Streetlight Ledger

Let's make cookies human readable, classify them based on risk, let you delete them, let you see third parties, and play our minigame to join global leaderboard while learning about cookies!

Comment

Inspiration

Sites save cookies about you that are cryptic and uninterpretable. They access third parties without you realizing.

What it does

Our Chrome extension makes these cookies understandable and let's you classify them by using Google's Gemini Flash AI to classify each cookie as Safe, Tracking, or High Risk, with instant explanations on demand. You can then use the extension to delete any of the cookies you don't want. Additionally, it let's you see what third party sites are being accessed and how many times. Users get an at-a-glance Privacy Score and "Fog Level" that quantifies how obscured their data is Finally, you can take part in our game, Whac-A-Tracker, which teaches you about cookies, with progressive difficulty, combo streaks, and a global Firebase leaderboard for friendly competition.

How we built it

We built a Manifest V3 Chrome extension using:

  • Chrome APIs (cookies, webRequest, scripting, contextMenus) for real-time site analysis and injection.
  • Gemini Flash API for on-demand cookie classification and risk explanations.
  • Firebase Firestore for the global Whac-a-Tracker leaderboard.
  • Vanilla JavaScript/HTML/CSS for the popup, game canvas, and on-page overlays.

Challenges we ran into

  • Balancing Gemini API rate limits and costs.
  • Accurately classifying obscure cookies without hard-coded blocklists. Solved with careful prompting.
  • Implementing progressive difficulty and combo streaks in the game.
  • Working around Manifest V3's strict CSP to enable Firebase leaderboard while keeping the extension secure (solved with sandboxed pages).
  • Merging multiple features (cookie scanner, AI, game, link scoping) without UI clutter.
  • Many merge conflicts.

Accomplishments that we're proud of

  • Integrating Gemini AI in a free and privacy-focused way that classifies cookies accurately.
  • Creating a product with more functionality and information than the current cookie reading extensions on the marketplace.
  • A challenging game with a global leaderboard that teaches you about cybersecurity (safe vs tracking and unsafe cookies).
  • Making something that our parents could use to understand cookies.

What we learned

  • Ways we could use an LLM's API for unique functionalities.
  • How to make a functional chrome web extension.
  • How to keep API key's private.
  • UI design.

What's next for Streetlight Ledger

  • Using a server with our own API key for Gemini so users don't need to input their own. Must ensure speed, reliability, and absolute privacy.
  • Expand AI capabilities. For example, use classification techniques to classify cookies faster and more efficiently.

Built With

Share this project:

Updates