Help Home / Security & Privacy

Security & Privacy

Privacy First. Learn how SwiftMiner secures your Twitch authentication tokens using your Mac's Keychain and operates entirely locally on your machine without tracking.

SwiftMiner is designed around security and privacy. Because you are connecting your personal Twitch accounts, the app uses native macOS security systems to protect your data and does not track your online activities.

Keychain Token Storage

SwiftMiner does not store your Twitch passwords. When you authorize the app using the device activation code, Twitch returns a secure OAuth Access Token and Refresh Token.

To protect these tokens, SwiftMiner integrates directly with the native macOS Keychain Services API:

  • Tokens are encrypted and stored inside your system’s secure Keychain, managed by macOS.
  • They are locked and encrypted at rest using your Mac's user login credentials.
  • No other third-party applications can access these keys, and they are never stored in plain-text configuration files on your disk.

Direct Network Connections

SwiftMiner is a local utility. Unlike web-based automated miners that route your traffic or account sessions through their own servers, SwiftMiner runs entirely on your Mac:

  • Direct-to-Twitch: Every query, watcher status, and claim request is sent directly from your Mac to official Twitch endpoints (api.twitch.tv and gql.twitch.tv). There are no intermediate proxy servers.
  • Telemetry & Tracking: SwiftMiner does not collect telemetry, crash reports, viewing histories, or user statistics. There are no tracking scripts or analytics cookies in the app or on the website.
  • Discord Webhooks / SwiftBot: If you choose to enable the optional Discord integration, SwiftMiner communicates only with the SwiftBot relay server (on swiftbot.dev) to forward drop notifications and support slash commands. If disabled, no Discord network traffic is generated.

Open Source & Auditability

Because SwiftMiner is a completely open-source project hosted on GitHub, the entire codebase is audit-friendly:

  • You can review the Swift code that handles Keychain storage, network requests, and API communication.
  • You can compile the application yourself from the source code in Xcode to guarantee that your running binary matches the repository code.
  • For advanced security compliance details, see the Security Policy on the GitHub repository.