Atomic Wallet Password Recovery — IndexedDB Vault Extraction & Decryption

Q: Where does Atomic Wallet store its encrypted vault?

Atomic Wallet stores its state in a Chromium IndexedDB database backed by LevelDB. On Windows the path is %APPDATA%/atomic/IndexedDB/file__0.indexeddb.leveldb/. On macOS it is ~/Library/Application Support/atomic/IndexedDB/. On Linux it is ~/.config/atomic/IndexedDB/. The encrypted seed material lives inside LevelDB log files under keys prefixed with 'data-'.

Q: What encryption does Atomic Wallet use?

Atomic Wallet uses PBKDF2-HMAC-SHA512 for key derivation with 5,000 to 100,000 iterations depending on the build version, followed by AES-256-CBC encryption of the seed material. There is no official hashcat mode; recovery relies on btcrecover with a custom wallet module or a Python-based extraction and verification script.

Q: Can I recover an Atomic Wallet password without the wallet file?

No. The encrypted seed material is stored inside the LevelDB IndexedDB folder. If the Atomic app was uninstalled and the data folder deleted, the seed is gone forever unless you have your 12-word recovery phrase written down separately.

Q: What is the hashcat mode for Atomic Wallet?

There is no official hashcat mode for Atomic Wallet. The community uses btcrecover with --wallet-type atomic or a custom Python script that extracts the encrypted seed from LevelDB and tests candidates using PBKDF2-HMAC-SHA512 + AES-256-CBC decryption.

Q: Is Atomic Wallet password recovery realistic?

Yes, but slower than wallets with dedicated hashcat modes. On a modern GPU expect 20,000-200,000 candidates per second depending on iteration count. Success strongly depends on password hints — recovery succeeds in about 22% of cases with useful hints, versus ~45% for Exodus.

Atomic Wallet is an Electron-based multi-chain wallet that stores all encrypted state inside Chromium's IndexedDB — a LevelDB-backed key-value database buried in your user profile. If you have forgotten the password and the 12-word recovery phrase was not saved, the encrypted seed blob inside the IndexedDB folder is your only hope. This guide shows exactly how to extract it, analyze the encryption, and attack it.

Before you spend a cent: If you have your 12-word Atomic Wallet recovery phrase written down, restore into a fresh install — the password only protects the local file. The phrase is the master secret for all coins. Password recovery is only needed when the phrase is also lost.

About Atomic Wallet

Atomic Wallet launched in 2018 and supports over 500 coins and tokens across multiple blockchains including Bitcoin, Ethereum, XRP, Litecoin, and Binance Smart Chain. Unlike native wallets that store a single file, Atomic uses an embedded Chrome IndexedDB — the same storage engine used by browser-based apps — persisted through LevelDB on the local filesystem.

The encrypted seed material, transaction history, and wallet metadata are all stored inside this database. The wallet does not write a single neat file like a .dat or .json; instead the data is spread across multiple LevelDB segment files (*.ldb, *.log) that must be reassembled before the encrypted seed can be extracted.

Atomic Wallet encryption details

Parameter	Value
KDF	PBKDF2-HMAC-SHA512
Iterations (pre-2023)	5,000
Iterations (2023+)	100,000
Cipher	AES-256-CBC
Key length	256 bits
Salt length	32 bytes (random)
Hashcat mode	None (use btcrecover)
GPU speed (RTX 4090)	~200,000 H/s

Locating the Atomic Wallet data folder

Atomic Wallet data paths by OS

Windows: %APPDATA%\atomic\IndexedDB\file__0.indexeddb.leveldb\
macOS: ~/Library/Application Support/atomic/IndexedDB/file__0.indexeddb.leveldb/
Linux: ~/.config/atomic/IndexedDB/file__0.indexeddb.leveldb/

Make a complete copy of the entire atomic folder before proceeding. Never work on the live copy — the Atomic app may be holding file locks.

Extracting the encrypted seed from LevelDB

The IndexedDB database is stored as a LevelDB directory containing .ldb files, a LOG file, a MANIFEST-* file, and a CURRENT file. To read it you need a LevelDB reader — Python's plyvel library is the most reliable:

# Install plyvel
pip install plyvel

# Extract all Atomic Wallet encrypted seed entries
python3 << 'PY'
import plyvel, json, os

db_path = os.path.expanduser(
    "~/AppData/Roaming/atomic/IndexedDB/file__0.indexeddb.leveldb"
)

db = plyvel.DB(db_path, create_if_missing=False)
for key, value in db:
    if key.startswith(b"data-"):
        try:
            rec = json.loads(value.decode("utf-8", errors="ignore"))
            if "cipher" in rec and "iv" in rec and "salt" in rec:
                print(f"=== Found encrypted seed entry ===")
                print(f"Key:   {key.decode()}")
                print(f"Salt:  {rec['salt']}")
                print(f"IV:    {rec['iv']}")
                print(f"Nonce: {rec.get('nonce', 'N/A')}")
                print(f"Cipher:{rec['cipher'][:80]}...")
                print()
        except (json.JSONDecodeError, KeyError):
            pass
db.close()
PY

The output will show the base64-encoded salt, iv, and cipher values. Save these — they are the raw material for the password cracking step.

