blockchainsolanaphantom-wallet

What standards does Phantom Wallet use for mnemonic to keypair generation?


I'm currently working on a project involving the Solana blockchain and I am trying to understand the standards that the Phantom Wallet uses to generate a keypair from a mnemonic phrase.

In my project, I've been using the BIP39 standard to convert the mnemonic to a seed, and then creating a keypair from the first 32 bytes of that seed, as shown below:

const mnemonic = "sample mnemonic phrase...";
const seed = bip39.mnemonicToSeedSync(mnemonic, ""); // (mnemonic, password)
const keypair = Keypair.fromSeed(seed.slice(0, 32));

This method works well for most cases, but when I try to use a mnemonic generated from the Phantom Wallet, I don't get the correct public key.

I am suspecting that Phantom might be using different standards (like BIP32, BIP44 or SLIP39) or a different derivation path.

Can anyone shed some light on the following:

What standard or method does Phantom Wallet use to convert a mnemonic phrase to a seed? How does Phantom Wallet derive the keypair from the seed? Is there a specific derivation path used? Is there an additional passphrase or salt used that I might need to account for in my code? Any help or guidance will be greatly appreciated. Thanks in advance!


Solution

  • Phantom uses a few possible derivation paths:

    For all of these, <NUMBER> can be anything starting with 0

    The full information is available at https://help.phantom.app/hc/en-us/articles/12988493966227-What-derivation-paths-does-Phantom-wallet-support-