CustodyStress
Archive › Browse by halving cycle and custody type › Halving Cycle 4 (2021–2024) — Software wallet
Part of the CustodyStress archive of observed Bitcoin custody incidents
Cycle 4Software wallet

Halving Cycle 4 (2021–2024) — Software wallet

Software wallet failures from Halving Cycle 4 (2021–2024). New all-time highs drove Bitcoin adoption to new levels, with mobile wallets as the dominant first-custody experience for new holders.

85 cases in this intersection. 96% of determinate cases resulted in a blocked outcome and 4% in access survived. The most common recovery path is password bruteforce.

Archive analysis — 85 cases
Outcomes
96% of determinate cases resulted in blocked access — 27 percentage points above the archive-wide average of 69%. Only 4% resulted in recovered access — one of the lower survival rates in the archive.
Documentation coverage
69% of cases have indeterminate outcomes — higher than the archive average of 43%.
Primary stress condition
39% of cases involve passphrase unavailable. Seed phrase unavailable accounts for a further 19%.
Recovery path
Password Bruteforce is the most documented recovery path (22 cases, 26% of subset).
Documentation
67% of cases had partial documentation — insufficient to complete recovery without the holder's direct involvement.
Structural dependency
81% of cases carry a undocumented recovery procedure dependency tag — the most common structural factor in this subset.
Browse archive Archive statistics Scenarios Dependencies About
25
Blocked
0
Constrained
1
Survived
59
Indeterminate

96% of determinate cases resulted in blocked or constrained access.

