In your add-on description for your Firefox add-on, you say:
Because it adds functionality to the normal browser context, MetaMask requires the permission to read and write to any webpage.
However, AFAIK the add-on only allows the current website (i.e. current tab) to interact with the browser extension.
See this guide for more information:
extensionworkshop .com/documentation/develop/request-the-right-permissions/#avoid-unnecessary-permissions
Especially:
The alternative is to request
"activeTab". This permission provides your extension with the same capabilities but only for the active tab and only when run from the extension’s UI (that is from a toolbar button, navigation bar button, context menu, or shortcut key).Importantly,
"activeTab"doesn’t result in the display of a permissions message when installing the extension.
IMHO this permission is way better – https:// developer.mozilla .org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#activetab_permission) and builds trust in your users.
And it’s always good to use only the required permissions/as few as possible.
At least as an alternative – even if I had to click on an extra button or so – I would very much like it.
Edit: Due to Discourse… arg… I cannot include links in my post so I destroyed them. Feel free to fix them, so they can actually link properly.