uMatrix requires the following permissions to work properly:

"permissions": [
    "browsingData",
    "cookies",
    "privacy",
    "storage",
    "tabs",
    "unlimitedStorage",
    "webNavigation",
    "webRequest",
    "webRequestBlocking",
    "<all_urls>"
],

• browsingData: to allow clearing the browser cache.
• cookies: to allow the report and removed blocked cookies.
• privacy (introduced in 0.9.1.2): for uMatrix to be able to disable the setting "Prefetch resources to load pages more quickly". This is to ensure your IP address do not leak to the remote servers of blocked network requests.
• storage: to store your own whitelist/blacklist domains/objects and all other settings.
• tabs: to enable forcing a reload of the content of a tab (when the content of the whitelist/blacklist change).
• unlimitedStorage: to allow a user to update various assets used by uMatrix (like preset blacklists, preset recipes, etc.) by fetching the latest versions from Github and saving them locally.
• webNavigation: to listen to onBeforeNavigate events in order to set up uMatrix's internal data structure for a specific web page.
• webRequest: to allow intercepting all requests in order to inspect them.
• webRequestBlocking: to be able to block a request if the object of the request is blacklisted.
• <all_urls>: to be able to inspect network requests for all URLs (http:, https:, ws:, wss:, data:, etc.) -- necessary in order to decide whether a network request should be blocked.