CustodyStress
Archive › Structural patterns › Shared Dependency Failure
Part of the CustodyStress archive of observed Bitcoin custody incidents

Shared Dependency Failure

Cases where custody components that appeared independent shared a common underlying dependency — the same vendor, the same physical location, or the same keyholder. When the shared root failed, multiple recovery paths failed simultaneously. Shared dependency failures are custody failures that appear structurally sound until stress is applied. A holder who stores one seed phrase copy at home and a second copy at their office has two copies — but if both locations are accessible to the same authority during a legal seizure, the separation provides no protection. A multisig arrangement that uses two different hardware wallet brands but purchases both through the same vendor account, or stores both in the same safe, has apparent redundancy but a single failure point. The archive documents three recurring shared-root patterns: shared physical location (multiple backups colocated, destroyed or seized together); shared vendor root (multiple custody components dependent on the same platform, which fails as a single unit); and shared keyholder (multiple signing roles held by the same person, defeating multisig threshold protections). These patterns are often invisible during normal operation — the setup appears redundant until the shared root is stressed.

208 cases match this pattern in the archive. Among cases with a determinate outcome, 61% resulted in permanently blocked access, 4% in recovered access, and 35% in constrained recovery. 79% of cases in this pattern involved exchange custody.

Browse archive Archive statistics Scenarios Dependencies About
97
Blocked
55
Constrained
7
Survived
49
Indeterminate

96% of determinate cases resulted in blocked or constrained access.

