Ecash App logo
Ecash App
Learn MoreView on GitHub

Privacy Policy

Last updated: April 6, 2026

Introduction

Frost Forge ("we", "us", or "our") develops Ecash App, an open-source, Bitcoin wallet built on Fedimint. We are committed to protecting your privacy. This policy explains what data the app handles, how it is stored, and what information is transmitted to external services.

Data We Do Not Collect

Ecash App does not collect, store, or transmit any personal information to Frost Forge. Specifically:

  • No analytics or telemetry
  • No crash reporting
  • No advertising or tracking SDKs
  • No device identifiers or fingerprinting
  • No email addresses, phone numbers, or real names
  • No location data
  • No user accounts or passwords

Data Stored on Your Device

All wallet data is stored locally on your device in a database. This includes:

  • Your seed phrase (BIP39 mnemonic) and derived cryptographic keys
  • Federation configurations and ecash notes
  • Transaction history and payment states
  • User preferences (display currency, denomination format, PIN hash)
  • Contact information synced from Nostr (if you enable contact sync)
  • Lightning Address credentials

This data never leaves your device unless you explicitly initiate an action that requires network communication, as described below. Uninstalling the app removes all local data.

Network Communications

To function as a Bitcoin wallet, the app communicates with external services. All connections use encrypted protocols (HTTPS, WSS, and QUIC).

Fedimint Federation Servers

When you join a federation, the app communicates with that federation's servers to process transactions, check balances, and perform wallet operations. Federation operators can see transaction metadata but communications are encrypted.

Nostr Relays

The app connects to Nostr relays for federation discovery, wallet backup, contact sync, and Nostr Wallet Connect (NWC). Backup data is encrypted before being sent to relays. Relay operators may see your IP address and public key metadata. You can configure which relays the app uses.

Bitcoin Network Data

The app queries mempool.space for Bitcoin price data and on-chain transaction information. These are standard API requests that do not include any personal information, though the service provider may log your IP address per their own privacy policy.

Lightning Address Services

By default, the app registers a Lightning Address on your behalf to enable receiving Lightning payments. Your chosen username and payment endpoint are sent to the Lightning Address service provider (by default, ecash.love). You may opt out of this feature in the app settings.

Third-Party Services

The app interacts with the following third-party services during normal operation:

  • Fedimint federation servers — operated by the community or organization that created the federation you join
  • Nostr relays — decentralized message relays; you control which relays are used
  • mempool.space — Bitcoin network data and price information
  • ecash.love — Lightning Address registration (enabled by default, can be opted out)

Each of these services has its own privacy practices. We encourage you to review their respective privacy policies.

Permissions

The app requests the following Android permissions:

  • Camera — for scanning QR codes to send payments or join federations
  • Internet — required for wallet operations, federation communication, and price data
  • Foreground Service — for Nostr Wallet Connect (NWC) integration, which monitors for incoming zap requests
  • Notifications — to alert you about incoming payments and transaction updates

The app does not request access to your contacts, location, microphone, or storage. Camera access is used solely for QR code scanning and no images are stored or transmitted.

Security

All network communications use encrypted protocols (HTTPS, WSS, and QUIC). Privacy sensitive backup data sent to Nostr relays is encrypted using NIP-04 encryption so that only you can decrypt it. You may optionally set a PIN to protect spending operations. Wallet data is stored locally on your device and is protected by your device's own security measures (screen lock, encryption, etc.).

Your Choices and Controls

  • You choose which federations to join and which Nostr relays to use
  • Contact sync from Nostr is optional and user-controlled
  • Lightning Address registration is enabled by default but can be opted out
  • You can delete all local data by uninstalling the app
  • Your seed phrase gives you full control over your wallet and funds

Children's Privacy

Ecash App is not directed at children under 13. We do not knowingly collect any personal information from children.

Open Source

Ecash App is open-source software. You can review the complete source code at github.com/fedimint/ecash-app to verify the privacy claims made in this policy.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.

Contact Us

If you have questions about this privacy policy, you can reach us at frostforgetech@gmail.com.