85 observed cases
Blocked
25 (29%)
Survived
1 (1%)
Indeterminate
59 (69%)
External Hard Drive Theft with Private Key Recovery Attempt
Software wallet
Indeterminate 2024
On May 26, 2024, a BitcoinTalk user (Niandertal@2024) reported the theft of an external hard drive containing a Bitcoin wallet file. The user had retained posse
Encrypted Wallet.dat Lost After Father's Sudden Death—No Recovery Path
Software wallet
Indeterminate 2024
In February 2024, floki5444 posted on BitcoinTalk describing the loss of access to a Bitcoin wallet belonging to their deceased father. The father died unexpect
Sudden Death, Lost Passphrase: Bitcoin Core Wallet.dat Inaccessible to Heirs
Software wallet
Indeterminate 2024
A Bitcoin holder died suddenly and unexpectedly after an apparent recovery from illness, leaving behind a Bitcoin Core wallet.dat file with no disclosed passphr
Three Recovered wallet.dat Files (2009–2013): Corruption, Incompatibility, and Unknown Passphrase
Software wallet
Indeterminate 2024
Jay, an early Bitcoin participant who mined from 2009 onwards, stored wallet.dat files with minimal backup discipline—copying them to memory sticks as was custo
Forgotten BIP39 Passphrase: BTCRecover Brute-Force Fails to Recover Access
Software wallet
Indeterminate 2024
JMASTERJ, a BitcoinTalk forum user, discovered a critical access failure in a self-custody wallet setup using a 12-word BIP39 seed phrase combined with an addit
Samourai Wallet Seizure: Recovering Bitcoin After Platform Shutdown
Software wallet
Survived 2024
On April 28, 2024, a BitcoinTalk user reported that Bitcoin deposited to their Samourai Wallet became inaccessible following the FBI's shutdown of the platform.
BitcoinTalk Seed Phrase Loss Reports: Computer Crash, Device Corruption, Paper Wallet Failures
Software wallet
Blocked 2024
On January 26, 2024, BitcoinTalk user riverdip initiated a community thread soliciting incident reports about Bitcoin inaccessibility. The thread surfaced multi
Early Bitcoin Miner Seeks File Signature Recovery After Hard Drive Deletion
Software wallet
Indeterminate 2024
DVCMI776 mined a significant quantity of Bitcoin during the early Bitcoin era and stored the wallet files on a hard drive. The drive subsequently failed, initia
100 Bitcoin Lost on Unbackedup USB Flash Drive: Early Adopter Custody Failure
Software wallet
Blocked 2024
A BitcoinTalk forum user known as 'oktana' disclosed in March 2024 the loss of 100 bitcoins stored on a USB flash drive. The coins were acquired during Bitcoin'
Samsung Phone Mining Wallet: 0.7 BTC Inaccessible After Device Wipe
Software wallet
Indeterminate 2024
In February 2024, a BitcoinTalk user (onisuk20) rediscovered a Samsung phone containing Bitcoin holdings generated during the early mining period around August
Cluj Restaurant Owner Kidnapped and Tortured Until $200K Crypto Transferred
Software wallet
Blocked 2024
In January 2024, a 42-year-old restaurant owner in Cluj, Romania was abducted by attackers who subjected him to severe torture to extract cryptocurrency access.
Chicago Kidnapping and $15 Million Forced Crypto Transfer
Software wallet
Blocked 2024
In October 2024, six men executed a violent kidnapping at a Chicago townhouse, taking three family members and their nanny hostage. The attackers forced the vic
Arsalan Malik: $340,000 Bitcoin Transfer Under Armed Duress in Karachi
Software wallet
Blocked 2024
In December 2024, Arsalan Malik, a cryptocurrency trader based in Karachi, Pakistan, was abducted by five armed men traveling in a vehicle styled to resemble a
Deceased Partner's Encrypted wallet.dat: Password Confirmed but Holdings Unverifiable
Software wallet
Indeterminate 2024
In May 2024, a non-technical forum user discovered a wallet.dat file on an SD card containing personal photos belonging to their deceased partner, described as
Bitcoin Core Wallet Encryption Generated New Seed: Lost Access to Funded Addresses
Software wallet
Blocked 2024
In June 2024, a Bitcoin Core user deleted their server and all associated data, but retained a backup copy of wallet.dat on their computer. The user encrypted t
50–100 Bitcoin Lost on Old Hard Drive Due to Missing Passphrase
Software wallet
Blocked 2024
In December 2024, a professional contacted Stack Exchange reporting that a colleague possessed 50–100 bitcoins stored on an old hard drive in a bitcoin-qt walle
London Home Invasion: 1,000+ ETH Transferred Under Machete Coercion
Software wallet
Blocked 2024
In June 2024, three men armed with machetes forced entry into the home of Ramesh Nair in London, England. The attackers coerced Nair to transfer more than 1,000
Puntarenas Robbery: 11 Israeli Tourists Lose 10+ BTC to Armed Gang
Software wallet
Blocked 2024
In August 2024, eight men attacked a property in Puntarenas, Costa Rica, where eleven Israeli tourists were staying. The assailants overpowered a security guard
Forgotten Bitcoin Core Passphrase: Family Lifesavings Locked After Home Invasion
Software wallet
Indeterminate 2024
SpaceMarine770 moved Bitcoin from Blockchain.com to Bitcoin Core (Version 25) in August 2024, approximately one to two weeks before reporting a home invasion an
Deleted wallet.dat Recovery Attempt: Corruption Barrier (Tigerbill, May 2023)
Software wallet
Indeterminate 2023
In May 2023, Tigerbill, a junior member of the BitcoinTalk forum, permanently deleted their wallet.dat file containing an unspecified quantity of Bitcoin. The u
BRD Wallet Derivation Path Incompatibility: Seed Phrase Cannot Recover 2018 Bitcoin
Software wallet
Indeterminate 2023
SimonsLu adopted Bitcoin in 2017 through exchange trading before transitioning to self-custody in 2018. He installed BRD, a mobile wallet recommended on bitcoin
Electrum Wallet Password Lost With Corrupted SSD Backup
Software wallet
Indeterminate 2023
On November 15, 2023, a BitcoinTalk user reported being unable to access an Electrum wallet after losing the 8–9 character password derived from a longer 15-cha
Scrambled Seed Phrase: 2500 BTC Unrecoverable Without Word Order
Software wallet
Indeterminate 2023
In December 2023, a recovery specialist designated iconbtcx was engaged to restore access to 2500 BTC held in a BIP39-compliant software wallet. The client poss
Lost Electrum Wallet: Encrypted Backup Without Password or Seed Phrase
Software wallet
Indeterminate 2023
On March 17, 2023, a BitcoinTalk forum user (Lavey666) posted to the Electrum wallet software section describing a complete loss of access to their self-custodi
Recovering Lost Armory Wallet from Overwritten 2009-2010 Laptop Disk
Software wallet
Indeterminate 2023
In June 2023, a Bitcoin holder initiated a public recovery effort for an Armory wallet created in 2009–2010 on a personal laptop. The original device remained i
← Previous
1234
Next →
Browse by halving cycle and custody type
Halving Cycle 4 (2021–2024) — Exchange custody Halving Cycle 4 (2021–2024) — Hardware wallet (single key) Halving Cycle 3 (2017–2020) — Exchange custody Halving Cycle 3 (2017–2020) — Software wallet Halving Cycle 3 (2017–2020) — Hardware wallet (single key) Halving Cycle 2 (2013–2016) — Software wallet Halving Cycle 2 (2013–2016) — Exchange custody Halving Cycle 1 (2009–2012) — Software wallet Halving Cycle 1 (2009–2012) — Exchange custody All cases
Terms guide
Outcome terms
Survived
Access remained possible under the reported conditions.
Constrained
Access remained possible, but only with delay, dependence, or significant difficulty.
Blocked
Access was not possible under the reported conditions.
Indeterminate
There was not enough information to determine the outcome.
Assessment terms
Survivability
The degree to which a custody system maintains the possibility of authorized recovery under stress.
Archive inclusion criteria

