Nettitude Blog

Nearly 4 Million Bitcoins Lost Forever, New Study Says

Posted by Richard Dennis on Nov 29, 2017 11:38:49 AM

Nettitude Technical Researcher, Richard Dennis, has taken a look into how nearly four million Bitcoins have been lost forever.


According to new research from Chainalysis, a digital forensics firm that studies the bitcoin blockchain, 3.79 million Bitcoins are already gone for good based on a high estimate—and 2.78 million based on a low one. Those numbers imply betweetn 17% and 23% of existing Bitcoins, which are today worth around $10,500 each, are lost. In the future, more Bitcoins will be lost and this raises four key questions:

1. How and why are these Bitcoins "Lost"?
2. Can these Bitcoins be recovered?
3. How can users protect themselves from losing Bitcoins?
4. What issues arise from using a wallet?

The research methodology used by Chainalysis has not been released. However, a method to establish how Bitcoins are lost is easy to create. Since the blockchain (a public ledger holding all data about Bitcoin) is public and anyone is able to view and download it. It would be easy to search through the Bitcoin blockchain and conduct analysis on the last time Bitcoins were spent. An assumption would be any Bitcoins not used in some way in the past say 18 months are no longer in circulation and actively being used in the network.

Bitcoins are not lost as such and can never be destroyed. What is meant by "lost" Bitcoins is users who no longer have the ability to spend Bitcoins. They are stored in the blockchain, using something called a public and private key pair. The Bitcoins in the blockchain are identified by their public key, but for anyone to move the Bitcoin they would be required to sign the transaction with the matching private key. This shows everyone the person trying to spend the Bitcoin is the original owner. However, the private key, unlike a password is very large 256-bit number. Breaking a symmetric 256-bit key by brute force requires 2^128 times more computational power than a 128-bit key. Fifty supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×3x1051 years to exhaust the 256-bit key space.

In summary, if the private key is lost, there is no way of ever finding it again, so the Bitcoins cannot be spent. So, while technically they still exist in the network, they have no way of being spent. Due to the network implementation currently, once this private key is lost the Bitcoins are never able to be recovered.

A wallet is a location which stores all these private keys into a single place. There are various wallet providers including local storage based wallets or a cloud based wallet system. These manage your keys for you. Storing the wallet on a home PC means the user is in control of the wallet and keys. However there has been malware, for example the Cerber ransomware which targets a Bitcoin wallet cloud based wallet providers, provide backup systems and user name / password reset options to access the wallet. It also means should a home PC for example fail the wallet and keys will not be lost.

However, as have been seen with Parity, using a cloud wallet is not a perfect solution - as a bug in their wallet implementation left 300 million of digital currency unable to be accessed. The perfect solution - Print out the keys and store them in a fire proof safe. This shows that while the technology of Bitcoin is new and exciting, some implementation decisions have shown that Bitcoin is not ready for mass adoption that the current banking industry has provided.

About Nettitude

Nettitude is the trusted cyber security provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

Our experts use an award winning Threat Intelligence led approach that incorporates real-time data, ensuring that your company is protected at every stage of its journey.

Receive an update when we post!

Recent Posts