208 observed cases
Blocked
97 (47%)
Constrained
55 (26%)
Survived
7 (3%)
Indeterminate
49 (24%)
Armory Wallet Lost via VirtualBox Snapshot Rollback—Binary Recovery Attempt
Software wallet
Indeterminate 2013
In October 2013, a BitcoinTalk user known as HowlingMad lost access to 6.59159344 BTC stored in Armory, a then-leading Bitcoin wallet application running on Win
Mt. Gox Withdrawal Crisis: levino's 347-Page Thread Documents SEPA Delays (April 2013)
Exchange custody
Constrained 2013
On April 18, 2013, BitcoinTalk user levino initiated a withdrawal of Euro proceeds from Mt. Gox, the world's largest Bitcoin exchange at that time. After 14 day
1,000 BTC Permanently Lost After Brother Deletes wallet.dat From Shared Dropbox Folder
Software wallet
Blocked 2013
In 2017, Hacker News user illumin8 disclosed a permanent loss of 1,000 BTC resulting from a wallet file deletion in a shared Dropbox folder. The Bitcoin wallet
Bitfloor Exchange Closure March 2013: Banking Relationship Failure After Prior Hack
Exchange custody
Constrained 2013
Bitfloor, a US-based Bitcoin exchange, announced permanent closure on March 17, 2013, after its banking partner terminated the exchange's account without explan
Cryptsy Exchange Collapse: Concealed Hack Left Users Holding Worthless Balances
Exchange custody
Blocked 2013
Cryptsy emerged as the dominant altcoin exchange during the 2013 cryptocurrency boom, facilitating trading in Litecoin, Dogecoin, Feathercoin, and hundreds of a
CoinLab vs. Mt. Gox: Partnership Collapse Traps North American Customer Bitcoin in Legal Limbo (May 2013)
Exchange custody
Blocked 2013
In 2012, Mt. Gox and CoinLab signed a partnership agreement under which CoinLab would assume management of Mt. Gox's US and Canadian customer operations, includ
DHS Seizure of Mt. Gox Dwolla and Wells Fargo Accounts (May 2013)
Exchange custody
Blocked 2013
On May 15, 2013, the US Department of Homeland Security, acting through Immigration and Customs Enforcement, seized approximately $2.9 million from Mt. Gox's Dw
Instawallet Hosted Wallet Shutdown After 2013 Security Breach: Partial User Reimbursement
Exchange custody
Constrained 2013
Instawallet, operated by French company Paymain (later Paymium), provided frictionless Bitcoin access during the early ecosystem's rapid expansion. The service
Blockchain.info Two-Factor Authentication Lockout: Correct Credentials Rejected
Exchange custody
Indeterminate 2013
On April 21, 2013, Narydu, operator of bitcoinargentina.org, lost access to a Blockchain.info hosted wallet despite possessing both the correct primary password
Mt. Gox SEPA Withdrawal Vanishes: mably's €EUR Transfer Confirmed But Never Received
Exchange custody
Indeterminate 2013
On April 6, 2013, BitcoinTalk user mably received email confirmation from Mt. Gox that a SEPA EUR withdrawal had been initiated. Twenty days elapsed without the
Mt. Gox SEPA Withdrawal Delayed 28 Days: lukcoin's Unresolved Case (May 2013)
Exchange custody
Indeterminate 2013
On May 7, 2013, BitcoinTalk user lukcoin posted in the Mt. Gox withdrawal delays thread describing a SEPA transfer initiated on April 9 that had not arrived aft
Mt. Gox Bitcoin Withdrawal Crisis: Weeks-Long Delays Signal Terminal Operational Failure
Exchange custody
Blocked 2013
By November 2013, Mt. Gox customers attempting to withdraw Bitcoin faced indefinite waiting periods, a critical escalation from earlier fiat-only delays. What h
Inputs.io Hack: 4,100 BTC Stolen, Partial Refunds October 2013
Exchange custody
Constrained 2013
Inputs.io was an Australian-hosted Bitcoin wallet service operated by a developer known as TradeFortress. On October 23, 2013, the platform suffered a security
2013 Blockchain.info AES-Encrypted Wallet: Password Lost, Recovery Tooling Exhausted
Exchange custody
Indeterminate 2013
In March 2013, during a two-month personal mining experiment, a user registered a wallet on blockchain.info and received an AES-encrypted backup file via email
Blockchain.info Hosted Wallet Recovery: Password Reset via Seed Phrase (2013)
Exchange custody
Survived 2013
PandaNL opened a Blockchain.info hosted wallet in 2013 and over several years forgot the account password. The user retained three critical pieces of recovery i
Blockchain.info Access Blocked After Platform Software Update
Exchange custody
Constrained 2013
A Blockchain.info user experienced sudden access denial to their hosted wallet following a platform software update. The incident occurred in an era when web-ba
1,300 BTC Inaccessible: BitLocker Encryption Key Lost on Failed Flash Drive
Software wallet
Indeterminate 2012
In June 2012, forum user mb300sd disclosed on BitcoinTalk's 'known lost bitcoins' thread that approximately 1,300 BTC had become permanently inaccessible due to
CryptoXChange Exchange Collapse: Users Locked Out of Bitcoin Deposits
Exchange custody
Blocked 2012
CryptoXChange launched on November 10, 2011, as an Australian Bitcoin exchange offering two-factor authentication features including Yubikey support. The platfo
BitMarket.eu: Operator Speculation and Bitcoinica Collapse Froze 18,787 BTC in Customer Funds
Exchange custody
Blocked 2012
BitMarket.eu launched in April 2011 as a Polish peer-to-peer Bitcoin exchange. The platform operator, Maciej Trębacz, made a critical decision to invest custome
Bitcoinica Receivership: 98,000 BTC Lost Across Three Thefts and MtGox Collapse
Exchange custody
Constrained 2012
Bitcoinica, a Bitcoin margin trading platform incorporated as a New Zealand limited partnership and launched by Zhou Tong in September 2011, suffered a cascade
BitFloor Exchange Collapse: 24,000 BTC Theft, Minimal Restitution, Platform Shutdown
Exchange custody
Blocked 2012
BitFloor, a Bitcoin exchange operating in 2012, suffered a catastrophic custody failure on September 4, 2012. An attacker gained access to an unencrypted backup
Bitcoin.de Account Lock: 0.01 BTC Inaccessible Due to KYC Residency Requirements
Exchange custody
Blocked 2012
A Bitcoin user created an account on bitcoin.de, a German peer-to-peer marketplace, during Bitcoin's early adoption period and deposited 0.01002 BTC. The accoun
Tradehill Exchange Shutdown: Users Locked Out After Dwolla Payment Reversal
Exchange custody
Constrained 2012
Tradehill operated as one of Bitcoin's earliest and most prominent exchanges, second only to Mt. Gox in trading volume and user trust. On February 13, 2012, the
Unauthorized Drive Format and Corrupted Wallet File Recovery Failure (2011)
Software wallet
Indeterminate 2011
On September 17, 2011, a Bitcoin holder identified as cablepair discovered that an office network administrator had reformatted the hard drive of a shared offic
Corrupted wallet.dat Recovery After Hard Drive Failure: 2011 Case Study
Software wallet
Indeterminate 2011
In May 2011, forum user zrataj (John) experienced a critical storage failure when his hard drive crashed, destroying both his primary wallet.dat file and the ba
← Previous
156789
Next →
Structural patterns
Forgotten Passphrase No Backup Existed Passphrase Never Recorded Device Discarded Recovery Attempted, Access Still Blocked Coercion — Forced Transfer Estate and Inheritance Failures Technical Recovery Succeeded Legal Proceedings as Recovery Path Exchange Bankruptcy Authority Without Access Multisig Quorum Failure Seed Phrase Recorded But Lost All cases
Other structural patterns
Forgotten Passphrase No Backup Existed Passphrase Never Recorded Device Discarded Recovery Attempted, Access Still Blocked Coercion — Forced Transfer Estate and Inheritance Failures Technical Recovery Succeeded Legal Proceedings as Recovery Path Exchange Bankruptcy Authority Without Access Multisig Quorum Failure Seed Phrase Recorded But Lost
Terms guide
Outcome terms
Survived
Access remained possible under the reported conditions.
Constrained
Access remained possible, but only with delay, dependence, or significant difficulty.
Blocked
Access was not possible under the reported conditions.
Indeterminate
There was not enough information to determine the outcome.
Assessment terms
Survivability
The degree to which a custody system maintains the possibility of authorized recovery under stress.
Archive inclusion criteria

