Claude AI Recovered a $400K Bitcoin Wallet Lost for 11 Years — Here Is How

A Bitcoin wallet holding approximately 5 BTC — worth around $400,000 at current prices — sat inaccessible for more than 11 years. The password had been changed in 2015 and immediately forgotten. Every human attempt at recovery had failed. Then the owner tried Claude.

The story went viral on X in May 2026 after user Cprkrn published their account. What the headlines got wrong: Claude did not crack a password, did not brute-force Bitcoin's cryptography, and did not try 3.5 trillion guesses. What Claude actually did was more interesting and more instructive — and it says something specific about what AI does well that humans miss.

The Setup: 11 Years of Failed Recovery Attempts

The owner changed their Bitcoin wallet password in 2015 while — by their own account — not in a condition to remember it. The specific wallet backup file was encrypted under the new password. Every recovery attempt over the following 11 years focused on trying to crack that encrypted file.

The 3.5 trillion figure that circulated in headlines came from a brute-force password cracking tool the owner had used. That tool ran trillions of password permutations against the encrypted file and failed. The owner had resigned themselves to the loss.

When they brought the problem to Claude, they provided everything they had: the encrypted wallet file, fragments of remembered passwords from that period, and a disorganised archive of digital files accumulated over years.

What Claude Actually Did

Claude did not attempt password cracking. Instead, it audited the full scope of what the owner had.

In reviewing the archive of old files, Claude identified a wallet backup file from December 2019 — four years after the password change — that predated the encrypted version the owner had been trying to crack. This older backup used the original password the owner still knew.

This sounds obvious in retrospect. It was not. Human recovery attempts had focused on the problem as defined: crack the encrypted file. Claude approached the problem as defined by the owner's actual goal — recover access to the Bitcoin — and surveyed all available resources without assuming the encrypted file was the only path.

That reframing alone would have been enough. But there was a second problem.

The Decryption Logic Bug

When the owner tried to use the December 2019 backup with their remembered password, the recovery failed. The open-source wallet recovery tool they were using had a subtle bug that had been silently causing every attempt to fail.

The bug: the tool was concatenating the shared encryption key and the password in the wrong order during decryption. Bitcoin wallet software from that era used a specific concatenation sequence — key+password — to derive the decryption key. The recovery tool had implemented it as password+key. The concatenated input looked valid. The decryption consistently produced garbage. No error was thrown because the wrong-order decryption completed without crashing — it just produced an unintelligible result that looked like a failed password rather than a code bug.

Claude read the recovery tool's source code, identified the transposition, corrected the concatenation order, and re-ran the decryption. The private keys were extracted. The wallet was recovered.

Why This Is a Specific Kind of AI Capability

The Bitcoin recovery story is instructive precisely because it is not what AI is conventionally described as being good at.

It is not pattern-matching over large datasets. It is not generating text. It is not filling in a known answer from training data. It is a multi-step diagnostic process:

1. Reframe the problem from "crack this specific file" to "find any path to wallet access"
2. Audit all available materials without anchoring on the obvious starting point
3. Identify a file that human experts had overlooked because they were focused elsewhere
4. Read and debug unfamiliar source code for a subtle logic error
5. Apply the fix and verify the output

Step 4 is where the capability gap is most visible. The bug — key+password vs password+key concatenation order — is the kind of off-by-one-logic error that is genuinely hard for humans to spot when they are not the authors of the code and the failure mode (wrong decryption output vs. no output) does not clearly indicate a code bug. Claude read cold source code and found it.

What This Does Not Mean

Bitcoin's cryptographic security is intact. Claude did not break elliptic curve cryptography, did not reverse a hash function, and did not bypass any layer of Bitcoin's security model.

The recovery worked because:

• The older backup existed (Claude found it in archived files)
• The older backup's password was known (the owner remembered it)
• The recovery tool had a logic bug (Claude diagnosed and fixed it)

Remove any of those three factors and the recovery does not happen. Someone who has no surviving backup, uses a password they have no fragments of, and is using correctly-implemented recovery software is not getting their wallet back from Claude or any other AI.

The practical takeaway for anyone with inaccessible cryptocurrency: before concluding that a wallet is unrecoverable, audit all historical backup files across every device and storage medium you have ever used. Old partial backups, wallet exports from alternative software, or files from a period before a password change may exist in places you are not checking. AI is well-suited to auditing disorganised archives and identifying relevant files in ways that human searchers miss.

The Viral Response and What It Got Wrong

The headline that circulated — "Claude tried 3.5 trillion passwords before recovering the wallet" — inverts the actual story. The 3.5 trillion brute-force attempts were the human recovery strategy that failed for 11 years. Claude's contribution was not more of that. It was a different approach entirely.

The misreporting matters because it implies that AI crypto recovery is primarily a compute problem — more passwords per second, faster cracking. The actual value demonstrated here is code comprehension and problem reframing. Those capabilities do not scale with compute. They require the kind of multi-step reasoning over unfamiliar material that frontier models have become specifically good at.

Claude's recovery of the $400,000 Bitcoin wallet is less a story about AI brute-forcing security and more a story about AI reading old source code better than the humans who were using it — and looking in the right archive before assuming the locked door was the only door.

Key Takeaways

• The recovery: Cprkrn recovered approximately 5 BTC (~$400,000) after 11+ years of failed access; viral on X in May 2026; Claude was the tool that succeeded where human recovery attempts failed
• What Claude found: An older wallet backup from December 2019 in the user's archived files — predating the 2015 password change — that used the original known password
• The code bug: The open-source recovery tool had a key+password vs password+key concatenation logic error; Claude read the source code cold, identified the transposition, fixed it, and extracted the private keys
• What it is not: Bitcoin's cryptographic security was not compromised; Claude did not brute-force or guess passwords; the 3.5 trillion attempts were a human tool that failed before Claude was involved
• The capability demonstrated: Problem reframing (find any path, not just crack this file) + archive auditing + cold source code debugging = a specific and genuinely useful AI capability profile
• Practical implication: Before writing off inaccessible crypto as lost, audit all historical backup files and storage media systematically; old pre-password-change backups may exist in overlooked locations

For Anthropic's Mythos model that demonstrated more advanced AI capabilities in security research, read Anthropic Mythos: macOS Exploit in 5 Days, $950B Valuation. For the broader context of what Claude agents can do in enterprise workflows, read Anthropic "Dreaming": Claude Agents Now Self-Improve Between Sessions.