Illustration by Kristen Radtke/The VergeIn early 2018, Dan Reich decided to spend $50,000 on Bitcoin for a batch of Theta tokens. These tokens were a new cryptocurrency that was worth only 21 cents each. They initially held the tokens on an exchange based out of China. However, within weeks, the Chinese government began to crackdown on cryptocurrency. They were soon unable to access the exchange so they transferred everything to a hardware wallet. Reich and his friend selected a Trezor One wallet and set up a PIN. Then they got on with their lives and forgot about it.
The token had lost less than 25% of its value by the end of the year, then rebounded and crashed again. Reich decided to cash out but his friend lost the paper on which he had written the PIN. He couldn’t recall the numbers. They tried to guess what they thought was a 4-digit PIN, but it was actually five. After each failed attempt, the wallet doubled their wait time before they could guess again. After 16 attempts, the wallet would erase all data. They stopped after a dozen attempts, fearing that they would fail again.
Reich gave up and wrote the money off in his mind. Reich was willing to accept the loss until the price rose again.
Their tokens’ value began to rise from a low point of $12,000. It would soon be worth more $400,000 and briefly rise to $3 million by 2020. Although it was difficult to gain access to the wallet without the PIN, it wasn’t impossible. Reich and his friend, who could have made millions, vowed to find a way in.
You can only own cryptocurrency on the blockchain if you have a private key that is associated with a specific block of currency. However, managing those keys has been a difficult task from the beginning. The key (or the string or words that derive it) is required to sell or spend currency. However, if someone else has the key, they can steal your coins anonymously from any location in the world. Your key can be stored on an exchange service’s server, or on your computer or mobile phone. However, these keys are susceptible to remote attack if someone on the internet has access to them.
Hardware wallets are about the same size as a USB stick and allow you to store the key locally and off the internet. You can also sign transactions inside the secure wallet by inserting the device into a computer, and entering the PIN. If you forget your PIN or don’t have the key, you will not be able to access your currency on the Blockchain.
This happens more often that you might think. Chainalysis, a cryptocurrency data firm, estimates that over 3.7 million Bitcoins valued at $66.5 billion have been lost to their owners. There are many reasons currency can be lost: the computer or phone that stores it is stolen or crashed, the wallet is not recoverable, the owner accidentally throws away their hardware wallet, or the owner forgets or dies without passing on their PIN to their family members.
Reich and his friend wanted to hack their wallet as the value of their inaccessible tokens rose rapidly in 2020. They searched online until they found a talk by three hardware experts in 2018. They had discovered a way to get the key into a Trezor wallet, without having to know the PIN. Reich was able to find hope in the engineers’ refusal to help.
Reich states, “We at the very least knew it was possible and had some direction of how it could happen.”
They found a Swiss financier who claimed to have associates in France that could crack the wallet in a laboratory. Reich couldn’t even know their names nor go to the lab. He would have to give his wallet to the Swiss financier, who would then take it to his French friends. Reich and his friend were desperate to do this, even though it was a risky idea.
Their plans were thwarted by COVID and lockdowns in 2020. However, Reich was planning to fly to Europe in February 2021. With the tokens’ value now $2.5 million, Reich suddenly found a better option: Joe Grand, a US hardware hacker.
Grand is an inventor and electrical engineer who has been hacking hardware ever since he was 10. He is an electrical engineer and inventor who has been hacking hardware since he was 10. He co-hosted “Prototype This” on Discovery Channel in 2008. He teaches hardware hacking to companies and organizations that design complex systems and want an understanding of how hackers can attack them.
Reich, an electrical engineer who also owns a software business, was able to assess whether Grand had the skills necessary to carry out the hack. He knew that they had found the right person after just one conversation. He recalls thinking, “Wow, this man is perhaps the brightest electrical engineer I’ve ever seen,” he said.
Grand, who has a custom laboratory in his Portland backyard, bought several identical wallets as Reich and his friend and installed the same firmware on them. After that, he spent three months researching and attacking his practice wallets using various techniques. They agreed that Reich, who is from New Jersey, would not fly to Portland with his wallet, until Grand had cracked three wallets using the exact same technique.
Reich says, “If he screwed up something, there was a good chance that it wouldn’t be able to recover.”
Grand was able to use his previous research as a guide. A 15-year-old UK hardware hacker named Saleem Rashid had devised a method to unlock Mark Frauenfelder’s Trezor wallet and help him get $30,000 in Bitcoin.
Rashid discovered that the Trezor wallet made a copy the PIN and key stored in the wallet’s secure flash memory. The copy was then placed in RAM. He was able to exploit a vulnerability in the wallet and put it into firmware update mode. This allowed him to install his own unauthorized code, which allowed him access the PIN and key stored in RAM. The code he installed caused the long-term flash memory PIN and key to be erased, leaving only the copy in RAM. Grand could not use this method because he might accidentally erase the RAM before he could access the data. The key would then be impossible to recover.
Trezor had changed its wallets since then, so the PIN key and key that were copied to RAM during boot up got erased when the device was placed in firmware update mode.
