"Not your keys, not your crypto" is one of the oldest and most repeated lines in crypto. Bruno Krauss, co-founder and CTO of ReWallet, has a more nuanced take, from inside the business of cle
"Not your keys, not your crypto" is one of the oldest and most repeated lines in crypto. Bruno Krauss, co-founder and CTO of ReWallet, has a more nuanced take, from inside the business of cleaning up after the maxim goes wrong.
Krauss is a crypto native who started ReWallet, a Switzerland-registered wallet recovery service, after losing access to his own wallet. The firm has helped hundreds of clients recover funds across Bitcoin Core, Blockchain.com, Electrum, MetaMask, Ledger, Trezor, KeepKey, and BitBox.
He joined TheStreet Roundtable to argue that self-custody is the right destination for serious Bitcoin holders, but a dangerous starting point for newcomers, and that even seasoned users routinely need professional recovery help.
The lost coin problem is enormous and growing. Between 2.3 million and 3.7 million Bitcoin are permanently lost, roughly 11% to 18% of the 21 million maximum supply.
Recovery experts estimate that about 2.5% of that lost stockpile is still technically recoverable, which works out to billions of dollars in stranded coins that could come back into circulation.
The dominant failure mode is not theft. It is the holder losing or corrupting the seed phrase, which is exactly the kind of mistake a custodial provider can usually fix and a self-custody setup cannot.
Krauss draws a clear line between starter-stage and serious-stage Bitcoin holders.
"When you're starting out, (custodial wallets are) the safer solution. If you have a Coinbase wallet at the exchange, then you can always reach out to the support and reset the password. But if you have a software wallet and you forget the password, there's no reset button unless you have the seed phrase." said Krauss.
A forgotten exchange password is recoverable. A lost seed phrase often is not. Self-custodial wallets are non-custodial by design, meaning no third party can restore access.
"Do that step only if you are really sure and you understand it. If you want to start with Bitcoin, then maybe a custodial solution is good to start off, but then also invest the time to learn about how to start yourself." added Krauss.
Krauss said there are two common recovery situations.
The first is when the user still has part of the seed phrase. That can happen when the notebook it was written on is damaged, or when the user scrambled the word order for extra security and then forgot it.
"We had people who were unlucky and spilled water or coffee over the seed phrase and then there were three or four words they couldn't read anymore. Based on the eight words we can then find the missing four ones." said Krauss.
The second is a forgotten password for a hot wallet, where the user still has the wallet file or an encrypted cloud backup. In those cases, ReWallet uses brute force to regain access.
"Depending on the wallet solution, (we can attack) up to multiple-billion times a second. People still have an idea what the password is, but not exactly. We can then take the input of the customer, build the password and try to find the right password."
In Krauss's view, there are two takeaways for crypto holders.
First, the almost religious "not your keys, not your crypto" framing is not the full picture. Investors should seriously weigh whether they are technically proficient enough to become their own bank and take on the responsibility of holding all their assets.
Second, professional recovery services charge significant fees, up to 30% of the amount successfully recovered, so the value at stake has to justify the cost.
Holders should also watch for scams. The Federal Trade Commission and security researchers have flagged a rise in fake "recovery services" that demand upfront payment or ask for the seed phrase outright. A legitimate provider works from wallet files and partial seed phrases, never from a full seed.
And if a seed is fully lost with no backup, no service, including ReWallet, can recover the funds.
