Tuesday, Nov 14 2017 11:50 AM

In January 2016, I spent $3,000 to buy 7.4 bitcoins. At the time, it seemed an entirely worthwhile thing to do. I had recently started working as a research director at the Institute for the Future’s Blockchain Futures Lab, and I wanted firsthand experience with bitcoin, a cryptocurrency that uses a blockchain to record transactions on its network. I had no way of knowing that this transaction would lead to a white-knuckle scramble to avoid losing a small fortune.

My experiments with bitcoin were fascinating. It was surprisingly easy to buy stuff with the cryptocurrency. I used the airBitz app to buy Starbucks credit. I used Purse.io to buy a wireless security camera doorbell from Amazon. I used bitcoin at Meltdown Comics in Los Angeles to buy graphic novels.

By November, bitcoin’s value had nearly doubled since January and was continuing to increase almost daily. My cryptocurrency stash was starting to turn into some real money. I’d been keeping my bitcoin keys on a web-based wallet, but I wanted to move them to a more secure place. Many online bitcoin services retain their customers’ private bitcoin keys, which means the accounts are vulnerable to hackers and fraudsters (remember the time Mt. Gox lost 850,000 bitcoins from its customers’ accounts in 2014?) or governments (like the time BTC-e, a Russian bitcoin exchange, had its domain seized by US District Court for New Jersey in August, freezing the assets of its users).

I interviewed a handful of bitcoin experts, and they all told me that that safest way to protect your cache was to use something called a “hardware wallet.” This little device is basically a glorified USB memory stick that stores your private bitcoin keys and allows you to authorize transactions without exposing those keys to the internet, where they could be seized by bad actors. I settled on a hardware wallet called the Trezor (the Czech word for “safe”), described by the manufacturer as “bulletproof.” I bought one on November 22 for $100 on Amazon (again, via Purse.io).

When the Trezor arrived, I plugged it into my computer and went to the Trezor website to set it up. The gadget’s little monochrome screen (the size of my two thumbnails, side by side) came to life, displaying a padlock icon. The website instructed me to write down 24 words, randomly generated by the Trezor one word at a time. The words were like “aware,” “move,” “fashion,” and “bitter.” I wrote them on a piece of orange paper. Next, I was prompted to create a PIN. I wrote it down (choosing a couple of short number combinations I was familiar with and could easily recall) on the same piece of paper as the 24-word list.

The Trezor website explained that these 24 words were my recovery words and could be used to generate the master private key to my bitcoin. If I lost my Trezor or it stopped working, I could recover my bitcoin by entering those 24 words into a new Trezor or any one of the many other hardware and online wallets that use the same standard key-generation algorithm. It was important for me to keep the paper hidden and safe, because anyone could use it to steal my 7.4 bitcoins. I transferred my currency from my web-based wallet to my Trezor, tossing both the Trezor and the orange piece of paper into a desk drawer in my home office. My plan was to buy a length of flat aluminum stock and letterpunch the 24 words onto it, then store it somewhere safe. I was going to do it right after the holidays.

The Mistake: March 16, 2017: 7.4 BTC = $8,799

It was 6:30 in the morning. My 14-year-old daughter, Jane, was in London on a school trip, and my older daughter, Sarina, was at college in Colorado. My wife Carla and I were getting ready to leave for the airport to take a vacation in Tokyo. As I was rummaging through my desk drawer for a phone charger, I saw the orange piece of paper with the recovery words and PIN. What should I do with this? If our plane plowed into the ocean, I’d want my daughters to be able to get the bitcoins. The coins had already nearly tripled in value since I bought them, and I could imagine them being worth $50,000 one day. I took a pen and wrote on the paper:

Jane, if anything happens, show this paper to Cory. He’ll know what to do with it. Love, Dad

(“Cory” is Cory Doctorow, my friend and business partner at my website, Boing Boing. He’s not a bitcoin enthusiast, but I knew he’d be able to figure out how to retrieve the master private key from the word list.)

I took the paper into Jane’s bedroom, stuck it under her pillow, and we took a Lyft to LAX.

