Solana Mobile Seed Vault Incident

Case Status: 🔴 Unresolved | Tickets: #65323967, #68880998 | Loss: ~$10,000 USD

Summary​

On January 2, 2026, I tapped an official Solana Mobile notification about my Genesis Token. The subsequent flow deleted my existing seed phrase from the Seed Vault without warning. This resulted in permanent loss of access to approximately $10,000 USD in cryptocurrency.

This was not phishing. This was not user error. This was official Solana Mobile software executing a destructive operation without adequate consent.

The Core Issue​

Full Correspondence Timeline​

January 2, 2026 — The Incident​

• Received official Genesis Token notification on Solana Seeker device
• Tapped notification (standard user behavior)
• Genesis token transfer flow executed
• Result: Existing seed phrase (wik.skr) deleted from Seed Vault
• Discovered loss of access to ~$10,000 USD in cryptocurrency

January 3-4, 2026 — Initial Report​

• Discovered wallet access lost
• Contacted Solana Mobile support
• Support requested bug report
• January 4, 18:36:15 — Generated device bug report: bugreport-seeker-AP3A.251025.110.A2-2026-01-04-18-36-15.txt
• Submitted bug report to support

January 5-18, 2026 — AI Support Loop​

• Received responses from AI agent "Sunny"
• AI provided generic troubleshooting for "renaming" issues
• Repeatedly clarified: the seed was deleted, not renamed
• Stated I am a developer who understands how seed phrases work
• Requested human agent/engineer review of bug report
• No technical follow-up received

January 18, 2026 — Initial Ticket Created​

• Support ticket #65323967 created
• Marked as URGENT wallet loss
• Bug report attached

January 22, 2026 — Escalation Acknowledged​

• AI agent Sunny finally acknowledged need for human agent review
• Noted Saga device reached "end of support" (but this is a Seeker — current device)
• Confirmed bug report already submitted
• New reference number #68880998 created
• Promised support agent would respond
• My response: "I have heard this before."

January 25-26, 2026 — Human Agent Contact​

• Human agent "S" from Solana Mobile replied
• Immediately asked: "please provide a detailed description of the issue"
• My response: "Cmon are you kidding me? I have sent this through many times already."
• Agent S confirmed: "I am a human agent"
• Reiterated request to summarize issue in single message
• Context from previous correspondence apparently not accessible to human agent

February 1-3, 2026 — Support Loop Continues​

• AI agent Sunny sent automated warning: ticket would auto-close without response
• I responded, noting issue was escalated a month ago
• February 3 — Human agent S replied again: "To assist you better, could you please provide the information requested above? Thank you!"

February 4, 2026 — Public Documentation​

• Published this page for accountability and visibility
• Case remains unresolved after 33 days

Why This Is a Product Defect​

1. Notifications Should Not Trigger Catastrophic Loss​

Users reasonably expect that tapping a notification will display information — not execute an irreversible destructive operation.

2. No Explicit Consent for Key Deletion​

Industry standards require explicit, unmissable consent before destroying cryptographic material:

• NIST SP 800-57: Key destruction must be auditable and explicitly authorized
• OWASP Mobile Security Guidelines: Cryptographic operations require user confirmation

3. "Self-Custody" Defense Does Not Apply​

The standard response to crypto loss is "you should have backed up your seed." This case is different:

• The seed was stored in Solana Mobile's Seed Vault
• Solana Mobile's software deleted it
• The user took a normal action (tapping a notification)
• The system executed a destructive operation without warning

This is a product defect, not a backup failure.

4. Confirmed by Third Party​

Solflare support independently confirmed:

"transferring the Genesis token deletes the previous Seed it was assigned to"

This is not speculation. This is how the flow was designed.

Support Experience Summary​

The Loop​

User explains issue → AI gives generic response →
User requests human → Human asks user to re-explain →
User explains again → AI warns ticket will close →
Human asks user to re-explain again → ...

Technical Evidence​

Device Information​

Bug Report​

• Filename: bugreport-seeker-AP3A.251025.110.A2-2026-01-04-18-36-15.txt
• Generated: January 4, 2026, 18:36:15
• Size: 65MB
• Status: Submitted to support, no technical analysis received

Key Finding from Logs​

01-04 17:58:21.665 START {act=android.intent.action.VIEW
  dat=seedvaultui://settings/...
  cmp=com.solanamobile.seedvaultimpl/.MainActivity}

• Confirms Seed Vault accessed via official deeplink
• Official Solana Mobile components involved
• No malicious third-party apps found

What I'm Asking For​

1. Technical Investigation Report — Does the original seed exist anywhere in secure storage? What exact sequence triggered the deletion?
2. Written Acknowledgment — That the Genesis token flow lacked adequate warnings for a destructive operation
3. Fair Compensation — For loss directly caused by product behavior (~$10,000 USD)
4. Remediation — Documentation of steps taken to prevent this affecting other users

For Other Seeker Owners​

If you haven't interacted with the Genesis Token flow:

1. Back up your seed phrase first — verify you have it written down and accessible
2. Be aware this flow may delete your existing seed without warning
3. If you've experienced similar — contact me

Updates​

This page will be updated as the case progresses.

Contact​

Matt Mischewski matt@dreamineering.com LinkedIn

This page exists because public accountability sometimes succeeds where support tickets fail. I would prefer to resolve this directly with Solana Mobile. If you're from the Solana team and want to discuss, my contact is above.