CustodyStress
Archive › Passphrase unavailable
Part of the CustodyStress archive of observed Bitcoin custody incidents
CS-01195

Thomas holds 7,002 BTC (worth approximately $244 million at the time) on the drive

Indeterminate
Case description
On 25 October 2023, crypto recovery firm Unciphered published an open letter to former Ripple CTO Stefan Thomas, claiming to have developed a method to bypass the IronKey S200's 10-attempt password limit. Thomas holds 7,002 BTC (worth approximately $244 million at the time) on the drive, stored in a Swiss vault, and had used 8 of his 10 allowed password attempts since 2011. Unciphered demonstrated their technique to Wired magazine using 200 trillion brute-force attempts on an identical device model. Thomas declined the offer, citing an existing handshake deal with two other recovery teams made a year prior.
Custody context
Stress conditionPassphrase unavailable
Custody systemHardware wallet (single key)
OutcomeIndeterminate
DocumentationUnknown
Year observed2023
CountrySwitzerland
Structural dependencies observed
Technical specialist required
What this illustrates
The seed phrase was there, but the passphrase that unlocked it was gone. Both are required. It's not clear whether anyone ever regained access.
Outcome interpretation
Not enough information is available to determine the outcome.
Source
Publicly Reported
Evidence type
News article
Evidence link
https://cointelegraph.com/news/recovery-firm-cracking-ripple-cto-bitcoin-hard-drive
Related cases involving passphrase unavailable
A 2025 recovery case involved a Bitcoin Core wallet.dat file from 2015.
Desktop Software Wallet · 2025 Survives
Wallets containing 0.5–2 BTC that had been uneconomical to pursue recovery services
Desktop Software Wallet · 2025 Constrained
Passphrase unavailable — Ledger Nano S (2025)
Hardware wallet (single key) · 2025 Blocked
217 cases involve passphrase unavailable 274 cases involve hardware wallet (single key) View archive statistics →
This archive documents observed custody survivability failures. It does not attempt to document all Bitcoin losses or security incidents. Submit a case
← All cases
Framework references
Where Bitcoin Custody Intersects Legal and Fiduciary Authority
Where custody creates gaps in estate planning, fiduciary duty, and professional responsibility.
Professional Scope Boundary Matrix
What each professional or product covers, what they do not, and where gaps form between them.
The Independent Assessment Layer in Bitcoin Custody
How independent diagnostic layers emerge when multiple parties depend on shared infrastructure.
Terms guide
Outcome terms
Survives
Access remained possible under the reported conditions.
Constrained
Access remained possible, but only with delay, dependence, or significant difficulty.
Blocked
Access was not possible under the reported conditions.
Indeterminate
There was not enough information to determine the outcome.
Structural terms
Single-person knowledge
Recovery depended on information or capability held by one individual who was unavailable.
Institutional dependence
Recovery depended on a third-party institution or service that was inaccessible or uncooperative.
Documentation gap
Recovery depended on instructions that were missing, incomplete, or unclear.
Authority mismatch
The person with legal authority to act did not have operational access, or vice versa.
Original text
Rate this translation
Your feedback will be used to help improve Google Translate