Grand instead looked at the 2018 conference talk method Reich had previously examined. Researchers in this case discovered that Trezor had removed the PIN key and key from RAM during boot-up. However, the key and PIN were still present in RAM during another stage. They discovered that the PIN key and key were temporarily moved to RAM during firmware update mode. This was done to prevent the new firmware writing over the key and PIN. The key and PIN were then moved back to flash after the firmware was installed. They devised a technique called “wallet.fail.” This attack used a fault injection method, also known as glitching, to compromise security and allow them to read PIN and key while they were temporarily in RAM.
Grand’s setup to defeat the Trezor wallet, as seen in his video. It includes a ChipWhisperer CW 1200 and PhyWhisperer-USB debug probes, and J-Link.
Trezor wallets have three levels of security. RDP2, which is the least secure, doesn’t allow you to read the RAM. RDP1 or RDP0 let you. Trezor wallets use RDP2 to block anyone from reading the RAM.
The fault injection attack against the chip, which affects the voltage going to the microcontroller, allowed the wallet.fail team to downgrade security from RDP2 (to RDP1) to RDP1. The wallet could then be forced into firmware update mode by sending the key and PIN into RAM and reading them. It was similar to Rashid’s attack except that they were able to access RAM without having to exploit code.
This technique was great for a research project, but it was risky for Reich’s wallet. The firmware update changed the key and PIN to RAM, and not copied. This meant that there was only one wallet version during this period. Grand could accidentally wipe the RAM and key, or do something else. As it turned out, every time Grand glitched his practice wallets they would freeze.
Grand discovered a better solution while trying to solve the problem. He discovered that Reich’s firmware version had copied the key and pin to RAM even after the device was turned on. Grand could disable security and read RAM if he glitched the device at just the right time. The key and PIN were only copied to RAM at this point, and not moved like the wallet.fail scenario. This meant that they could still exist in flash even if Grand accidentally wiped the RAM. It was safer than using the same solution for both previous attacks.
The problem was that the glitching required thousands upon thousands of attempts. This involved powering up the wallet repeatedly and changing the parameters to alter the voltage to microcontroller every time. This was to try to find the moment that would allow him to downgrade microcontroller security. The automated script took three to four hours and Reich’s wallet was not guaranteed to work, even though it worked on practice wallets. Reich compared the long wait to sitting through a stakeout.
Grand designed his program so that, if the glitch worked properly, his computer would say: “Hack the world!” This is a nod towards Hackers, the 1995 film. Reich flew to Portland last May for two days when it was time to hack for real. The first day was spent setting up the equipment. They filmed the hack with a professional crew. Grand then launched his script the next day.
They waited. They waited. They then ate pizza and waited yet again.
The computer finally called out “Hack the globe!” after nearly three and a quarter hours. Grand could see the key and five digit PIN on Grand’s screen. Reich and his friend were now worth $2 million more.
He immediately transferred the Theta tokens from their account and sent a portion of the booty to Grand in return for his services.
Grand found it thrilling, and not only because of the amount of money at stake. He says, “It kinda reinvigorated my… and helped me decide how I should use my skills.”
He has been talking with other people who have lost access to their funds since May 2013 in the hopes of helping them crack their wallets. James Howells from Wales is one example. He accidentally threw his hardware wallet into the trash in 2013 and lost Bitcoin worth half a million dollars. He has been trying to convince his local council for years to allow him to dig through the dump. The city tracks the location of residential trash and told him that there was a good chance they could find his wallet, but they have so far refused to grant his request.
Grand also spoke with someone whose phone has a broken wallet. This would require forensic repair techniques. Grand also spoke to someone who lost their password to a software wallet on their computer.
Grand doesn’t just want to crack wallets, he also wants them to be more secure. Grand plans to report any vulnerabilities he finds to the vendor as soon as they are patchable so that they can’t easily be exploited by criminals and other people who might take an owner’s wallet. Does this mean that he will run out of vulnerabilities?
Grand doesn’t believe so. Grand doesn’t think so.
He notes that although it all depends on the design, with enough effort and resources, anything can be done.
Trezor had already fixed a part of the Grand-exploited problem in its firmware versions later. The wallets no more copy or move the key or PIN into RAM. SatoshiLabs co-founder and chief technology officer, Pavol Rusnak said that the wallets now store the key and PIN in a protected area of flash that isn’t affected by firmware updates.
However, the chip’s core problem that allows fault injection remains and must be addressed by the chip manufacturer — which the maker has declined — or by using a more secure chips. Rusnak claims that his team investigated the former, but more secure chips typically require vendors to sign an NDA. This Rusnak’s team opposes. Trezor uses open source software to provide transparency. When Rusnak’s team discovered an issue in a secure chip they were considering using, the chip manufacturer invoked the NDA. This was to stop them from discussing it.
Trezor wallets could still be vulnerable to other hacking methods. Grand is currently working on a new method to hack the STM32 microcontroller that is used in the wallets. It will work on wallets running the latest, more secure firmware. He said he wouldn’t reveal the details publicly because of the ramifications that this has on more than wallets.
He says that the STM32 is used in billions upon billions of devices all over the globe and that the problem he discovered can’t be fixed. “Which is both amazing and scary.”