+1 (888) 440-2404

Gendannelse af stjålet kryptovaluta: hvordan DriveSavers genskabte en Trezor-seed phrase ud fra 10 manglende ord

Gendannelse af stjålet kryptovaluta:

Hvordan DriveSavers genskabte en Trezor-seed phrase ud fra 10 manglende ord

Enhed:
Trezor hardware wallet

Udfordring:
Genskabe 10 manglende ord i gendannelses-seed phrase

Gendannelsesproces:
Retsmedicinsk videoanalyse og proprietær software til gendannelse af kryptovaluta

Endelig gendannelsesindsats:
5 timer med 28 milliarder forsøg pr. sekund

Resultat:
Alle kryptovalutaaktiver blev gendannet, før tyvene kunne få adgang til wallet’en

DriveSavers’ kryptogendannelsestjenester kombinerede retsmedicinsk videoanalyse med proprietær gendannelsessoftware for at løse et brute force-problem, der oprindeligt blev vurderet som beregningsmæssigt umuligt.

Baggrund

Tyve stjal en pengeskab, der indeholdt både en Trezor hardware wallet og et papir med dens 20 ord lange gendannelses-seed phrase. Kunden havde en kopi af de første 10 ord. De resterende 10 skulle genskabes hurtigt. Uden den fulde frase havde kunden ingen mulighed for at gendanne wallet’en på erstatningshardware og sikre midlerne, før tyvene kunne tømme den.

En Trezor hardware wallet er beskyttet af en PIN-kode på selve enheden, men den 20 ord lange gendannelses-seed phrase er hovedbackup’en. Enhver med den fulde frase kan gendanne wallet’en på ny hardware og flytte midlerne. At genskabe frasen var kundens eneste mulighed. For tyvene var papirbackup’en den nemmeste vej til det digitale aktiv — pengene.

Hvorfor standardgendannelse ikke var mulig

Denne Trezors seed phrase var afledt af SLIP-0039 Shamir-backupordlisten, som indeholder 1.024 mulige ord. Med 10 kendte positioner, der manglede, var antallet af mulige kombinationer astronomisk, hvilket gjorde direkte brute force upraktisk.

På standardhardware ville brute force af de 10 manglende ord tage cirka 803 billioner år. Selv med en billion forsøg i sekundet ville søgningen vare omkring 40 milliarder år. En rå søgning var ikke en farbar løsning. Søgerummet skulle indsnævres betydeligt, før højhastighedsberegning kunne bygge bro over kløften.

Baseret på overvågningskameraoptagelser

Kontorets overvågningskameraer optog kunden, mens han skrev seed phrase. Optagelsen var den eneste tilbageværende dokumentation af de manglende ord.

Et eksternt team for retsmedicinsk videoanalyse havde allerede gennemgået optagelsen og fastslået, at opløsningen var for lav til at identificere nogen af de manglende ord. Intet i videoen viste pen på papir tydeligt nok til at kunne læse teksten.

DriveSavers’ ingeniører gennemgik optagelsen igen, bekræftede de samme læsbarhedsbegrænsninger og undersøgte, hvad den ellers kunne vise. Mange af ordene blev skrevet, mens kundens hånd næsten var helt uden for kamerabilledet. For de ord, der var synlige på optagelsen, varierede synligheden. Spidsen af kundens hånd var synlig ved nogle få ord. Ved andre var en del af tommelfingeren synlig.

Optagelsen viste tydeligt en del af det trykte Trezor-gendannelseskort, som gav et ensartet tegnraster for hver ordposition; nogle markeringer, der lignede tegn, viste sig dog blot at være blækudtværinger.

Indsnævring af søgerummet

Det trykte Trezor-gendannelseskort fungerede som et pålideligt ankerpunkt og reducerede antallet af mulige kandidater for hver ordposition fra 1.024 til omkring 200 baseret på tegnlængde.

To interpret the limited hand motion visible in the video, the team asked the client for separate handwriting samples. The client’s way of forming letters proved distinctive. Certain letters were written top to bottom, others bottom to top. One had a preliminary loop that wasn’t part of the letter itself. Another had a shape closer to a lightning bolt than a typical curve.

For positions where partial hand motion was visible, engineers used these patterns to eliminate incompatible candidates from the SLIP-0039 word list. Identifying Word 11, combined with accelerated hardware, reduced the remaining brute-force estimate from 803 trillion years to 33 years. Word 13 reduced it further to 59 days. By Word 15, the remaining combinations were within computational reach.

Word 16

Word 16 introduced a critical ambiguity. The Trezor recovery card showed 8 character boxes for that position, but the video suggested the client had written only 6. Because SLIP-0039 words are fixed, using the wrong character length would eliminate the correct answer entirely. The team worked through the evidence and concluded the real word was most likely 6 characters. Two of the marks on the backup paper had likely smudged into each other, creating the appearance of additional characters.

Rather than relying on a single uncertain assumption, the team locked in only high-confidence constraints and allowed the recovery software to evaluate the remaining valid candidates.

Completing the Recovery

At this stage, the remaining uncertainty was small enough to make computation viable. With the high-confidence words locked in and the remaining pool narrowed, DriveSavers proprietary cryptocurrency recovery software executed the final brute-force effort at 28 billion guesses per second. The correct seed phrase was identified in 5 hours, enabling successful wallet recovery.

From there, the wallet was restored on replacement hardware and the cryptocurrency was transferred to a secure wallet before the thieves could act.

“Brute-forcing the 10 missing words would have taken over 800 trillion years on standard hardware, so we had to find another way. The video was too blurry to read the words, but we could see the client’s hand move. Once we matched those movements against the word list Trezor uses, the final verification ran at 28 billion guesses per second and identified the correct phrase in five hours, after weeks of forensic analysis and search-space narrowing.”

Mike Cobb

Director of Engineering, DriveSavers Data Recovery

Other Recovery Scenarios

Most cryptocurrency losses stem from a handful of scenarios: a stolen wallet, a partial seed phrase, a forgotten password, a corrupted wallet file, or a physically damaged storage device. Some of these scenarios are recoverable. Others are not. Each depends on the specific failure conditions.

DriveSavers crypto recovery experts handle partial and damaged seed phrases, lost crypto wallet passwords, corrupted wallet.dat files, hardware wallet PIN recovery, and physical damage to storage media containing wallet data. The approach shown in this case combined forensic video analysis and proprietary recovery software. That combination fits a specific and uncommon set of circumstances for crypto asset recovery.

To recover cryptocurrency, or to discuss a partial seed phrase, contact DriveSavers Crypto Recovery Services at 1 (800) 440-1904.

Related Posts

Senior marketingchef hos DriveSavers
Skriver du om DriveSavers, datagendannelse eller et andet teknologirelateret emne?
Kontakt os.

Twitter
Back To Top
Search