How KeychainX Was Able to Recover a 1000 ETH Presale Ethereum Wallet


A few months back, an Ethereum fan got in touch with KeychainX and shared a fascinating tale.

He participated in the 2014 Ethereum pre-sale, and for just $300 he was able to accumulate 1000 ETH, which now is worth roughly $4 million USD, a 13000x rise in value.

The tale started when Alex emailed the KeychainX team to inquire about how the business handled broken wallets. Since Alex had the password saved in Splash ID along with other passwords and had used it to copy-paste it onto the pre-sale portal to participate in the Ethereum token sale, he feared that the wallet was defective or that the encryption was incorrect.

He was concerned that there would be some glitch or language character decryption difficulties while utilizing numerous platforms, including an iPad, a Mac, and a phone, as well as different language configurations (Alex was partly French).

It was a cunning challenge because the password was lengthy (99 characters) and included various unusual or non-ASCII characters. However, with shorter passwords, it is possible to enter a random character at any location. It was not conceivable for a password that was almost 100 characters long.

However, Alex had a good idea of the password, so KeychainX “only” needed to check what was incorrect. It was funny to write the numerous password variations using sexually explicit language because the password was obviously also sexual.

The words contained the phrases pssy and cck even though they did not employ S/M code words like one of KeychainX’s Hong Kong clients. The crew had no idea how near and how far the issue was.

Being obstinate, the KeychainX team began by inserting random characters in the locations they believed to be potential trouble spots. For instance, if a character wasn’t in English, the algorithm would occasionally transform it into a double character, which would ultimately result in a significant expansion of the search field. Therefore, doing it had no effect.

The team then returned to the Splash ID source code and attempted to reverse engineer it in an effort to duplicate the issue.

Splash ID came in a variety of versions, and their website did not indicate that it was open source. No luck.

A Russian client contacted KeychainX a few weeks later with an entirely new wallet that used Cyrillic letters. The team had to go at an old tool’s source code and figure out how to translate them to fit into the system because the majority of KeychainX’s custom-built tools were developed for English or Latin passwords.

It provided inspiration for Alex’s wallet.

What if the methods employed and the distinctive letters that encrypted his wallet were converted by the encryption software to seem like Cyrillic characters?

Resuming their attack on the Presale wallet, the team approached the unusual character locations as if they were Cyrillic. Boom! The group discovered the password, but there was a problem.

Since the special characters were outside of their proper code or character set, the majority of wallet software that would typically import the wallet and show the private key would not function. Instead, to export the private key using the foreign character set, the team had to manually decode the wallet.
KeychainX attempted to call Alex many times after transferring the money out, but each time the call was sent to his answering machine. The crew wrote to Alex, but they haven’t received a response.

It took him over three days to return to KeychainX, and it was unnerving to be sitting on someone’s $4 million USD while not knowing where they were. The value fluctuated by hundreds of thousands each day in both directions due to the volatile Ethereum pricing.

After sending Alex his portion of the money and wishing him luck and safety, the crew stopped communicating with him. KeychainX wishes him happiness as he enjoys his just discovered, long-lost money!