The Unique Journey to Unlock a Donation through Private Key Recovery
Last week, an unexpected message reached me, shedding light on a community member’s dilemma with his hardware wallet. The message brought renewed hope, a chance to reclaim something that seemed irrevocably lost.
“Eddie, I’m here again. It’s been a while since I lost about a half of a bitcoin in a wallet where I lost the private key. Talking with the BLOCO community, the idea came up to get in touch with you to conduct a live broadcast trying to crack the key. If we manage to access the funds, I am willing to donate the amount to the Morning Crypto. It would be great to discuss more details about this idea. We have exchanged some messages before, but we never had the opportunity to speak personally, which would be a great honor and pleasure.”
The proposal was audacious, but the promise of a generous donation to my daily show, Morning Crypto, ignited a flame of enthusiasm in me. However, I knew the journey wouldn’t be easy. The process of recovering the private key is fussy, and live streaming could expose sensitive information to the public.
With over 25 years of experience in cybersecurity and a passion for solving cryptographic puzzles, I was more than ready to accept the challenge. Over the years, I participated in several black box pentest challenges and searches for hidden bitcoins, finding success on several occasions.
The first step was to gather all possible information about the wallet, including the address where the funds were deposited and any fragment of the seed he still possessed. Fortunately, he had noted down some words, although three of them were not listed in the BIP39, suggesting a possible notation error during the initial setup of the Ledger Nano wallet.
I knew I needed to explore all possibilities in a world where every detail could be the key to solving a mystery. Based on the extensive documentation available on how Ledger works with BIP39 and digit verification validation, I began to develop a plan.
I turned to online resources and my own arsenal of old codes to create a Python script that could speed up the process. Inspired by a similar challenge proposed by Alistair Milne on Twitter a few years ago and solved by John Cantrel, I began coding, focusing on three crucial aspects: the deposit address of the funds, the incomplete seed, and the type of hardware wallet used.
During the process, I realized that Ledger had a peculiarity that could be seen as a UX flaw: some words looked very similar on the display, enabling mistakes by the user.
I dedicated a significant amount of time to researching paronyms that could create confusion on the Ledger interface by identifying potential candidate words that could save valuable processing time.
Following an initial phase of detailed preparation, I began coding and developing multiple script versions to enhance performance and efficiency, exploring techniques ranging from parallel processing to GPU utilization. The second iteration of the script incorporated the process into threads; however, it did not perform satisfactorily on my computer. The third version, in turn, employed parallel processing, a strategy that proved to be quite promising, especially when considering implementation in a distributed infrastructure.
Although later discarded, the final conception aimed to execute all operations on the GPU, initially through PyTorch-cuda and later using OpenCL on my Linux system. This approach, however, would require a considerable investment in the development of kernels for SHA256, as well as for the BIP32 and BECH32 protocols. Despite the magnitude of the task — over 8.5 billion interactions, specifically 8,589,934,592, a figure significantly smaller than the challenge faced by John Cantrel (1 trillion interactions) — I kept confidence that, with the identification of promising paronyms, it would be possible to reduce several million potential interactions.
The journey was arduous, with several attempts failing to find the correct wallets. However, with persistence and gradually expanding the search scope, I finally found a list of valid candidate seeds containing over 10.7 million native Segwit addresses.
The moment of truth arrived, and with a pounding heart, I executed the search script. Emotion took over when the addresses were successfully found, marking the end of an intense weekend and the beginning of a well-deserved celebration.
The full code is open-source and can be found on my Github.
Conclusion and Valuable Tips
This journey not only resulted in achieving victory but also served as a powerful reminder of the importance of security and self-custody in the world of cryptocurrencies. To help avoid such dilemmas in the future, I would like to share some tips that I highlight frequently on Morning Crypto:
- As discussed in some episodes, always write down your seed words on paper, preferably on metal.
- After setting up your hardware wallet, reset it and recover the entire seed to avoid situations like the one described above.
- Consider having more than one hardware wallet for contingencies.
- Keep backups of your seed in different places; a single copy is insufficient.
- Remember: “Not your keys, not your coins”. Exchanges are neither banks, secure wallets, or your friends.
- Practice self-custody of your Bitcoin, an essential tool to preserve your freedom, self-sovereign and financial autonomy in the digital world.
I would like to express my deep gratitude to the generous community member who trusted me to solve this challenge.