OS users recently faced severe access issues with the Phantom wallet, a non-custodial cryptocurrency wallet on the Solana blockchain, following its software update. The update reset the app and required the user to input their recovery phrase again. This glitch has caused significant financial losses in this regard, as far as the claims made by users who lost access to funds reaching hundreds of thousands of dollars.
Details of Glitch
Reports from users showed that the update reset Phantom wallet, effectively making it impossible for users to access their accounts. One user reported losses of about $600,000 while several others confirmed their losses to range between $10,000 and $100,000.
The pervasiveness of these reports created demands for restitution against Phantom, though the company has argued it is a noncustodial wallet, hence it does not keep user recovery phrases or access funds stored within the wallet.
Phantom's statement confirmed that "only a small number of iOS users" were affected. An updated version of the app was released after the incident, which should prevent more users from experiencing the issue. The company urged users to back up their recovery phrases in the statement and apologized for the inconvenience experienced by those affected.
Non-Custodial Wallets Implications
The case of the Phantom wallet points to broad risks that are naturally embedded in the concept of a non-custodial wallet, where full access to private keys and recovery phrases directly belongs to the users. Such a structure empowers the user even more but, as a consequence, all security responsibility falls on them. Besides giving the user greater freedom, it places the entire security responsibility on the user alone. When one loses recovery phrases, for instance, access to funds can become irretrievable, especially for less tech-savvy users.
This has revived questions, within the cryptographic community, about the need for better recovery options. Non-custodial wallets bring greater security against the influence of external threats but expose users to risks inherent in their carelessness. For instance, Ledger, one of the big hardware wallet producers, has just introduced the Ledger Recover service to offer a paid way of securely backing up the recovery phrases. However, this facility has received its share of criticism due to alleged privacy risks that might allow manufacturers to access sensitive data required for the execution of money transfers.
While Phantom's quick response to the incident may restore confidence in its users, the ramifications it has for non-custodial wallets will ensure that conversations of security and recovery solutions remain very loud and clear in the crypto community for much longer.