This archive documents cases where a legitimate owner, heir, or authorized party encountered barriers accessing or recovering Bitcoin due to a failure in the custody arrangement. The central question for inclusion is: did the custody structure fail a legitimate access or recovery attempt?

Inclusion requirements

A case must satisfy all three of the following to be included:

  1. Legitimate access attempt. The person attempting to access or recover the Bitcoin was the owner, a designated heir, an executor, a legal authority, or another party with a legitimate claim — not a thief, attacker, or unauthorized third party.
  2. Custody structure failure. The failure was caused by a property of the custody arrangement — missing credentials, structural dependencies, documentation gaps, knowledge concentration, legal barriers, or institutional constraints — not market conditions, individual-level fraud or theft, or protocol-level issues. Platform-level failures that block legitimate user access are in scope regardless of their cause.
  3. Documentable outcome or access constraint. The case must have a stated or inferable outcome: access blocked, access constrained, access delayed, or access eventually achieved through a recovery path. Cases with entirely unknown outcomes are included only where the structural failure is documented and the constraint is unambiguous.
In scope
  • Owner death or incapacity — Bitcoin held in self-custody that becomes inaccessible to heirs or designated parties because credentials, documentation, or operational knowledge were not transferred
  • Passphrase loss — BIP39 passphrase forgotten or unavailable, blocking access to a funded wallet even where the seed phrase is present
  • Seed phrase or wallet backup unavailable — no independent recovery path existed or the backup was destroyed, lost, or never created
  • Device loss without independent backup — hardware wallet, phone, or computer lost or destroyed with no recovery path outside the device
  • Documentation absent or ambiguous — heirs or executors cannot determine that Bitcoin exists, which wallet holds it, or how to access it
  • Knowledge concentration — only one person knew the procedure, passphrase, or access method; that person is dead, incapacitated, or unreachable
  • Multisig quorum failure — a threshold signature arrangement cannot be completed because signers are unavailable, uncooperative, incapacitated, or have lost their keys
  • Legal authority / access mismatch — a court order, probate ruling, or power of attorney establishes legal entitlement but provides no technical path to access
  • Institutional custody barrier — exchange or platform hacks, insolvency, regulatory seizure, or operational failure that caused a access constraint or failure for legitimate users, whether temporary, prolonged, or permanent. The failure of the custodian to remain available or solvent is itself the in-scope event.
  • Forced relocation or geographic constraint — physical access to a device or location required for recovery is blocked by displacement, border restrictions, or political circumstances
  • Coercion — the holder was compelled under threat to transfer Bitcoin or disclose credentials during an access event
  • Hidden asset discovery — heirs or executors locate a wallet or account but cannot access it due to missing credentials or operational knowledge
Out of scope
  • Market losses, investment losses, yield scheme losses, or Ponzi scheme losses
  • Hacks or theft targeting an individual's personal security (phishing, SIM swap, social engineering, malware) where the custody architecture itself did not fail
  • Unauthorized transfers where the holder's custody system was not the cause of the failure
  • Ordinary transaction mistakes — wrong-address sends, fee errors, mistaken amounts
  • Protocol-level failures — cryptographic vulnerabilities, consensus bugs, firmware integrity failures
  • Deliberate burns or tribute burns
  • Cases where the stated loss is unverifiable and no structural custody failure is described
Source and verification

Cases are drawn from public sources including forum posts, news reporting, court documents, academic research, and direct submissions. Each case is reviewed against the inclusion criteria above before publication. Source material is retained and available on request for documented cases.

The archive is observational and descriptive. It does not attempt to document all Bitcoin custody failures — only those meeting the criteria above with sufficient documentation to describe the structural failure and its outcome.

Original text
Rate this translation
Your feedback will be used to help improve Google Translate