Bitcoin Forum

Hey!

Is there any way to get access to the funds on Ledger Nano S (from year 2018) without the PIN code?
I also don't have the seed words.

The private keys are stored in the Secure Element (SE) of the Nano S: the ST31H320 chip.
The SE is asking for PIN before any action with the keys.

So the only way seems to be physically extracting the information from the chip.
Does anyone know a lab or someone who is able to extract the needed information from the chip?
I do know it is a secure chip designed in a way that it would be very hard to read anything from there.
But I guess some military grade labs are able to do that.

Any hint to successfully extraction of the keys will be paid in abundance.

Cheers!

The way I understand it, you do not need the same pin. Pin are just to keep the device locked. All you need is the seed phrase. If you have it then you can use any ledger device with any pin in it and restore the wallet.

What is this SE? Haven't you store your seed in physical form in a paper or any other form?

Since you don't have neither the PIN, nor the private key,... is this your Ledger? I guess not. And then, why would we help you steal somebody else's money? "paid in abundance" sound cool, but "accessory to crime" doesn't.

AFAIK, after 3 wrong PINs your device will be turned to new seed PIN cannot be bruteforce and seed will be.
here are service that can bruteforce your wallet seed if you lost 2-3 words, you can ask them for more details.
I don't know if there is a device that can be connected or modified on the hardware that makes it possible to do more than 3 PIN attempt.

The situation is complex. In short: the owner was running a badly structured business and died. The business partners are trying to recover their funds from the wallet. There is nothing criminal.

---

If I had the seed phase then I wouldn't have made this post  ;)

---

Yeah, thanks.

I do offer the service myself where I can restore your seed when you have up to 6 words missing  ;) (And I can also find the missing words even if you mixed the order of the words.)

It is easy to put a custom software to the Ledger Nano S, but that doesn't help either while the chip that is holding the private keys is also asking for the PIN.

---

Secure Element.

The Ledger Nano S has a dual-chip architecture. There is one normal chip for buttons, screen, USB, etc. And another one -- the secure element -- for all actions with private keys.
It's actually very good and clever design. And very hard to hack :D

[moderator's note: consecutive posts merged]

I've found at some point these writings: https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/
I don't know if you're familiar with them, unfortunately I didn't get to read much either, but a quick look seems to tell that getting the info is possible, especially if you're lucky to have an old firmware on it (1.3.1).

Thanks for that, but I have already went through the linked article. Even contacted the author :)

The attack described by Saleem Rashid in the article can be used to put a custom software to the Ledger Nano S before the usage by the user.
In my case that unfortunately doesn't help  :-\

How do you suppose to do that?
Seed words backup is mandatory to have, and it's even better if you have multiple copies in different locations.
If you don't have both PIN and seed words I can only consider you stole found this device from someone else, or you found it somewhere.

You could in theory only extract encrypted stuff that means nothing to you and it can't be used for anything, unless Ledger and chip manufacturer have some backdoor access.
I wouldn't be surprised if they do have something like this, when everything is closed source and hush hush in their business.

I understand this, but if he died he probably left some will and documents containing seed words and PIN, maybe even passphrase(s).
You can't hack hardware wallets so easy, or governments wouldn't pay millions to do it somehow.

No no, the idea is to flash custom firmware on the Ledger's main MCU, leaving the secure element (and the seed stored therein) alone. You can do that before or after usage, should not matter.
This custom firmware can then just ask the secure element to sign a transaction sending all funds to a certain address and it should indeed return the signed transaction.

You do need to bypass firmware verification (performed by secure element), though, as described here.
https://youtu.be/Y1OBIGslgGM?t=1551

It is true, that I could put a custom software to Ledger's main MCU and leaving the secure element with the keys as it is.
However, the secure element takes PIN code as an argument when doing actions (like signing transaction for example) with the keys.

So with custom firmware I could do all kind of interesting tricks with the Ledger, but without the PIN code I still have no access to the secure element and it's functions nor keys.
And when supplying 3 incorrect PIN-s to the secure element then it will just erase the keys.

---

No idea so far. That's what I'm trying to find out here :)

The documents (and maybe the seed words) are stuck in court. The crypto business the owner was running was formalized loosely on a blockchain and the court does not understand nor accept that. The business partners have spent years without success in that front.

I could pay 6-7 figures for this work.

[moderator's note: consecutive posts merged]

True, true. There may be an implementation bug; especially due to the closed-source STM32 code, it may not have been spotted yet.
Basically, you're looking for a hardware / software n-day, in case your 2018 Ledger was never updated. The hardware should be unmodified from 2018 to 2022, so when looking for hardware bugs, that will actually be 0-days. Unfortunately, I'm not aware of firmware bugs that are easily exploitable on old Ledgers, like on Trezor Model One.

