Skip to main content


Metamask, like other wallets, uses infrastructure to communicate with the blockchain. By default it talks to Infura, one of the biggest infrastructure providers in the ethereum ecosystem.

The way this communication takes place is through Remote Procedure Calls (RPC), and call data is formatted as Java Script Object Notation (JSON), which is why you might see the term JSON RPC somewhere. Here is a more in-depth explanation by Infura.

Metamask polls information about the state of the blockchain in this way, e.g. gas prices, wallet balance and more. After creating and signing transactions, Metamask sends these to the selected RPC endpoint, too.

When using evm-compatible chains (other than Ethereum Mainnet) like Testnets, Polygon or Gnosis Chain, Metamask has to use other rpc endpoints. Chainlist helps by providing a directory of established endpoints.

So far, when using the Ethereum Mainnet, advanced users might have edited the Network configuration in order to use their own node or use the services of flashbots.

GasHawk places itself between Metamask and the Node provider.

Being in the position between a Wallet/Service and the Node provider allows GasHawk to:

Hold TXCreate transactions
Delete TXAlter tx
Record activityAccess private keys
Lie about the state of the blockchainAlter the state of the blockchain

Therefore, Metamask warns you of these risks when you add the custom network:

The key takeaway here is that being your rpc node does NOT give GasHawk the possibility to steal your funds. So, even if GasHawk was ever hacked, your funds would still be safu 😌