The Garbage: April 4, 2017: 7.4 BTC = $8,384

We returned from Tokyo on March 24, and I didn’t even think about the orange piece of paper until April 4, when I remembered that I’d put it under Jane’s pillow. That’s funny, I thought. She’s been home more than a week and never said anything to me about it.

I went into her room and looked under her pillow. It wasn’t there. I looked under her bed, dragging out the storage boxes to get a better view, using my phone as a flashlight.

“Carla?” I asked. “Did you see that orange piece of paper with my bitcoin password on it? I can’t find it in Jane’s room.”

“Maybe Jane put it in her desk,” she said. Jane was in school, but I texted and asked her. She said she never saw an orange piece of paper.

“Wait,” Carla said. “We had the house cleaned while we were gone. I’ll call them.”

Carla called the cleaning service we’d used and got the woman who cleaned the house on the line. She told Carla that she did indeed remember finding the orange piece of paper.

“Where is it?” Carla asked.

“I threw it away.”

I knew the garbage had already been collected, but I put on a pair of nitrile gloves and went through the outside trash and recycling bins anyway. Nothing but egg cartons, espresso grinds, and Amazon boxes. The orange piece of paper was decomposing somewhere under a pile of garbage in a Los Angeles landfill.

Carla asked if losing the paper was a big deal.

“Not really,” I said. “It’s just a hassle, that’s all. I’ll have to send all the bitcoins from the Trezor to an online wallet, reinitialize the Trezor, generate a new word list, and put the bitcoins back on the Trezor. It would only be bad if I couldn’t remember my PIN, but I know it. It’s 551445.”

The Forgetting: April 4, 2017: 7.4 BTC = $8,384

I plugged the Trezor into my laptop and entered 551445.

Wrong PIN entered.

I must have made an error entering the PIN, I thought. I tried 551445 again, taking care to enter the digits correctly this time.

Wrong PIN entered.

Uh oh. I tried a slight variation: 554445

Wrong PIN entered.

This is ridiculous, I thought. I knew the PIN. I’d entered it at least a dozen times in recent months without having to refer to the paper. OK, it’s probably 554145.

Wrong PIN entered.

I looked at the tiny monochrome display on the bitcoin wallet and noticed that a countdown timer had appeared. It was making me wait a few seconds before I could try another PIN. My heart fluttered. I went to the hardware wallet manufacturer’s website to learn about the PIN delay and read the bad news: The delay doubled every time a wrong PIN was entered. The site said, “The number of PIN entry failures is stored in the Trezor’s memory. This means that power cycling the Trezor won’t magically make the wait time go to zero again. The best you can do by turning the Trezor on and off again is make the timer start over again. The thief would have to sit his life off entering the PINs. Meanwhile, you have enough time to move your funds into a new device or wallet from the paper backup.” (Trezor is based in Prague, hence the stilted English.)

The problem was, I was the thief, trying to steal my own bitcoins back from my Trezor. I felt queasy. After my sixth incorrect PIN attempt, creeping dread had escalated to heart-pounding panic—I might have kissed my 7.4 bitcoins goodbye.

I made a few more guesses, and each time I failed, my sense of unreality grew in proportion to the PIN delay, which was now 2,048 seconds, or about 34 minutes. I opened my desktop calculator and quickly figured that I’d be dead before my 31st guess (34 years). One hundred guesses would take more than 80 sextillion years.

I broke the news to Carla. I told her I couldn’t remember the PIN and that I was being punished each time I entered an incorrect PIN. She asked me if I’d saved the PIN in my 1Password application (a secure password app). I told her I hadn’t. When she asked me why, I didn’t have an answer.

I knew it would be a mistake to waste a precious guess in my agitated condition. My mind had become polluted with scrambled permutations of PINs. I went into the kitchen to chop vegetables for a curry we were making for dinner. But I couldn’t think of much else besides the PIN. As I cut potatoes into cubes, I mentally shuffled around numbers like they were Scrabble tiles on a rack. After a while, a number popped into my head: 55144545. That was it! I walked from the kitchen to the office. The Trezor still had a few hundred seconds left on the countdown timer. I did email until it was ready for my attempt. I tapped in 55144545.