Running btcrecover against Atomic Wallet

Since there is no dedicated hashcat mode for Atomic Wallet, the most practical route is btcrecover with its built-in Atomic Wallet support:

# btcrecover with Atomic Wallet custom module
python3 btcrecover.py \
    --wallet-type atomic \
    --wallet-path ~/atomic-backup/IndexedDB/ \
    --passwordlist candidates.txt \
    --typos-capslock --typos-case \
    --dsw

# Or use the generic IndexedDB approach with custom extraction
# Build a dictionary from personal hints
hashcat --stdout -a 6 personal-words.txt ?d?d?d?d \
    | python3 verify-atomic.py extracted_seed.json

# GPU-accelerated custom script (PyCryptodome)
python3 << 'PY'
import hashlib, binascii, json
from Crypto.Cipher import AES

salt = binascii.unhexlify("...")   # from extraction
iv   = binascii.unhexlify("...")   # from extraction
ct   = binascii.unhexlify("...")   # from extraction

with open("wordlist.txt") as f:
    for line in f:
        pw = line.strip()
        key = hashlib.pbkdf2_hmac("sha512", pw.encode(), salt, 50000, 32)
        try:
            cipher = AES.new(key, AES.MODE_CBC, iv)
            pt = cipher.decrypt(ct)
            # Check PKCS7 padding
            pad = pt[-1]
            if 1 <= pad <= 16 and pt[-pad:] == bytes([pad]) * pad:
                print(f"PASSWORD FOUND: {pw}")
                break
        except Exception:
            pass
PY

Recovery feasibility

Feasible

• Password under 8 characters with known structure
• You remember 50%+ of the characters
• Password derived from personal words + year/digit
• Pre-2023 build (5,000 iterations, much faster)
• You have the full IndexedDB folder intact

Impossible

• Random 12+ character password with full entropy
• No IndexedDB folder (app uninstalled + data purged)
• Password manager generated string
• The Atomic Wallet was created on mobile only
• You remember nothing about the password

Step-by-step recovery guide

Stop Atomic Wallet immediately. Close the application so it releases file locks on the IndexedDB folder.
Back up the data folder. Copy the entire %APPDATA%/atomic/ directory to an external drive.
Install plyvel and run the extraction script above to locate the encrypted seed blob. Note the salt, IV, and ciphertext values.
Build a candidate wordlist from everything you remember: names, dates, places, pet names, favourite numbers, common suffixes, and keyboard patterns.
Run btcrecover with the Atomic Wallet module pointing at your backup folder. Let it run for 24-48 hours on a modern CPU or GPU.
If btcrecover fails, write a custom Python script using PyCryptodome that tests candidates with PBKDF2-SHA512 + AES-256-CBC. A GPU can accelerate this via CUDA if you port the KDF loop.
If still stuck, submit the backup folder to a professional recovery service. We accept zipped Atomic IndexedDB folders and run custom attacks against them.

When to give up and use the seed phrase

If you have your 12-word Atomic Wallet seed phrase anywhere — written down, in a password manager, or in a photo — stop the recovery attempt. Install Atomic on any machine, choose "Restore wallet," enter the 12 words, and all your coins will appear. The local password you forgot only protects the IndexedDB file on that specific computer; the seed phrase is the true master secret for every chain.

Need Atomic Wallet recovery help?

Upload your Atomic IndexedDB folder, tell us what you remember, and our GPU farm will attack it with custom tools. You pay only if we recover the password.

Submit Atomic vault Free format check

Related guides

Exodus, Atomic & Trust Wallet combined guide — comparison of all three wallets.
Exodus wallet password recovery — dedicated guide for Exodus .seco files.
btcrecover complete tutorial — how to use the primary tool for Atomic attacks.

Frequently asked questions

Where does Atomic Wallet store its encrypted vault?

Inside the Chromium IndexedDB database, backed by LevelDB, at %APPDATA%/atomic/IndexedDB/file__0.indexeddb.leveldb/ on Windows.

What encryption does Atomic Wallet use?

PBKDF2-HMAC-SHA512 for key derivation (5,000-100,000 iterations) with AES-256-CBC for the ciphertext. No dedicated hashcat mode exists.

Can I recover an Atomic Wallet password without the wallet file?

No. The encrypted seed is stored only in the local IndexedDB database. If the data folder is gone and you do not have the seed phrase, recovery is impossible.

What is the hashcat mode for Atomic Wallet?

There is no official hashcat mode. Use btcrecover with --wallet-type atomic or a custom Python verification script.

Is Atomic Wallet password recovery realistic?

Yes with good hints. Pre-2023 builds (5K iterations) are much faster to attack. Post-2023 (100K iterations) reduces GPU speed ~20x. Overall success rate is ~22% with useful password hints.