Security
Built to be verified, not trusted
idlepay wires an ad network into your AI tooling — we know exactly how that sounds. So the architecture is designed for the most skeptical engineer on your team: everything below is checkable on your own machine, in minutes.
The client is open source — every line that runs on your machine is at github.com/idlepay-co/client, and scripts/verify.sh checks that the extension published on the marketplace was built from exactly that source.
What runs where
1. The script in your Claude Code config
The only thing idlepay adds to ~/.claude/settings.json is a status line entry running ~/.idlepay/idlepay-statusline.mjs — about fifty lines of logic with no network calls, no credentials, and no self-update. It renders a local JSON file the extension keeps fresh, and reads one timestamp (see below). Open the file and read it; that is the point.
2. The editor extension
All network lives in the marketplace extension — signed, malware-scanned and distributed by Microsoft. It talks to the idlepay API for exactly three things: fetching ad content, reporting credited impressions, and counting clicks.
3. The spinner patch — opt-in only
Sponsored “thinking…” verbs require modifying your local Claude Code binary. That never happens silently: the extension asks once, a pristine backup is kept, and idlepay: Restore Claude Code spinner to default undoes it at any time.
Your data
What we never read
Your prompts, your code, your conversations — none of it. The only thing idlepay consults is the modification timestamp of the session transcript file, to tell “actively using Claude” from “a terminal left open overnight”. Advertisers only pay for real attention; your work stays yours.
What leaves your machine
- a random device id and its server-issued token (created at sign-in),
- impression beacons (“this device showed an ad just now”),
- click events when you click an ad.
That's the whole list. No telemetry, no analytics SDK, no file contents, ever.
Distribution & lifecycle
Updates
The extension updates exclusively through your editor's marketplace — versioned, signed, with a public changelog. It has no self-update mechanism and never downloads code from our servers. The status line script only changes when the extension ships a new version. Releases are built and published from the public repository's CI, so every version is traceable to a commit anyone can read.
Uninstall means uninstall
Removing the extension restores the pristine Claude Code binary and webview, strips every idlepay key from your settings, and deletes ~/.idlepay. Nothing survives.
Anti-fraud
Crediting is enforced server-side — per-account cooldowns, daily caps, atomic accounting. Idle editors and farmed sessions don't credit, which protects advertisers the same way the points above protect earners.
Found something?
If you believe you've found a vulnerability, email support@idlepay.co with [security] in the subject. We read every report, respond fast, and credit researchers who want to be credited.
Related: why earnings pause when your editor is closed — the flip side of a hook that can't phone home.