In 2014, Ethereum changed forever by holding a presale event that allowed 8893 investors to buy into the creation of it’s new Genesis Block and receive tokens. This investment of 2000 USD is worth over 10,000,000 USD in 2021.
https://etherscan.io/txs?block=0
Many who participated in the presale received amazing returns. However, more than 300 wallets from the presale are still stuck when you examine the Genesis block. These wallets range in size from a few ETH to more than 10000 ETH.
The ETH version 2 deadline is fast approaching and those pre-sale wallets worth a staggering 1+ billion USD could be lost forever.
Many people complained about bugs and mishaps that occurred during the presale (changes in code, problems with foreign language keyboard settings, etc.). However, it is clear that the majority of lost wallets are the result of poor security practices or ignorance. However, these funds can still be recovered. You only need patience, time and luck.
First, you need to find out if your pre-sale wallet actually contains any funds. Many purchases went wrong, and some wallets were sent out with 0 balances.
To check the balance of your wallet you need to open your ethereum_wallet_backup.json file with a text editor and scroll to the string “ethaddr:”
The number after this is your ETH wallet address. By adding 0x to the number, you can see the amount of Ethereum stored in it by going to
If you balance is 0 you have an empty wallet which you can delete and forget about. If you have a non zero balance you can start to try and get access to your wallet. The password required when the wallet was created needed to be in a specific format:
- Minimum 11 characters
- Minimum one uppercase
- Minimum one lowercase character
- Minimum one of the following characters must be used
- Minimum one number
So a typical password would look something like: P@sw0rd123
Cracking the password
The following steps will help you open the file by yourself.
1. The John The Ripper script, ethereum2john.py can be used to extract the hash of your .json file. The hash is your password in encrypted format that your computer can decrypt. You can download btcrecover here https://github.com/gurnec/btcrecover
2. Write down a list of possible passwords and save it in a file named passwords.txt
3. Download hashcat and create a set of rules that will try additional variations of the passwords in your password list. https://hashcat.net/hashcat/
After you have created your password list and extracted the hash from your .json file and created your rule-set, you can run hashcat to crack the password. We recommend using a computer with a fast GPU and this will increase the cracking speed dramatically. Relying only on a CPU will take weeks or even months to crack.
Hashcat mode 16300 is used to search for ETH presale passwords with hashcat and you can usually perform over 200k password checks per second with a decent GPU card. This is how your hashcat command should look.
hashcat –m 16300 wallethash.txt passwords.txt –r passwordrules.rule
This will test your wallet against your password list and also apply the set of rules that you’ve created too. You can add the flag –status –status-timer=5 to monitor progress. It will update every 5 seconds.
If hashcat successfully cracks your wallet password the program will terminate and display the wallet’s password. This will also be saved in a file called hashcat.potfile
We can recover your ETH Wallet
If you’re unfamiliar with what we’ve described above, we can provide this service for you. Please contact us for further details.