autoyield is a thin service layer. We collect the minimum needed
for it to function:
Solana wallet addresses you pass to our tools (e.g., as the
wallet argument). These are public on-chain identifiers.
Bearer tokens if you self-host and configure them. Used only
for authentication; never logged with their value.
Unsigned transactions we construct on your behalf are stashed
temporarily for up to 24 hours (in the data/sign-store.json
file on the host) so the sign page can refetch and rebuild them.
Server logs include endpoint paths, IP addresses (for
rate-limiting), and error messages. Logs are retained per the host's
configuration; on the canonical autoyield.org deployment, that is
≤ 7 days unless required for security incident response.
What we do NOT collect
Your private keys, seed phrase, or signed transactions (you sign in
your own wallet; the signed bytes pass through us only as a base64
payload during broadcast).
Email addresses, names, phone numbers, or other personally
identifying information. We do not run accounts.
Your wallet address is shared with public Solana RPC providers and
with Jupiter (for quote and swap construction). It is also written
to the public Solana blockchain when you sign and broadcast a
transaction. None of this is something autoyield can prevent — it
is inherent to how a public blockchain works.
Self-hosting
autoyield is open source under the MIT License. You can run your
own instance with no external data flow other than to the RPCs and
third-party APIs you configure. See the GitHub repo for details.
Children
The Service is not directed to children under 18. Do not use it
if you are under 18.
Changes
Material changes are reflected in the "Last updated" date.