Coldlar hardware wallet recovery from 2010
Lost (broken) Coldlar Wallet Recovery
Recently we received an order to scan and repair the Coldlar hardware wallet. We solve mainly software-related problems, but we also receive many inquiries in the context of hardware problems. In this case, the hardware wallet looked broken. When the user tried to start up, the device only showed the initial screen with its logo, and then nothing else could be done from the user’s perspective.
After receiving the device, we first analyzed it from the electronic side. We wanted to check exactly which elements could be damaged on the device’s mainboard. We quickly realized that the battery was discharged; it could mean a problem with the charging system. Its internal protections activated its disconnection. We disconnected the battery and replaced it with a laboratory power supply. We slowly increased the voltage to a value of 3.7V, checking for short circuits, and the current protection was turned on up to 120mA. Despite resolving the power problem, the device still behaved the same way.
We continued our analysis. It turned out that the BMS MT6305V chip, which is responsible for power management in all electronics, is also damaged. We also assumed that it could be responsible for software issues that could not work properly due to this element.
Therefore, the next concept was an attempt to replace this element by ordering a new one with the same parameters. Unfortunately, the BGA version of the chip was not available to order in our case, so we gave it up. We had nothing else to do but to desolder the Flash memory chip BWCE28K-08G.
*The software was not working properly. Coldlar displayed logotype only.
After we separated flash memory from the mainboard, we read the information from the integrated circuit using appropriate tools. After extracting the data, it turned out that we have about 8 GB that we can search. The amount of data that was available gave us high hopes for success. The goal was simple, find and retrieve the private keys that will allow us to access the funds.
We could consider the stage of our work at the hardware level as successful; the time has come for the key area of work related to the data itself and searching what is in it. Based on our experience and practice, we have managed to create many tools that allow us to automate our work, for example, by automatically searching large amounts of data with a script that extracts and shows only private keys, if they are in the data.
This part didn’t require too much creativity from us until it turned out that the script didn’t find any keys. This prompted us to start manual viewing files. There was a shadow of a chance that the key might be in a specific form that did not allow its correct reading. The further we looked at the files, the more surprised we were, as we managed to retain data that was not important at all but still had no private keys. We were able to admire Bugatti Veyron wallpapers and various cats, but it was a small compensation compared to the time we spent trying to recover keys.
The database files were very jagged, which we found extremely strange. We concluded that the software’s problem was not only on the hardware side but also on the update side that the client had to perform. Unfortunately, we had to stop our search and sadly inform our client that the recovery was unsuccessful. The above example was extremely interesting for us because it required a comprehensive approach. Most of our orders usually concern problems with passwords, seeds, etc. However, it does not change the fact that we are always open to hardware problems with hardware wallets or hard drives. It is not always possible to recover funds, but it is definitely worth trying, and in case of failure, compensation is provided by new knowledge and experience.