This story sounded familiar and I was sure I heard it before. Especially when you said that you got locked out of your wallet a year ago. I did a search and found this thread:
Coinbase Wallet - Is my $ lost because I pressed this one button (dangerous)? Is that your account?
From the looks of it, OP (whoever they are) never recovered his funds. But feel free to go through the posts and see what was suggested to possibly fix the problem. Can't believe Coinbase is still offering this awful option to not write down your seed, but also that people are using it.
That other story definitely gives a lot more insight, which is very helpful. If this is the same person, I have one good news and one question:
Firstly, if updating the device cleared your seed, and it came back by restoring the backup, it means the application was not using the
iOS keychain. That's a good sign since it means the seed is definitely somewhere within that phone backup file. If you've got a raw, decrypted version through a forensics company, even better.
If the application had used keychain, it would be more secure, due to storing the seed in something like a secure element, but it would have made it impossible to retrieve.
My question is why you're saying the data is encrypted. Last time I did something like this (a
long, long time ago), I could just browse the file system structure of the backup file. It's definitely possible that a lot has changed, though. Other question: if you already have a trusted forensics company, why don't you ask them to extract any
NSUserDefaults and other app preferences and data of the application in question?
