metamask
So you are a user in a single instance of Metamask with an email/pwd.
If I create different addresses inside the MetaMask instance, is there a way that a third party can find out all of my Metamask wallets are linked to the same Metamask instance (my user)?
Thanks.
You can do it with using both ways, having the two computers networked together.
Using Metamask;
select network as Custom RPC put the custom url as http://[ComputerA's ip address]:[rpc port]
eg:
If computer A's ip address is 192.168.8.100 and rpc port is 8545 then use,
http://192.168.8.100:8545
Using web3;
As one of your own questions How can I connect my HTML user interface to my Ethereum private chain? you can use
web3 = new Web3(new Web3.providers.HttpProvider("http://localhost:8545"));
with the slight change of; instead localhost replace the ip address of the other computer (in your case computer A's ip address in the LAN) and the 8545 with port number.
eg:
If computer A's ip address is 192.168.8.101 and rpc port is 8545 then use,
web3 = new Web3(new Web3.providers.HttpProvider("http://192.168.8.101:8545"));
EDIT: It's needed to have RPC enabled in the computer A allowing the computer B to access it with
--rpc --rpcport "8545" --rpccorsdomain "[commputer B's ip address OR *]" --rpcaddr "[computer A's ip address]"
See this tutorial and example in Status's documentation. https://status.im/developer_tools/run_on_status/eip-1102.html
The idea is to maintain backward compatibility while also introducing and supporting EIP-1102 if/when the browser/metamask/etc supports it. In other words, add EIP-1102 without breaking existing provider support.
It looks for EIP-1102 and if it is not there, then it falls back through other methods. That gives the user options and a UI that works with MetaMask/Status and EIP-1102, a legacy injected provider or their own node.
Please pardon the crudeness of the example app. It is intentionally so to avoid obfuscating the salient points of accomplishing this. For this reason, no cosmetic concerns or front-end framework is used except good old jQuery to put something on the screen.
const Web3 = require("web3");
const $ = require("jquery");
window.addEventListener('load', async function() {
if (typeof ethereum !== 'undefined') {
// Supports EIP-1102 injected Ethereum providers.
window.web3 = new Web3(ethereum);
} else if (typeof web3 !== 'undefined') {
// Supports legacy injected Ethereum providers.
window.web3 = new Web3(web3.currentProvider);
} else {
// Your preferred fallback.
window.web3 = new Web3(new Web3.providers.HttpProvider('http://localhost:8545'));
}
try {
$("#connected").html(`You are connected to network ${await window.web3.eth.net.getId()}`);
} catch(error) {
$("#connected").html(`You are have no access to Ethereum: ${error}`);
}
$("#otherAddress").change(async function() {
try {
$("#otherBalance").html(await window.web3.eth.getBalance($(this).val()));
} catch(error) {
$("#otherBalance").html(error);
}
});
const displayMyAccounts = accounts => {
try {
if (accounts.length == 0) {
$("#myAddresses").html("<tr><td colspan='2'>You have no addresses</td></tr>");
} else {
$("#myAddresses").html("");
accounts.forEach(async myAddress => $("#myAddresses").append(`<tr>
<td>${myAddress}</td>
<td>${await window.web3.eth.getBalance(myAddress)}</td>
</tr>`)
);
}
} catch(error) {
$("#myAddresses").html(error);
}
};
if (typeof ethereum !== 'undefined') {
$("#allowMyAddresses").click(async () => {
try {
displayMyAccounts(await ethereum.enable());
} catch(error) {
$("#allowStatus").html("You did not allow to access your addresses");
}
});
} else {
try {
displayMyAccounts(await window.web3.eth.getAccounts());
} catch(error) {
$("#myAddresses").html(`Failed to get your addresses: ${error}`);
}
}
});
For clarity, where the tutorial says "in Status" you can interpret that as "in your browser with Status, MetaMask, or any other arrangement that supports EIP-1102." The example is tested with MetaMask. The hints about navigating to permissions will be a little different, of course, but the gist is the same because EIP-1102 is clear about the flow and representation of permissions.
Hope it helps.
Best Answer
Not with data that is publicly available on the blockchain. Addresses are not connected to eachother in any way. If someone has access to your mnemonic phrase, extended private key or extended public key, they can link the different addresses, but of course you should never give this data out.
Note that MetaMask does not have an account system with an emailaddress and password combo. The password is only used to decrypt your locally stored mnemonic phrase.