Phantom logo

Phantom

software wallet
Operational
Visit website

Phantom is a non-custodial software wallet for Solana, Ethereum, and Bitcoin, founded in 2021 with no confirmed system breaches; a lawsuit was filed in 2025.

Platform Information

Founded

2021

Headquarters

San Francisco, United States

Open Source

No

Two-Factor Authentication

No

Custodial

No

Platforms Supported

ChromeFirefoxBraveEdgeiOSAndroid

Supported Chains

SolanaEthereumPolygonBitcoin
non-custodialbrowser-extensionsolanamulti-chainself-custody

About Phantom

Phantom is a non-custodial software wallet founded in 2021 and headquartered in San Francisco. Originally built for the Solana blockchain, it has since expanded to support Ethereum, Base, Polygon, Sui, and Bitcoin. As of 2025, the wallet reports over 8 million active users globally.

Security

  • Non-custodial: Private keys are generated and stored on the user's device. Phantom does not hold or have access to them.
  • Transaction simulation: Phantom decodes and previews transactions before a user signs, helping to identify malicious requests.
  • Domain blocklist: Maintains a block list of over 50,000 known malicious domains and flags risky requests with approximately 95% accuracy.
  • Biometric authentication: Supported on mobile devices as an unlock mechanism.
  • Bug bounty: Rewards up to $50,000 for qualifying security disclosures.
  • Third-party audits: Audited by Kudelski Security and Least Authority.
  • Closed source: The wallet's codebase is not publicly available for independent review.

Regulation

Phantom Technologies Inc. is not registered as a money services business with FinCEN or licensed by the FCA. As a non-custodial wallet, it does not typically fall under US MSB registration requirements. In March 2026, Phantom received a CFTC no-action letter permitting it to facilitate user access to regulated derivatives markets without registering as a futures commission merchant or introducing broker. Phantom also submitted written comments to the SEC's crypto task force in June 2025.

Incident History

  • August 2022: Approximately 8,000 Solana wallets were drained across multiple providers in a widely reported incident totalling around $5 million. Phantom's infrastructure was not compromised. Investigators attributed the root cause to the Slope wallet application, which transmitted user seed phrases to Slope's servers in plain text. Phantom users affected were those who had previously imported Slope-generated accounts.
  • January 2025: A developer reported the theft of approximately $500,000 in Wiener Doge tokens from their Phantom wallet. A lawsuit filed in April 2025 by 14 plaintiffs alleges that private keys were stored insecurely in browser extension memory, enabling the theft. Phantom has denied the claims as without merit.
  • February 2025: A phishing campaign distributed fake wallet update pop-ups targeting Phantom users via browser injection, attributed to a third-party attacker rather than any breach of Phantom's own infrastructure.

Security & Score

70

Platform Safety Score

70/100Fair

Based on incident history, security features, and track record

Security Features

transaction simulation and previewmalicious contract warningsDNS spoofing detectionphishing site detectionbiometric authenticationbug bounty (up to $50,000)third-party audits (Kudelski Security, Least Authority)

Incident History

No incidents recorded for this platform.

Frequently Asked Questions

Do you use Phantom?

Check how it affects your portfolio health score and get personalised risk insights.

Check your health score