Ex-Ripple CTO is in no hurry for his 7,002 Bitcoin

Stefan Thomas is a Bitcoin multimillionaire - in theory. He has lost his password. He has two attempts left. Developers have now found a method to find out. But Thomas, who by the way is the former CTO of Ripple, blocks it himself.

In 2011, software developer Stefan Thomas published a YouTube video about the still-unknown cryptocurrency Bitcoin. A fan sent him 7,002 Bitcoin as a thank-you gift. The gift, which was worth several thousand dollars at the time, was stored on an IronKey USB stick. These are considered particularly secure. After ten incorrect password attempts, the contents are deleted. It is suspected that Thomas, CTO at Ripple between 2012 and 2018, misplaced the bill with the password and no longer has access to the assets, which are now worth $240 million. He has already made eight failed attempts, with two more to go.

The IT company Unciphered now claims to have developed a new procedure that bypasses the lock. But it seems Stefan Thomas is in no hurry at all.

Not your keys, not your coins

It sounds like the long-awaited breakthrough: the developers of Unciphered claim to have found a method to bypass the password function of the particularly intractable IronKeys, which is limited to ten attempts. As proof, they cracked the password lock of an editor of the tech magazine Wired. It would have taken 200 trillion attempts by a powerful computer. In the end, however, they found the three-word passphrase.

They approached Stefan Thomas, whose business has been well-known in the cryptoscene for several years, with the success story. But to their surprise, they fell on deaf ears: Even before contract negotiations could begin, Thomas refused. Two other companies had already received orders and were given priority, even though they had not yet found the technology for it. After twelve years of waiting, he seemed to have enough patience.

"We got in."

In a public letter, the company Stefan Thomas has now again offered help. In it, they also hint at how they managed to crack the password. They do not go into details - professional secrecy. But also because "most devices certified for this level of protection are used to store sensitive government data". IronKey was in fact co-funded by the U.S. Department of Homeland Security. Its intended use was for the U.S. government, military and intelligence agencies.

"We started by reverse-engineering all the communication protocols between the chips, then the controller firmware and cryptographic implementation details, and finally we merged all aspects of the device's operation," they said succinctly. Millions of dollars have been invested in building the technological and legal infrastructure. The tech magazine Wired gained insight into the test setup.

A USB flash drive was scanned using computed tomography and divided into individual parts. The chip was cut with a laser cutter and dipped in nitric acid, then the epoxy layers were removed. The chip was sanded with silica solution and a felt pad, and each layer was photographed with an optical microscope or a raster electron microscope. The developers repeated the process until they could create a complete 3-D model of the processor.

"We then researched everything we knew about the device and used the expertise of some of the best hardware hackers, crypto experts and exploit developers in the industry to look for signs of vulnerabilities", explains Unciphered. "After we accomplished this feat the first time, we trained and practiced. We had to make sure that every aspect of the hack was repeatable. And since then, we have repeated this process thousands of times."

More than three million Bitcoin lost

Even if Stefan Thomas does not take up the offer, there are countless peers who could use the new method to recover Bitcoin they lost. Especially in the early years, when it was not foreseeable that much money could be made from Bitcoin, passwords were handled carelessly. The analysis company Chainalysis estimates that 3.7 million Bitcoin were lost forever. If the new method proves successful, there may still be hope for these individuals.