Key skills
TypeScriptNode.jsHermes JavaScript runtimeWebAuthnMulti-factor authentication (MFA)One-time password (OTP)OAuth2OpenID Connect (OIDC)CryptographyKey management systemsWeb3 wallet developmentSoftware testing - unit, integration, end-to-endSystem designDebuggingProduction reliabilityRustRails
About this role
Phantom is a modern money app used by tens of millions globally, aiming to simplify and enhance consumer finance through crypto-powered tools. The role focuses on the Identity Platform, responsible for critical authentication processes and ensuring secure, reliable user experiences.
Responsibilities:
- Own and evolve the signing path for every transaction in Phantom
- Build and harden authentication, unlocking, biometrics, and account access flows across web and mobile
- Ship passkeys (WebAuthn) and MFA improvements with a strong security/usability balance
- Own onboarding and key lifecycle flows: key generation/derivation, seed phrase flows, seedless registration, hardware wallet pairing
- Own sensitive key export/import experiences and related safety rails
- Write and maintain high-signal, non-flaky tests (unit/integration/e2e) for critical paths; ensure safe rollouts via monitoring and staged releases
Requirements:
- 7+ years of experience
- Strong TypeScript skills; comfortable shipping code across browser, Node.js, and mobile JS runtimes
- Proven ability to build high-signal, low-flake test suites for critical systems
- Familiarity with auth concepts and common mechanisms (sessions/tokens, MFA/OTP, WebAuthn/passkeys)
- Strong engineering fundamentals: system design, debugging, and production reliability
- Deeper experience with OAuth2/OIDC, WebAuthn internals, cryptography, or key management systems
- Web3/wallet or signing-flow experience
- Security- or money-adjacent experience (identity, payments, custody)
- Rust experience (or strong interest in learning it)