docs: document Blockscout as third external service in README

README.md

@@ -15,9 +15,10 @@ Hence, a minimally viable ERC20 browser wallet/signer that works cross-platform.
 Everything you need, nothing you don't. We import as few libraries as possible,
 don't implement any crypto, and don't send user-specific data anywhere but a
 (user-configurable) Ethereum RPC endpoint (which defaults to a public node). The
-extension contacts precisely two external services: the configured RPC node for
+extension contacts exactly three external services: the configured RPC node for
-blockchain interactions, and a public CoinDesk API (no API key) to get realtime
+blockchain interactions, a public CoinDesk API (no API key) for realtime price
-price information.
+information, and a Blockscout block-explorer API for transaction history and
+token balances. All three endpoints are user-configurable.
 
 In the extension is a hardcoded list of the top ERC20 contract addresses. You
 can add any ERC20 contract by contract address if you wish, but the hardcoded
@@ -534,7 +535,7 @@ transitions.
 ### External Services
 
 AutistMask is not a fully self-contained offline tool. It necessarily
-communicates with two external services to function as a wallet:
+communicates with three external services to function as a wallet:
 
 - **Ethereum JSON-RPC endpoint**: The extension needs an Ethereum node to query
   balances (`eth_getBalance`), read ERC-20 token contracts (`eth_call`),
@@ -543,11 +544,24 @@ communicates with two external services to function as a wallet:
   receipts. The default endpoint is a public RPC (configurable by the user to
   any endpoint they prefer, including a local node). By default the extension
   talks to `https://ethereum-rpc.publicnode.com`.
+  - **Data sent**: Ethereum addresses, transaction data, contract call
+    parameters. The RPC endpoint can see all on-chain queries and submitted
+    transactions.
 
 - **CoinDesk CADLI price API**: Used to fetch ETH/USD and token/USD prices for
   displaying fiat values. The price is cached for 5 minutes to avoid excessive
   requests. No API key required. No user data is sent — only a list of token
   symbols. Note that CoinDesk will receive your client IP.
+  - **Data sent**: Token symbol strings only (e.g. "ETH", "USDC"). No
+    addresses or user-specific data.
+
+- **Blockscout block-explorer API**: Used to fetch transaction history (normal
+  transactions and ERC-20 token transfers), ERC-20 token balances, and token
+  holder counts (for spam filtering). The default endpoint is
+  `https://eth.blockscout.com/api/v2` (configurable by the user in Settings).
+  - **Data sent**: Ethereum addresses. Blockscout receives the user's addresses
+    to query their transaction history and token balances. No private keys,
+    passwords, or signing operations are sent.
 
 What the extension does NOT do:
 
@@ -557,9 +571,10 @@ What the extension does NOT do:
 - No Infura/Alchemy dependency (any JSON-RPC endpoint works)
 - No backend servers operated by the developer
 
-The user's RPC endpoint and the CoinDesk price API are the only external
+These three services (RPC endpoint, CoinDesk price API, and Blockscout API) are
-services. Users who want maximum privacy can point the RPC at their own node
+the only external services. All three endpoints are user-configurable. Users who
-(price fetching can be disabled in a future version).
+want maximum privacy can point the RPC and Blockscout URLs at their own
+self-hosted instances (price fetching can be disabled in a future version).
 
 ### Dependencies