lost-my-walletrecovery.lab
Recover →
Solana wallet · 12 min read

Phantom Wallet Password Recovery

Phantom is the dominant Solana wallet, with over 7 million monthly users. It is structurally similar to MetaMask: an encrypted vault sitting in browser IndexedDB protected by your password. This guide explains how to locate the vault, the exact PBKDF2 + AES-GCM envelope, and how to brute-force forgotten passwords — plus the seed-phrase shortcut that makes the password irrelevant.

Phantom operates very similarly to MetaMask but on the Solana side: it stores your encrypted seed (or imported private keys) in browser extension IndexedDB. If you forgot the password but the browser profile is intact, recovery is feasible. If the browser was reset or the extension uninstalled, only the 12 or 24-word seed phrase can restore your wallet.

Quickest check: If you wrote down the 12 or 24-word seed at setup, do not bother with brute force. Reinstall Phantom, click "I already have a wallet", paste the seed, set a new password. The brute force flow only matters if both the password is forgotten AND the seed is lost.

How Phantom encrypts your seed

Phantom uses standard Web Crypto APIs. The encryption envelope is similar to MetaMask but with significantly higher PBKDF2 iteration count (~100,000 instead of 10,000), making brute force somewhat slower but still tractable.

// Simplified Phantom encryption
async function encrypt(password, plaintext) {
  const salt = crypto.getRandomValues(new Uint8Array(16));
  const key = await crypto.subtle.deriveKey(
    { name: "PBKDF2", salt, iterations: 100000, hash: "SHA-256" },
    passwordKey,
    { name: "AES-GCM", length: 256 },
    false,
    ["encrypt"]
  );
  const iv = crypto.getRandomValues(new Uint8Array(12));
  const ciphertext = await crypto.subtle.encrypt(
    { name: "AES-GCM", iv }, key,
    new TextEncoder().encode(JSON.stringify(plaintext))
  );
  return { salt, iv, ciphertext };
}

Vault locations on disk

BrowserVault location
Chrome (Windows)%LOCALAPPDATA%\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa\
Chrome (macOS)~/Library/Application Support/Google/Chrome/Default/Local Extension Settings/bfna.../
Brave (Windows)%LOCALAPPDATA%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\bfna.../
Edge (Windows)%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Extension Settings\bfna.../
FirefoxProfile/storage/default/moz-extension+++UUID/idb/*.sqlite
Phantom mobile (iOS)App container Documents (encrypted iTunes backup)
Phantom mobile (Android)/data/data/app.phantom/ (root or unencrypted ADB backup)

Always copy the entire LevelDB folder (*.log, *.ldb, MANIFEST-*, CURRENT). Do not open it while Chrome is running.

Extracting the vault interactively

  1. Open chrome://extensions/
  2. Toggle Developer mode (top right)
  3. Find Phantom, click "Inspect views: service worker"
  4. In DevTools, go to Application → IndexedDB → phantom_storage → keys
  5. Look for the entry holding encryptedKey — a JSON string with salt, iv, ciphertext
  6. Copy and save to phantom_vault.json

Brute-forcing with custom Python + GPU

# Verification function (CPU, slow but exact)
from hashlib import pbkdf2_hmac
from Crypto.Cipher import AES
import base64, json

vault = json.load(open('phantom_vault.json'))
salt = base64.b64decode(vault['salt'])
iv   = base64.b64decode(vault['iv'])
ct   = base64.b64decode(vault['ciphertext'])

def try_password(pw):
    key = pbkdf2_hmac('sha256', pw.encode(), salt, 100000, 32)
    cipher = AES.new(key, AES.MODE_GCM, nonce=iv)
    try:
        plain = cipher.decrypt_and_verify(ct[:-16], ct[-16:])
        return plain.decode()  # contains seed words
    except Exception:
        return None

for pw in open('candidates.txt'):
    result = try_password(pw.strip())
    if result:
        print("FOUND:", pw)
        print(result)
        break

# For GPU acceleration, btcrecover-experimental supports Phantom natively

GPU throughput estimates

GPUPBKDF2-SHA256 100k iter (H/s)100M candidates
RTX 4090~200,000~8.3 min
RTX 3090~120,000~14 min
RTX 3080~85,000~20 min
CMP 90HX~70,000~24 min
Solana drainer warning: Solana has been the #1 ecosystem for wallet drainers in 2024-2026. Fake Phantom recovery sites, malicious browser extensions impersonating Phantom, and Telegram "support agents" are rampant. Verify the official extension URL is https://chrome.google.com/webstore/detail/phantom/bfnaelmomeimhlpmgjnjophhpkkoljpa. Never share your seed phrase. See our scam taxonomy.

Recoverable vs not

Recoverable

  • • Vault still in browser IndexedDB
  • • Seed phrase written down
  • • Partial password memory + decent hint
  • • Old browser sync to another machine

Not recoverable

  • • Browser reset / reinstall, no seed
  • • Random 16+ char password, no fragments
  • • Mobile phone wiped, no backup
  • • Wallet drained by a phishing site (funds gone, not lost)

Related guides

Frequently asked questions

Where does Phantom store its vault?

Browser extension IndexedDB at Local Extension Settings/bfnaelmomeimhlpmgjnjophhpkkoljpa/.

What encryption does Phantom use?

PBKDF2-HMAC-SHA256 (~100k iterations) + AES-256-GCM.

Is there a hashcat mode for Phantom?

No dedicated mode yet. Use btcrecover or a custom PBKDF2+AES-GCM wrapper.

Can Phantom be recovered without the seed?

Only if the vault is still in the browser IndexedDB. Otherwise the seed is the only path.

Is the seed ever in plaintext?

Briefly in extension memory while unlocked. Not a practical recovery path.

GPU recovery for Phantom vaults

Extract the encryptedKey JSON, list any password fragments. Our farm runs the Phantom-specific PBKDF2 100k pipeline. You pay only on success.

Submit vault JSON Free format check