CustodyStress
Archive › Browse by halving cycle and stress › Halving Cycle 3 (2017–2020) — Vendor lockout
Part of the CustodyStress archive of observed Bitcoin custody incidents
Cycle 3Vendor lockout

Halving Cycle 3 (2017–2020) — Vendor lockout

Exchange failures from Halving Cycle 3 (2017–2020). The post-2017 bull cycle produced a surge of new exchange users, followed by a wave of closures in the 2018–2019 bear market. QuadrigaCX — where the founder died holding sole custody — is the defining institutional failure of this cycle.

54 cases in this intersection. 59% of determinate cases resulted in a blocked outcome and 3% in access survived. The most common recovery path is exchange support.

Archive analysis — 54 cases
Outcomes
59% of determinate cases resulted in blocked access — 10 percentage points below the archive-wide average of 69%. Only 3% resulted in recovered access — one of the lower survival rates in the archive. 38% resulted in constrained recovery.
Documentation coverage
31% of cases have indeterminate outcomes — higher than the archive average of 43%.
Custody type
96% of cases involved exchange custody, followed by software wallet at 4%.
Recovery path
Exchange Support is the most documented recovery path (19 cases, 35% of subset). Of those with a determinate outcome, 92% resulted in recovered or constrained access.
Documentation
59% of cases had present and interpretable documentation — yet still produced a blocked or constrained outcome.
Scale
30% of cases involved large or very large holdings (10+ BTC).
Browse archive Archive statistics Scenarios Dependencies About
22
Blocked
14
Constrained
1
Survived
17
Indeterminate

97% of determinate cases resulted in blocked or constrained access.

