German-born programmer Stefan Thomas only has two remaining password guesses before he loses the keys to the 7,002 Bitcoin (BTC) he earned from creating a short animation video in 2011. He locked the keys to the crypto in an encrypted hard drive but has forgotten the password.
If his remaining guesses are unsuccessful, Thomas will lose $220 million at today’s BTC price. The programmer could also not sell during the 2021 bull market that would have valued his holdings at closer to $500 million.
Stories of Lost Keys May Spook Newbies
But Thomas is not the only one to lose access to his crypto this way. Blockchain analytics firm Chainalysis estimates one-fifth of the 18.5 million Bitcoin in circulation is lost in stranded wallets.
A single Bitcoin has no physical expression despite its name suggesting an association with physical coinage. Instead, it is a chain of digital signatures authorizing multiple payments that eventually add up to one Bitcoin.
A Bitcoin user must sign every payment with a private key, essentially a string of numbers and letters. Interested network participants use a public key to confirm the spender has enough money for a transaction.
One of the most notorious cases of lost Bitcoins occurred before the Tokyo exchange Mt. Gox collapsed. In October 2011, around 2,609 BTC (around $76 million at today’s prices) were sent to invalid addresses via 20 transactions.
In 2022, The Verge reported Poloniex engineers gathered 300 BTC accidentally deposited into the exchange’s Tether wallets. The exchange’s archaic software kept the misdirected Bitcoin hidden in crevices invisible to the user interface.
Even Best Investors Fail at Protecting Bitcoin Keys
The safe custody of private keys is essential to spending your crypto. If you lose your key, you lose access to your crypto.
According to Diogo Monica, the founder of a start-up helping people recover their crypto, even the best investors are bad at protecting keys.
“Even sophisticated investors have been completely incapable of doing any kind of management of private keys.”
Firms like Gemini, Coinbase, and most other major exchanges, store keys at facilities with institutional-grade security. Crypto diehards advocate keeping paper backups in physical locations immune to theft.
A more novel solution still involves wrapping a user’s crypto address in a smart contract that abstracts away the complexities of key management. In addition to storing and managing a private key, a smart contract can store transaction sequences for complex trades and allow sharing of blockchain credentials with trusted parties.
Find out best practices for securing your crypto wallet here.
In addition, a user can create backup keys that authorize the creation of a new key if they lose their original. According to Cometh, a Web3 gaming firm, account abstraction supersedes storing keys in insecure physical locations or with a key management system.