This tool was written by MetaMask co-founder Dan Finlay, and has recently been updated to be much more user-friendly. The decryptor can be accessed in a web page here:
https://metamask.github.io/vault-decryptor/
If you're concerned about someone having access to your computer over the Internet, you can load this page, and then disconnect your internet connection; it will work offline. You can even download the code and run it on your machine, if you want to. The repository is here.
Step Two: Locate your vault
When you load the tool, the easiest method by far of using it will be to click on "Database backup", then "Choose File":
At this point, a file explorer window will open, and you'll need to find the vault.
In Windows 10 or 11, you should be able to find the location of the vault by going to this folder location (you need to be able to see the hidden files):
C:\Users\USER_NAME\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
On a Mac, the location of the folder should be:
\Library>Application Support>Google>Chrome>Default>Local Extension Settings>nkbihfbeogaeaoehlefnkodbefgpgknn
If you're having trouble finding this location, try the following:
- Open a Finder window.
- Select Go -> Go to Folder... in the menu bar.
- Type
~/Library
in the input field and click Go.
In that folder you'll see a file called 000003.ldb or something similar--the specific number may differ, but it should be a low numerical value, like 000005 or 000004. If it is a larger number, it is not the vault:
If you do try to decrypt a file that's not a vault, this will be the result:
Handling multiple vault files
If you have imported multiple SRPs into MetaMask on this system--and many of us have--you may have multiple vault files. You can decrypt each one, so long as you know its corresponding password.
If you imported an SRP into MetaMask, and "lost" the SRP you had in MetaMask previously, that old SRP's vault file may still be on your system. You may be able to recover it using this process, so long as you know the password.
If you have an idea of what your password was, but can't quite remember, you might want to try using btcrecover, a tool designed to help people manage and recover cryptographic keys. Specifically, it has functionality that automates the process of trying lots of different variations of a password. For an idea of what this process involves, check out this chapter of a btcrecover video tutorial.
When handling multiple vault files, keep in mind that they will likely have different numbers, although again, they should be low-value numbers, as stated above. Another important consideration is whether you used MetaMask in different browser profiles. If this is the case, or you think it may be, then it's worth looking. On Windows, this is a few levels up in the folder structure:
C:\Users\\\your-user-name-here>\AppData\Local\Google\Chrome\User Data
In that directory, you should see a set of folders, one for each profile created:
Within each of those directories, navigate to Extensions, and you'll see the familiar MetaMask extension ID. Follow the same instructions as above with each one of your profiles until you find the vault you're looking for. Within each of those directories, navigate to Extensions, and you'll see the familiar MetaMask extension ID. Follow the same instructions as above with each one of your profiles until you find the vault you're looking for.
Tip: If you're handling a lot of different vaults, you should probably make a list of which one is where, and which password goes to which!
Step Three: Decrypt the vault
This part is easy, so long as you know your password. Simply put in your password, hit "Decrypt", and your Secret Recovery Phrase should appear below the box:
Now: back up your SRP, in the order in which the words appear on the screen, somewhere safe.
We recommend multiple copies in physical locations, or encrypted, non-Internet connected locations that you trust to be safe.
If you want to know more about a common form of key storage, hardware wallets, follow our guide here.
Now that you have your SRP, you can proceed to import your SRP into MetaMask and restore access to your accounts.