Phantom wallet update glitch leads to losses for some iOS users

A buggy update to the Solana-based Phantom wallet caused many iOS users to lose access to their funds due to the app resetting and crashing.

On November 13, several users began reporting that a new update completely reset the wallet and asked users to log in again using recovery phrases. Caught off guard, many users reported losing access to their funds.

One user claimed losses of $600,000, while others reported amounts between $10,000 and $100,000, prompting calls for refunds. However, since Phantom operates as a non-custodial wallet, it does not store users’ recovery phrases or provide access to their funds.

In a non-custodial setup, only users hold the wallet keys, which provides more control but also gives them full responsibility for securing recovery phrases.

Initially believed to affect all users, Phantom later confirmed that the issue only affected a “small number of iOS users.” According to the post-incident announcement, the wallet provider said it has released a new update that will prevent the bug from “affecting additional users.”

While Phantom did not disclose how many users were affected, it asked users to backup their recovery statements and issued an apology for the incident.

“We are committed to making sure this doesn’t happen again,” the firm wrote.

Phantom advised users to contact its support team for further assistance.

This follows another setback to the wallet in late October, when a surge in activity on the Grass token airdrop caused an outage of approximately three hours. Users reported erroneous balances and transaction issues, which Phantom attributed to backend strain from high demand.

Seed sentence recovery services

Losing recovery phrases, forgetting to backup, or misplacing the backup has always been a problem among less tech-savvy users in the crypto space. This has spurred the creation of recovery services, similar to backup options in traditional finance, to help make recovery statements a little easier to manage.

For example, hardware wallet maker Ledger launched its controversial Ledger Recover service in 2023. This paid, optional subscription service aims to provide users with a secure seed backup solution.

But community members have raised privacy concerns, fearing that the service could give the manufacturer access to sensitive information needed for fund transfers.

By contrast, earlier this year the DeRec Alliance announced plans to create open standards for secure recovery through a decentralized approach, leveraging a protocol that shares secrets between designated organizations without revealing private information.