to hardware wallets
- Slow to innovate compared to Phantom (Solana) in UX quality
Social Media Sentiment
MetaMask (@MetaMask) is an institution in the Ethereum community. Despite the IP logging controversy, its user base has remained largely loyal due to the lack of a dominant competitor on Ethereum. Developers frequently criticize specific UX choices. Projects frequently share MetaMask connection guides. The Snaps launch opened a new community of plugin developers.
Last updated: 2026-04
How to Use
- Install MetaMask from metamask.io (always verify the URL)
- Create a new wallet and securely store your 12-word seed phrase offline
- Add funds by purchasing crypto on an exchange and sending to your MetaMask address
- For maximum security, connect MetaMask to a hardware wallet (Ledger or Trezor) — this requires physical button presses to approve transactions
Related Terms
Sources
ConsenSys. (2022). MetaMask Privacy Policy Update — Infura Data Collection. ConsenSys blog.
Eskandari, S., Leoutsarakos, A., Mursch, T., & Clark, J. (2018). A First Look at Browser-Based Cryptojacking. IEEE EuroS&P Workshops.
Daian, P., et al. (2019). Flash Boys 2.0: Frontrunning in Decentralized Exchanges. arXiv.
Grover, J. (2021). Phishing Attacks Targeting Cryptocurrency Wallets. SANS Institute.
Buterin, V. (2023). ERC-4337: Account Abstraction Using Alt Mempool. Ethereum Improvement Proposals.