Phantom, a leading crypto wallet on the Solana blockchain, stated that a recently reported vulnerability does not pose a risk to user funds, following criticism from a security researcher known as @CloakdDev.
In a public statement, Phantom apologized for communication delays and emphasized that it remains committed to security. It added:
“We believe it does NOT make user funds vulnerable in any way.”
However, Phantom did not provide further technical details or a timeline for any potential action. Similarly, Cloakd has also refrained from providing any technical details about the alleged vulnerability.
The dispute
The dispute became public on social media on Jan. 21 after Cloakd expressed frustration with Phantom’s response. The research stated in a social media post:
“At this point, it’s becoming a joke – I can’t even get a response from their security team in terms of an update.”
The researcher characterized the delay as concerning for a platform of Phantom’s scale and reach.
Following Phantom’s response, Cloakd countered the wallet’s claim, asserting that the vulnerability “directly puts user funds at risk.”
They urged Phantom users to take precautionary measures, including backing up their seed phrases and considering alternative wallets.
The researcher advised:
“Move to a different wallet as they clearly don’t take user security seriously – painfully obvious from this exercise.”
The situation has sparked significant concern among users, with many questioning how wallet providers should balance transparency with ensuring security. Some community members sought advice from Cloakd on the severity of the risk and how to safeguard their assets.
Cloakd’s recommendation to migrate to other wallets reflects growing dissatisfaction with how the issue has been handled.