Wrong PIN entered. Please wait 4,096 seconds to continue…

I barely slept that night. The little shuteye I managed to get was filled with nightmares involving combinations of the numbers 1, 4, and 5. It wasn’t so much the $8,000 that bothered me—it was the shame I felt for being stupid enough to lose the paper and forget the PIN. I also hated the idea that the bitcoins could increase in value and I wouldn’t have access to them. If I wasn’t able to recall the PIN, the Trezor would taunt me for the rest of my life.

The Search: April 5, 2017: 7.4 BTC = $8,325

That morning, bleary eyed, I started looking into ways to get my bitcoins back that didn’t involve recalling my PIN or recovery words. If I’d lost my debit card PIN, I could contact my bank and I’d eventually regain access to my funds. Bitcoin is different. No one owns the bitcoin transaction network. Instead, thousands of computers around the world run software that validates the system’s transactions. Anyone is allowed to install the bitcoin software on their computer and participate. This decentralized nature of the bitcoin network is not without consequences—the main one being that if you screw up, it’s your own damn problem.

I went to /r/TREZOR/ on Reddit and posted:

Feel free to ridicule me—I deserve it. I wrote my PIN code and recovery seed on the same piece of paper. I was planning to etch the seed on a metal bar and hide it, but before that happened my housecleaning service threw the paper away. Now I can't remember my password and I have tried to guess it about 13 times. I now have to wait over an hour to make another guess. Very soon it will be years between guesses. Is there anything I can do or should I kiss my 7.5 bitcoins away?

Most of the replies were sympathetic and unhelpful. One person said I should get in touch with Wallet Recovery Services, which performs brute-force decryption on encrypted Bitcoin wallets. I emailed them and asked for help. “Dave Bitcoin” replied the next day:

I would like to help you ... but I do not see any solution to your problem. You need to either guess your PIN correctly, or find your seed.

A response on the Reddit forum from a user with the handle zero404cool was intriguing:

…all your information is still stored inside Trezor and there are people who know how to get all the information that is needed to get your wallet working again. I have seen it.

He added in another post:

Just keep your Trezor safe. Don't do anything with it. There is no need to try different PIN codes. You can regain possession of all your bitcoins.

The other users on the subreddit thought zero404cool wasn’t on the level. One said he might be a scammer; another accused him of spreading “FUD” (fear, uncertainty, and doubt) about Trezor’s security. I was inclined to agree with them, especially after reading about the lengths Trezor had gone to to make its device impenetrable to hackers. The manufacturer claimed with confidence that the Trezor could withstand any attempt to compromise it. The most obvious way to crack it, by installing unofficial firmware designed to unlock the PIN and keywords, would only have the effect of wiping the Trezor’s storage, the website said.

To confirm, I emailed Trezor and explained my predicament. A customer service representative emailed me back with a link to its “emergency situations guide,” none of which applied to my emergency situation. She wrote:

In all these situations there is either a PIN code or recovery seed needed to get an access to your funds. Unfortunately, without knowledge of at least one of these, no one is able to get access to this particular account with the funds stored on it. Is there anything else I can help you with, Mark?

The situation was starting to feel hopeless. In the meantime, zero404cool sent me a direct message on Reddit offering to help:

Yes, I can help you if you are willing to accept my help. Obviously, you are not going to find these instructions anywhere online. And it requires certain technical skills to complete them properly. A professional can extract all information just in 10 seconds. But this is not public knowledge, it's never going to be.

The problem is that I don't know you. I don't know if your story is real or not. I don't even know if you are a real person who really owns a Trezor. For example, You could as easily ask this to hack into someone else’s device. I can't allow that.

So, for this to work we have to gain each other’s trust I guess.

I wrote back and told zero404cool to Google my name, to help him decide if he could trust me. He’d see that I was one of the first editors of Wired, coming on board in 1993. I founded the popular Boing Boing website, which has 5 million monthly unique readers. I was the founding editor-in-chief of the technology project magazine, Make. A while later, zero404cool replied:

Hi Mark, It seems that you are not afraid of soldering and command line programs. I guess we can proceed with this recovery as DIY project then? I am somewhat busy at the moment; I hope that you are not in too much hurry to complete it?

I replied that I wasn’t in a hurry. I didn’t hear from him after that.

Continue reading in Part 2