This archive documents cases where a legitimate owner, heir, or authorized party encountered barriers accessing or recovering Bitcoin due to a failure in the custody arrangement. The central question for inclusion is: did the custody structure fail a legitimate access or recovery attempt?

Inclusion requirements

A case must satisfy all three of the following to be included:

  1. Legitimate access attempt. The person attempting to access or recover the Bitcoin was the owner, a designated heir, an executor, a legal authority, or another party with a legitimate claim — not a thief, attacker, or unauthorized third party.
  2. Custody structure failure. The failure was caused by a property of the custody arrangement — missing credentials, structural dependencies, documentation gaps, knowledge concentration, legal barriers, or institutional constraints — not market conditions, individual-level fraud or theft, or protocol-level issues. Platform-level failures that block legitimate user access are in scope regardless of their cause.
  3. Documentable outcome or access constraint. The case must have a stated or inferable outcome: access blocked, access constrained, access delayed, or access eventually achieved through a recovery path. Cases with entirely unknown outcomes are included only where the structural failure is documented and the constraint is unambiguous.
In scope
  • Owner death or incapacity — Bitcoin held in self-custody that becomes inaccessible to heirs or designated parties because credentials, documentation, or operational knowledge were not transferred
  • Passphrase loss — BIP39 passphrase forgotten or unavailable, blocking access to a funded wallet even where the seed phrase is present
  • Seed phrase or wallet backup unavailable — no independent recovery path existed or the backup was destroyed, lost, or never created
  • Device loss without independent backup — hardware wallet, phone, or computer lost or destroyed with no recovery path outside the device
  • Documentation absent or ambiguous — heirs or executors cannot determine that Bitcoin exists, which wallet holds it, or how to access it
  • Knowledge concentration — only one person knew the procedure, passphrase, or access method; that person is dead, incapacitated, or unreachable
  • Multisig quorum failure — a threshold signature arrangement cannot be completed because signers are unavailable, uncooperative, incapacitated, or have lost their keys
  • Legal authority / access mismatch — a court order, probate ruling, or power of attorney establishes legal entitlement but provides no technical path to access
  • Institutional custody barrier — exchange or platform hacks, insolvency, regulatory seizure, or operational failure that caused a access constraint or failure for legitimate users, whether temporary, prolonged, or permanent. The failure of the custodian to remain available or solvent is itself the in-scope event.
  • Forced relocation or geographic constraint — physical access to a device or location required for recovery is blocked by displacement, border restrictions, or political circumstances
  • Coercion — the holder was compelled under threat to transfer Bitcoin or disclose credentials during an access event
  • Hidden asset discovery — heirs or executors locate a wallet or account but cannot access it due to missing credentials or operational knowledge
Out of scope
  • Market losses, investment losses, yield scheme losses, or Ponzi scheme losses
  • Hacks or theft targeting an individual's personal security (phishing, SIM swap, social engineering, malware) where the custody architecture itself did not fail
  • Unauthorized transfers where the holder's custody system was not the cause of the failure
  • Ordinary transaction mistakes — wrong-address sends, fee errors, mistaken amounts
  • Protocol-level failures — cryptographic vulnerabilities, consensus bugs, firmware integrity failures
  • Deliberate burns or tribute burns
  • Cases where the stated loss is unverifiable and no structural custody failure is described
Source and verification

Cases are drawn from public sources including forum posts, news reporting, court documents, academic research, and direct submissions. Each case is reviewed against the inclusion criteria above before publication. Source material is retained and available on request for documented cases.

The archive is observational and descriptive. It does not attempt to document all Bitcoin custody failures — only those meeting the criteria above with sufficient documentation to describe the structural failure and its outcome.

Original text
Rate this translation
Your feedback will be used to help improve Google Translate