One of the disadvantages of cryptography is the high cost of user error. If someone loses the keys to their crypto wallet, they can lose access to their crypto holdings forever.
Fortunately for them, there is a growing domestic industry of wallet recovery services, the kind of dark arts practitioners that are used to help recover lost money. Currently, the most popular method is called “brute-forcing”, where recovery experts use a cryptographic technique that involves using as many passwords as possible to bomb the wallet, hoping Guessing is probably a good one.
But there’s a new trend in crypto security that’s more suited to finding ways to hide. Unenciphered, a wallet recovery project based in San Francisco that was founded in 2021, focuses on the implementation of wallets by analyzing software and cryptographic vulnerabilities.
The latest lawsuit emerged on Friday after it was revealed that Unciphered had breached the popular OneKey hardware wallet earlier this year by extracting private keys using a vulnerability in the software – an embedded program that provides machine instructions. OneKey disclosed the vulnerability in a statement, acknowledged Unciphered’s role in discovering the vulnerability, and said it quickly fixed the problem.
“Software ages like milk,” said Chris Wysopal, a computer security expert and consultant at Unciphered. “At some point, I don’t care how good the defense system is. It may take months, it may take years, but someone will find a problem with that. Because it’s not enough.”
The report reminds that although crypto wallets are often seen as the most secure and independent means of keeping digital assets in centralized exchanges, users are sometimes left alone when things go wrong. good and small.
How much money is lost? Chainalysis, a blockchain research firm, reported that up to 23% of bitcoin (BTC) could be lost forever due to a lost or forgotten key – a password consisting of a string of letters and numbers that allows you to access and manage cryptocurrencies. This equates to around 3.79 million BTC, or nearly $90 billion, a staggering figure that represents nearly one-tenth of the coin’s total market capitalization all crypto. “A lot of the nonsense happened in Bitcoin early on, in the early years of crypto,” Kimberly Grauer, director of research at Chainalysis, told CoinDesk.
First stats on Ether (ETH), the second largest cryptocurrency by market capitalization, are hard to come by. However, data provided to CoinDesk by Crypto Asset Recovery shows that 7% of pre-sale traders have not exchanged crypto – suggesting that the ETH in these wallets is sitting there, untouched, as it is that he lives. Ethereum blockchain in 2015. That’s 621 of 8,893 wallet addresses, or 521,574.608 ETH (about $875 million today). Read more: Meet the Artist Unlocking Forgotten Crypto Wallets
A bug can also lock your crypto
Some users may lose money through no fault of their own, but due to flaws in the underlying code of the wallet. In such cases, getting help from a recovery professional can be like hiring a private investigator to look for signs. “Some of our work is reducible to forensic work or has significant digital forensics equipment,” Frank Davidson, co-researcher and chief security officer of Unciphered, told CoinDesk.
One of the biggest cases in Unciphered involves the old version of ethereumwallet.com, which was founded by Ethereum blockchain founder Anthony Di Iorio. The Unciphered team is trying to recover a client’s wallet that cannot connect to their EthereumWallet even though they have the correct seed (recovery) password and private key.
Unciphered analyzed the code and found a vulnerability in the wallet that affected a large number of users. “Helping this customer helped us find this bigger problem,” Unciphered co-founder Eric Michaud said in an interview with CoinDesk.
In this type of EthereumWallet, known as a wallet, Michaud said that his company can find more than 15,000 ETH (about $ 25 million). After this discovery, Michaud realized that Unciphered could get money back for many customers who locked their crypto in their EthereumWallets. If there are many people who do not have access to these wallets, Unciphered wants to help those people get their money back.