54 observed cases
Blocked
22 (41%)
Constrained
14 (26%)
Survived
1 (2%)
Indeterminate
17 (31%)
Altsbit Exchange Hack (February 2020): Institutional Failure, Partial Recovery
Exchange custody
Blocked 2020
Altsbit, an Italian cryptocurrency exchange that had been operational for only a few months, suffered a catastrophic security breach in February 2020. Attackers
Coinbase Account Lockout: Multiple Users Denied Access Despite Identity Verification (2016–2020)
Exchange custody
Blocked 2020
Between December 2020 and the time of posting, multiple Coinbase users reported extended account lockouts that prevented trading, withdrawals, and even portfoli
Six Bitcoin Custody Failures: Exchange Collapse, Laptop Theft, and Deleted Wallets (2020)
Exchange custody
Blocked 2020
In March 2020, a BitcoinTalk forum thread aggregated six real-world Bitcoin access failures from individual users. User garyrowe reported losing keys to a non-B
Five Old Blockchain.info Wallets Inaccessible: Non-Standard Recovery Phrases Beyond Recovery Tools
Exchange custody
Indeterminate 2020
In July 2020, forum user gbola reported discovering five old Blockchain.info recovery phrases originating from approximately 2014, when the user's family were e
Blockchain.com Account Inaccessible: Forgotten Email Address and Missing Recovery Words
Exchange custody
Indeterminate 2020
In approximately 2016, the user angly11 created a Blockchain.com hosted wallet account but committed a critical documentation failure: they did not record the e
2.9 BTC in Unidentified Web Wallet from 2012–2013: Provider Unknown, Access Impossible
Exchange custody
Blocked 2020
In May 2020, a BitcoinTalk user reporting under the handle cyptomania rediscovered Bitcoin documentation while conducting routine record cleanup. The user had s
Livecoin Exchange Compromised by Server Attack — Price Manipulation, Permanent Shutdown
Exchange custody
Blocked 2020
Livecoin, a Russian cryptocurrency exchange, suffered a critical infrastructure compromise on 23 December 2020 when attackers gained control of the exchange's s
KuCoin Exchange Breach September 2020: $280M Stolen, $204M Recovered
Exchange custody
Constrained 2020
On September 26, 2020, KuCoin announced a security breach affecting its hot wallets. Attackers with access to private keys stole approximately $280 million in c
Eterbase Exchange Breach: $5.4M Stolen, Limited Recovery
Exchange custody
Blocked 2020
On September 8, 2020, Eterbase, a Slovakian cryptocurrency exchange, discovered unauthorised transfers totalling approximately $5.4 million from its hot wallets
Hidden wallet discovered — software wallet (2020)
Software wallet
Blocked 2020
In September 2020, a Bitcoin holder created a paper wallet using bitcoinpaperwallet.com, a website presenting itself as a legitimate tool for generating offline
Pre-2014 Blockchain.info Wallet: Non-Standard Mnemonic Format Blocks Recovery
Exchange custody
Indeterminate 2019
In May 2019, a Bitcoin holder identified as pizzdaniel posted to BitcoinTalk describing a multi-year custody failure involving wallets created on blockchain.inf
Einstein Exchange Vancouver: $16M CAD Claimed Liabilities, Insolvent Collapse 2019
Exchange custody
Blocked 2019
Einstein Exchange, a Vancouver-based cryptocurrency platform founded by Michael Ongun Gokturk, marketed itself as Canada's fastest-growing digital currency exch
Upbit Exchange Hot Wallet Breach — 342,000 ETH Stolen, November 2019
Exchange custody
Constrained 2019
On November 27, 2019, the South Korean exchange Upbit discovered that 342,000 ETH—valued at approximately $49 million USD at the time—had been transferred from
Bitrue Singapore Exchange Security Breach — $4.2M Theft, Full User Refund
Exchange custody
Constrained 2019
On June 27, 2019, Singapore-based exchange Bitrue discovered a $4.2 million security breach affecting 90 user accounts. An attacker had exploited a weakness in
CoinBene Exchange Hack — $100M+ Stolen, Maintenance Cover-Up, March 2019
Exchange custody
Indeterminate 2019
CoinBene, a cryptocurrency exchange, abruptly went offline in March 2019 citing scheduled maintenance. Within days, blockchain analysts at multiple firms detect
QuadrigaCX Exchange Collapse: $190M Bitcoin Lost After Owner's Death
Exchange custody
Blocked 2019
QuadrigaCX was a Canadian cryptocurrency exchange that collapsed in 2019 following the sudden death of its founder and sole operator. The exchange held approxim
QuadrigaCX Exchange Collapse (April 2019): Mass Custody Loss
Exchange custody
Blocked 2019
QuadrigaCX, founded in 2013 and one of Canada's largest cryptocurrency exchanges, ceased operations on April 15, 2019, with approximately 115,000 users unable t
Bithumb $13M EOS Insider Theft April 2019: Platform Lockout and Third Security Breach
Exchange custody
Constrained 2019
On April 1, 2019, South Korean exchange Bithumb detected abnormal withdrawal patterns in its internal monitoring systems and halted all deposit and withdrawal s
Blockchain.info Hosted Wallet: Valid Backup Defeated by Email Authentication Failure
Exchange custody
Indeterminate 2019
In September 2019, a BitcoinTalk user identified as patparry reported a custody access failure involving a Blockchain.info hosted wallet. The account had remain
QuadrigaCX Exchange Collapse: CEO Death Blocks Access to $190M in Customer Cryptocurrency
Exchange custody
Blocked 2019
QuadrigaCX, founded in 2013 and operating as one of Canada's largest cryptocurrency exchanges, ceased operations in January 2019 following the death of CEO and
Cryptopia Exchange Hack and Liquidation: 960,000 Frozen Accounts, $400M Distributed Over 5 Years
Exchange custody
Constrained 2019
Cryptopia, a Christchurch-based cryptocurrency exchange serving 1.4 million registered users across approximately 900 trading pairs, suffered a critical securit
DragonEx Singapore Exchange Compromised by Lazarus Group — User Funds Stolen March 2019
Exchange custody
Constrained 2019
DragonEx, a Singapore-based cryptocurrency exchange, suffered a critical security breach on March 24, 2019, when attackers gained access to internal systems and
BITPoint Exchange Hack — $23M Customer Cryptocurrency Stolen, July 2019
Exchange custody
Constrained 2019
On July 12, 2019, BITPoint, operated by Tokyo-listed Remixpoint Inc., discovered unauthorised outflows totalling approximately 3.5 billion yen ($32 million USD)
Block.io Dashboard Access Failure: User Unable to Move BTC Despite Holding Private Keys
Exchange custody
Indeterminate 2019
In September 2019, a Bitcoin user holding funds on Block.io encountered a critical access barrier. When attempting to log into the custodial wallet dashboard, t
MapleChange Exchange Collapse: $5M Missing, Hack Unverified, No Recovery
Exchange custody
Blocked 2018
MapleChange, a Canadian cryptocurrency exchange, announced on October 28, 2018, that it had suffered a security breach resulting in the loss of approximately $5
← Previous
123
Next →
Browse by halving cycle and stress
Halving Cycle 4 (2021–2024) — Vendor lockout Halving Cycle 4 (2021–2024) — Seed phrase unavailable Halving Cycle 4 (2021–2024) — Passphrase unavailable Halving Cycle 4 (2021–2024) — Device loss Halving Cycle 4 (2021–2024) — Coercion Halving Cycle 3 (2017–2020) — Passphrase unavailable Halving Cycle 3 (2017–2020) — Seed phrase unavailable Halving Cycle 3 (2017–2020) — Device loss Halving Cycle 3 (2017–2020) — Coercion Halving Cycle 2 (2013–2016) — Passphrase unavailable Halving Cycle 2 (2013–2016) — Seed phrase unavailable Halving Cycle 2 (2013–2016) — Vendor lockout Halving Cycle 2 (2013–2016) — Device loss Halving Cycle 1 (2009–2012) — Seed phrase unavailable Halving Cycle 1 (2009–2012) — Passphrase unavailable Halving Cycle 1 (2009–2012) — Vendor lockout Halving Cycle 1 (2009–2012) — Device loss All cases
Terms guide
Outcome terms
Survived
Access remained possible under the reported conditions.
Constrained
Access remained possible, but only with delay, dependence, or significant difficulty.
Blocked
Access was not possible under the reported conditions.
Indeterminate
There was not enough information to determine the outcome.
Assessment terms
Survivability
The degree to which a custody system maintains the possibility of authorized recovery under stress.
Archive inclusion criteria