Have you tried contacting reputable people with knowledge / experience in this field yet? That's probably a workable sum of money.

Does it have something to do with the exchange which owner suddenly died but later it was rumored that he did not? A lawsuit was filed against him for scamming and then disappearing. I can not remember the story correctly but there was Canadian (maybe) exchange few years ago that was gone by telling this story.

I understand what you're talking about and it would be funny that it turns out that way. Although hardly anyone would admit to being involved in that story. I also believe that many users of the exchange would have a lot of questions for those partners of the owner of this hardware wallet device, if they are on the bitcointalk forum. So, I think we will not wait for the coming out and perhaps OP has nothing to do with that story. Who knows.

Yes, the Trezor from that time where much easier to hack: one could simply brute force the PIN (https://blog.ledger.com/Breaking-Trezor-One-with-SCA) and there is no secure element in use -- so it would be possible to extract the keys straight from the chip (https://medium.com/the-capital/trezor-hardware-wallet-hacked-in-15-min-and-75-e3c23ced166).

Do you have some people in mind that you think I should try to contact?

---

No, that's another story. The owner actually really died in Spain by suicide and the documents are in German court.

---

While looking up for something unrelated, I've read about Trezor's official reasons behind not using Secure Elements.


I don't know whether it's the same chip as Nano S is using, but maybe you get to use some of Trezor's knowledge on the matter.
Unlike Ledger, who are bound to not divulge anything about the secure chip they use, Trezor may be able to help.
I don't know, maybe I'm wrong, still, it can be an idea...

Wow, that's an interesting finding!
I will contact them and see if they can help  ;)

Reply from SatoshiLabs:
Hacking other companies' HW wallets is not our company's focus. We are also not able to provide you with any contacts for any subjects that deal with this because we simply don't have them.

Completely understandable.

Well, I've tried. Sorry that the idea was not as good as I hoped...

Maybe you could concentrate on finding flaws in that secure chip instead of telling that you're targeting exactly a Ledger device; if you tell about Ledger some may not help you because it can cause them bad publicity (bad actors vs the competition).
But yeah, make your own decisions, my ideas are not always great. :(

If it weren't for the secure element present in the Ledger, I would tell you to get in touch with hardware hacker Joe Grand (https://www.youtube.com/c/JoeGrand/videos). He has some experience in that field, but it was with a Trezor with outdated firmware.

His website that deals with hacking hardware and software wallets is https://www.offspec.io/.
The way I see it is that you have nothing to lose that isn't already lost (meaning the crypto on the device whose PIN you don't know and you don't have the seed either).

Yes, concentrating on the chip is a good idea.
Actually the idea of Trezor as fan of open source hacking a closed source chip looked quite engaging :)

---

Yes. I contacted them and got some hope :)

Their answer was:
Currently, there is no attack for the Ledger but we’re working on it.

I think that Joe mentioned in one of his videos that the STM32 microcontroller chips are flawed in design and vulnerable to attacks. It's just a matter of finding the correct way to attack them and having enough resources to finance the attack and the tools needed. And if I am not mistaken, both the Trezor and Ledger use this type of chip. Who knows, maybe they are working on something as we speak...

According to the HW lists with Secure chip, list updated in September 2022, Trezor still didn't seem to add secure chip to their devices (https://bitcointalk.org/index.php?topic=5304483.0).
And after the thing I've found in their blog (see my other post (https://bitcointalk.org/index.php?topic=5419333.msg61252819#msg61252819)) I would not be surprised if they will not add secure element at all.

They don't have a secure element chip, but they are still using a model of the STM32 microcontroller. And the same thing is true for Ledger assuming all the data in that table is correct. The STM32 models they use are different though.

I wonder what they found, and if that information was shared with the chip manufacturers? Even though they are probably aware of their flaws, hence the non-disclosure agreements. Whatever it is, physical access to the device and the chip is surely mandatory. Maybe that or a similar research is the reason why Joe considers these chips as being flawed as well. 

That is going to be interesting to see, he is certainly working on something new.
It's possible to hack almost anything if you have the right tools and skills, especially if you have the right insider information available.
My theory is that he could find a way to hack old ledger model S device, than ledger can say how they already retired this device and issue was already fixed in model X and S plus  ;)
There is higher chance for older chips to get hacked, but he needs to think outside the box to perform this attack with success.