卡皮时光

Capytime Timelock Chrome Extension Privacy Policy

Last Updated: January 25, 2026

1. Introduction

The Capytime Timelock Chrome Extension (hereinafter referred to as "this Extension") is developed and operated by Shanghai Main Consulting Management Co., Ltd. (hereinafter referred to as "we"). We take your privacy protection very seriously. This Privacy Policy explains how this Extension handles your data.

2. Core Principle: Local Processing

🔒 We Do Not Collect Any of Your Data

All encryption and decryption operations of this Extension are performed locally in your browser. We do not collect, store, or transmit any of your personal information, encrypted content, or decrypted plaintext. Your data always stays on your device.

3. Extension Permissions

This Extension requests the following browser permissions, each with a clear purpose:

storage (Local Storage)

Purpose: Save your interface preferences (such as language selection) to browser local storage.

Note: This data is only stored in your browser and is not uploaded to any server.

contextMenus (Right-click Menu)

Purpose: Add a "Timelock encrypt selected text" option to the webpage right-click menu.

Note: The selected text is only read for encryption when you actively choose to use this feature.

activeTab (Current Tab)

Purpose: Get the text you selected on a webpage for timelock encryption.

Note: The selected text is only accessed when you actively trigger the encryption operation; no webpage content is read in the background.

clipboardWrite (Write to Clipboard)

Purpose: Copy the encrypted ciphertext to your clipboard for easy sharing.

Note: Writing to the clipboard only occurs when you click the "Copy" button; clipboard contents are not read.

4. Network Requests

This Extension needs to access the following external service:

drand Time Beacon Network

  • Endpoints: https://api.drand.sh and https://drand.cloudflare.com
  • Purpose: Retrieve distributed randomness beacon signatures for timelock decryption
  • Data Sent: Only requests public signature data for specific rounds; no user data is sent
  • Note: drand is a public distributed randomness beacon network operated by multiple independent organizations. We only retrieve the publicly published time signatures, which are necessary for timelock decryption.

Important: Apart from the drand network requests mentioned above, this Extension does not send any data to any other servers. Your plaintext, ciphertext, file contents, etc. are never transmitted externally.

5. Data Processing

5.1 Text Encryption

When you use the text encryption feature:

  1. Your plaintext is encrypted in browser memory
  2. The encryption process uses AES-256-GCM and BLS12-381 curve IBE algorithms
  3. The generated ciphertext is displayed on the interface for you to copy
  4. The plaintext is not stored or transmitted to any server

5.2 Text Decryption

When you use the text decryption feature:

  1. The Extension checks if the current time has reached the unlock time
  2. If decryption is possible, the corresponding time signature is retrieved from the drand network
  3. The ciphertext is decrypted locally using the signature
  4. The decrypted plaintext is displayed on the interface and is not sent to any server

5.3 File Encryption/Decryption

File processing is also entirely local:

  • File contents never leave your browser
  • Encrypted .tlock files are downloaded directly to your device
  • Decrypted files are downloaded directly to your device

6. Information We Do NOT Collect

For clarity, the following is information we do NOT collect:

  • ❌ Your browsing history
  • ❌ Websites you visit
  • ❌ Content you encrypt or decrypt
  • ❌ Your IP address
  • ❌ Your device information
  • ❌ Any personally identifiable information
  • ❌ Usage statistics or analytics data

7. Third-Party Services

The only third-party service this Extension relies on is the drand distributed randomness beacon network. drand is an open-source public infrastructure project jointly operated by organizations including Protocol Labs, Cloudflare, and EPFL.

For drand's privacy policy and more information, please visit:https://drand.love

8. Security

This Extension employs the following security measures:

  • End-to-end encryption: All encryption operations are performed on your device
  • Industry-standard algorithms: Uses AES-256-GCM and BLS12-381 curve
  • Open-source dependencies: Uses audited @noble/curves and @noble/hashes libraries
  • Principle of least privilege: Only requests necessary browser permissions

9. Children's Privacy

This Extension is not directed at children under 13 years of age and does not intentionally collect any information from children. Since we do not collect any user data, we also do not collect data from children.

10. Policy Updates

We may update this Privacy Policy from time to time. Updated policies will be posted on this page with an updated "Last Updated" date. We recommend that you periodically review this page for any changes.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: [email protected]

Website: www.capytime.com

© 2026 Shanghai Main Consulting Management Co., Ltd. All rights reserved.

Capytime - Let a Capybara Guard Your Secrets