This archive documents cases where a legitimate owner, heir, or authorized party encountered barriers accessing or recovering Bitcoin due to a failure in the custody arrangement. The central question for inclusion is: did the custody structure fail a legitimate access or recovery attempt?

Inclusion requirements

A case must satisfy all three of the following to be included:

  1. Legitimate access attempt. The person attempting to access or recover the Bitcoin was the owner, a designated heir, an executor, a legal authority, or another party with a legitimate claim — not a thief, attacker, or unauthorized third party.
  2. Custody structure failure. The failure was caused by a property of the custody arrangement — missing credentials, structural dependencies, documentation gaps, knowledge concentration, legal barriers, or institutional constraints — not market conditions, individual-level fraud or theft, or protocol-level issues. Platform-level failures that block legitimate user access are in scope regardless of their cause.
  3. Documentable outcome or access constraint. The case must have a stated or inferable outcome: access blocked, access constrained, access delayed, or access eventually achieved through a recovery path. Cases with entirely unknown outcomes are included only where the structural failure is documented and the constraint is unambiguous.
In scope
  • Owner death or incapacity — Bitcoin held in self-custody that becomes inaccessible to heirs or designated parties because credentials, documentation, or operational knowledge were not transferred
  • Passphrase loss — BIP39 passphrase forgotten or unavailable, blocking access to a funded wallet even where the seed phrase is present
  • Seed phrase or wallet backup unavailable — no independent recovery path existed or the backup was destroyed, lost, or never created
  • Device loss without independent backup — hardware wallet, phone, or computer lost or destroyed with no recovery path outside the device
  • Documentation absent or ambiguous — heirs or executors cannot determine that Bitcoin exists, which wallet holds it, or how to access it
  • Knowledge concentration — only one person knew the procedure, passphrase, or access method; that person is dead, incapacitated, or unreachable
  • Multisig quorum failure — a threshold signature arrangement cannot be completed because signers are unavailable, uncooperative, incapacitated, or have lost their keys
  • Legal authority / access mismatch — a court order, probate ruling, or power of attorney establishes legal entitlement but provides no technical path to access
  • Institutional custody barrier — exchange or platform hacks, insolvency, regulatory seizure, or operational failure that caused a access constraint or failure for legitimate users, whether temporary, prolonged, or permanent. The failure of the custodian to remain available or solvent is itself the in-scope event.
  • Forced relocation or geographic constraint — physical access to a device or location required for recovery is blocked by displacement, border restrictions, or political circumstances
  • Coercion — the holder was compelled under threat to transfer Bitcoin or disclose credentials during an access event
  • Hidden asset discovery — heirs or executors locate a wallet or account but cannot access it due to missing credentials or operational knowledge
Out of scope
  • Market losses, investment losses, yield scheme losses, or Ponzi scheme losses
  • Hacks or theft targeting an individual's personal security (phishing, SIM swap, social engineering, malware) where the custody architecture itself did not fail
  • Unauthorized transfers where the holder's custody system was not the cause of the failure
  • Ordinary transaction mistakes — wrong-address sends, fee errors, mistaken amounts
  • Protocol-level failures — cryptographic vulnerabilities, consensus bugs, firmware integrity failures
  • Deliberate burns or tribute burns
  • Cases where the stated loss is unverifiable and no structural custody failure is described
Source and verification

Cases are drawn from public sources including forum posts, news reporting, court documents, academic research, and direct submissions. Each case is reviewed against the inclusion criteria above before publication. Source material is retained and available on request for documented cases.

The archive is observational and descriptive. It does not attempt to document all Bitcoin custody failures — only those meeting the criteria above with sufficient documentation to describe the structural failure and its outcome.