Successful BTC recovery from Ledger HW.1 version 1.0.1 (lost seed)
Successful BTC recovery from Ledger HW.1 version 1.0.1 (lost seed)
Embedded Files
Originally published on reddit: https://www.reddit.com/r/ledgerwallet/comments/1hcwpz2/successful_btc_recovery_from_ledger_hw1_version/
---------- Short version / TL;DR:
Client (located in Europe) had BTC from around year 2015, secured by an old Ledger HW.1 hardware wallet.
The Ledger HW.1 hardware wallet, released in 2014 in the early days of the Ledger Company, is a screenless USB dongle supporting only BTC.
The device seed phrase was lost. If Client had their seed phrase, recovery would have been trivial by just entering it in a new device.
Client believed they still knew the unlocking PIN. The firmware on their HW.1 was version 1.0.1, which is unsupported by Electrum and by all other current BTC wallets. HW.1 devices are also completely unsupported by Ledger. Firmware 1.0.1 uses a different API for signing BTC transactions, compared to later firmware version.
We worked remotely with the Client, using a custom (and basically untested) version of the ledger plugin of an older version of Electrum running on Linux, in a virtual machine running on a Windows host. We provided the Linux virtual image to the Client in the form of a very large zip file.
Signing transactions with the HW.1 dongle involved using a Security Card that the Client had.
The signed transaction (in hex format) was manually verified, then broadcast to the BTC network, where is was then confirmed.
All the BTC were successfully recovered.
---------- Long version
Client (located in Europe) had BTC from around year 2015, secured by an old Ledger HW.1 hardware wallet.
The Ledger HW.1 hardware wallet, released in 2014 in the early days of the Ledger Company, is a screenless USB dongle supporting only BTC.
The device seed phrase was lost. If Client had their seed phrase, recovery would have been trivial by just entering it in a new device.
Client believed they still knew the unlocking PIN. The firmware on their HW.1 was version 1.0.1, which is unsupported by Electrum and by all other current BTC wallets. HW.1 devices are also completely unsupported by Ledger. Firmware 1.0.1 uses a different API for signing BTC transactions, compared to later firmware version.
Client told us they have three HW.1 dongles, but only one had been set-up, and the two others were never used. All of them had firmware v1.0.1. One of them is missing its Security Card i.e. they have 2 Security Cards, one on them associated to the HW.1 that was securing their BTC.
They offered to send us the two unset HW.1, which is great because we don't have any test HW.1 with firmware anterior to v1.0.2. So in case of difficulties we could setup a test ledger very similar to the one they have with the BTC, to test the recovery code.
Just in case they accidentally swapped the two Security Cards, we told them to make a photo of the Security Card before they put it in the mail for us, just to be safe in case the mail gets lost.
Now we are also able recover from HW.1 even in case the Security Card is lost, but it requires much more efforts (see  https://www.reddit.com/r/ledgerwallet/comments/1h5d2cv/ledger_hw1_with_lost_security_card_and_lost_seed/ ).
We provided Client a downloadable compressed virtual image and told the Client how to install and run Oracle VirtualBox on their Windows laptop, to boot and run the Linux virtual image, with Electrum running on it.
Client was able to connect to the HW.1 dongle with Electrum on the virtual machine, and it asked the unlocking PIN.
Client entered their 4-digit PIN and...INCORRECT PIN, 2 TRIES LEFT!
Quite nerve wrecking for our Client (they lost their seed phrase, and 2 more bad PINs would mean the permanent loss of all their BTC), but after cooling down and thinking, they thought it could be another PIN that they used at the time.
We had a discussion about whether the HW.1 PIN could be 6 digits, or if it had to be always 4 digits. Internally (based on the technical API), the HW.1 PIN can be 4 to 16 digits, but all the HW.1 we ever saw were always setup with a 4-digit PIN, so we think the Ledger setup software at the time only allowed 4-digit.
So Client did another attempt with another 4-digit PIN and this time... SUCCESS!
Electrum was then able to sync BTC legacy account #0 (derivation path m/44'/0'/0'), and... there were about 10 transactions from 2015 to 2017, but the final balance was 0 BTC.
We told Client that we believed the Ledger BTC Chrome Extension could only handle 1 BTC account (account #0), so no luck.
But Client told us that at the time they were using Mycelium wallet of their android phone, connected to their HW.1 with an OTG USB cable, and they remembered that Mycelium could definitely manage multiple BTC accounts with the HW.1, and that they had 3 BTC accounts.
So we decided to look if there was an account #1 with Electrum, by manually editing the derivation path, and... BINGO!, we found the account with the BTC balance.
We then decided to sign the transaction to send the full balance to Client's recovery BTC legacy address (the HW.1 probably would not handle segwit, so we took no risks).
When clicking on "Sign" in Electrum, Client got a pop-up indicating "Error: string argument without an encoding".
The error trace in the Linux terminal indicated the python file that triggered the exception, and the error looked trivial to fix in the code. So under our instructions, Client edited the python file with the emacs editor, to fix the code on one line.
They restarted the entire process again, and this time, no more error.
Signing the transaction with the HW.1 dongle involves using the Security Card as a 2FA challenge-response system. Client carefully entered the challenge-response code based on their Security Card, and... the HW.1 dongle returned error 0x6985.
This error means: incorrect challenge-response code.
Since Client were careful entering the correct code from the Security Card, we told them that most likely they were using the wrong Security Card. Luckily they took a photo of the other Security Card that they sent in the mail, so they tried again, using this photo of the other Card.
This time, the HW.1 accepted the Security Card code, and our plugin was able to generate the signed transaction, in hexadecimal, and display it in the terminal.
After checking that the signed transaction looked correct when decoded, we managed to broadcast it to the BTC network, using Electrum on another Windows host (You can load a pre-signed transaction - in hex format - in Electrum, then broadcast it).
This recovery was successful, after many stressful moments and a lot of work for the Client (who is not a computer guy).
We are now looking at recovering possibly pretty big amounts of BCH from the same HW.1 dongle, stemming from large BTC amounts being held before the BCH fork and never recovered. Stay tuned!
[UPDATE]
After we did this recovery, Client did find their HW.1 seed phrase (among a bunch of old seed phrases they used at the time, 10 years ago)!!!
Comments: you can read and post comments on reddit, even if the post was "removed by reddit filters",
In the same Recovery series: Other crypto recovery reports by loupiote2
Contact loupiote2 via chat or message from reddit profile: https://www.reddit.com/user/loupiote2/
Page updated
Google Sites
Report abuse