$5 Wrench Attack

What Is a $5 Wrench Attack?

A $5 wrench attack is a physical coercion attack where an adversary uses violence or the threat of violence to force a cryptocurrency holder to reveal private keys, seed phrases, or passwords, or to directly transfer funds. The term highlights a fundamental truth about cryptographic security: no matter how sophisticated the encryption, a determined attacker can circumvent it entirely by targeting the human holding the keys.

The name originates from xkcd comic #538, published in February 2009. The comic contrasts a fantasy scenario where adversaries build a million-dollar computing cluster to crack RSA encryption with what would actually happen: beating someone with a cheap wrench until they reveal the password. In the cryptography community, this concept is formally known as "rubber-hose cryptanalysis," a term coined by Marcus J. Ranum in 1990.

Unlike digital attacks such as Sybil attacks or 51% attacks that target protocol weaknesses, the $5 wrench attack targets the weakest link in any security system: the person. This makes it uniquely dangerous for self-custody users who hold their own keys, because there is no customer support to call and no chargeback to file.

How It Works

A wrench attack follows a predictable pattern, though the specific methods of coercion vary. Understanding the attack chain helps identify where defenses can be inserted.

1. Target identification: the attacker identifies someone who holds significant cryptocurrency. This may come from social media posts, conference attendance, public blockchain analysis, or information from acquaintances.
2. Physical confrontation: the attacker gains physical access to the victim through home invasion, kidnapping, ambush, or deception (posing as a delivery worker or law enforcement).
3. Coercion: under threat of violence, the victim is forced to unlock devices, reveal seed phrases, provide passwords, or directly transfer funds.
4. Extraction: funds are moved to attacker-controlled addresses. Cryptocurrency transactions are irreversible, so once sent, recovery is nearly impossible without law enforcement intervention.

The entire process can take minutes. Unlike chain analysis or dust attacks that leave digital trails, the physical component makes this an immediate, high-stakes encounter.

The Scale of the Problem

Jameson Lopp, CTO of Casa, maintains a public tracker of physical Bitcoin attacks. As of 2026, it documents over 350 incidents dating back to December 2014. The trend is accelerating sharply: documented attacks increased approximately 75% from 2024 to 2025, with confirmed losses exceeding $41 million in 2025 alone.

These numbers likely understate the true total. Many victims choose not to report crimes out of fear of repeat offenses or lack of confidence in law enforcement. Notable incidents include the 2025 kidnapping of Ledger co-founder David Balland in France, where attackers severed his finger and demanded $11.5 million in ransom, and the 2024 conviction of Gilbert St. Felix, who received a 47-year sentence for leading a violent home-invasion ring that stole over $263 million in cryptocurrency across multiple US states.

Mitigations

No single countermeasure eliminates wrench attack risk, but layered defenses can make attacks slower, less profitable, and more likely to fail. The goal is to create a situation where the victim genuinely cannot comply with the attacker's demands, even under duress.

Multisig with Geographic Distribution

Multisignature wallets require M-of-N keys to authorize a transaction (for example, 3-of-5). By storing keys across geographically separated locations, a victim can truthfully state that they cannot access all required keys from where they are. An attacker would need to coerce multiple people or travel to multiple locations, dramatically increasing the time, complexity, and risk of getting caught.

Services like Casa implement this with keys distributed across multiple signing devices in different physical locations, with one key held by the service provider that requires video-conference authentication to co-sign. The longer an attack takes to complete, the more likely the attacker gets caught.

Time-Locked Vaults

Time-locked transactions introduce mandatory delays between initiating and completing a withdrawal. Even if an attacker forces a victim to begin a transaction, they must wait hours or days for it to finalize, giving law enforcement a window to intervene. Two approaches exist:

• Pre-signed nLockTime transactions: a user can pre-sign a transaction moving the majority of funds to a cold storage address with a 48-hour delay. Under duress, the funds automatically move to a safe address the attacker does not control.
• OP_VAULT (BIP-345): a proposed Bitcoin covenant that introduces a mandatory delay on vault withdrawals. During the delay, funds can only be swept to a pre-committed deep cold storage address, making it impossible for a coerced user to redirect funds elsewhere. This proposal requires a soft fork and is not yet active on Bitcoin mainnet.

Passphrase Wallets and Plausible Deniability

Hardware wallets support BIP-39 passphrases that create entirely separate wallet derivation paths from the same seed phrase. A user can configure multiple tiers:

• No passphrase: shows a small day-to-day spending wallet with a minimal balance
• First passphrase: reveals a moderate "decoy" balance that an attacker might accept as the full holdings
• Second passphrase: the real holdings, invisible without the correct passphrase

However, this approach has limitations. There are no well-documented cases of a victim successfully escaping an attack using a decoy wallet, and there is no certainty about what amount would satisfy an attacker. A sophisticated attacker aware of passphrase wallets may not be convinced by a small balance.

Social Recovery and Shamir Secret Sharing

Shamir Secret Sharing splits a seed into N shares where only M are needed for reconstruction (for example, 2-of-3). A single share reveals zero information about the secret. Under coercion, the holder can truthfully say they cannot reconstruct the wallet alone: they need cooperation from trusted contacts who hold the other shares.

Trezor implements this natively via SLIP-39, which provides a standardized way to create and reconstruct Shamir-split seed backups. Combined with geographic distribution of shares, this creates a robust defense against single-point-of-failure physical attacks.

Operational Security Practices

Technical mitigations matter, but prevention is more effective than defense. The most important operational security practice is not being identified as a target in the first place. Approximately 80% of documented physical attacks succeed, meaning that once an attack begins, the odds favor the attacker.

• Never disclose holdings publicly. Do not discuss crypto wealth on social media, at conferences, or with acquaintances. Domestic staff, delivery drivers, and service workers are commonly cited as unintentional information leak vectors.
• Use pseudonymous identities for crypto-related activities. Separate your real identity from your on-chain activity.
• Use PO boxes or registered agent addresses instead of personal home addresses for any crypto-related business registrations.
• Keep hardware wallets in secure, non-obvious locations. Consider off-site storage such as safety deposit boxes rather than keeping devices at home.
• Avoid cleartext seed phrase backups at home. Use metal backups in secure off-site locations.
• Use a dedicated device for crypto operations. Never mix with general browsing, email, or social media to reduce the attack surface.

Why Institutional Custody Accounts for Physical Security

Institutional custody solutions inherently mitigate wrench attacks by separating key control across multiple parties, locations, and process layers. No single employee, regardless of their seniority, can be coerced into moving funds unilaterally.

Multi-party computation (MPC) ensures private keys are never assembled in one place: key shares are distributed across multiple servers in different physical locations. Even gaining access to one facility reveals nothing useful. Combined with mandatory multi-party authorization, time delays, video verification, and audit trails, institutional custody makes single-point physical coercion ineffective.

This principle applies beyond traditional custodians. Self-custody solutions built on distributed key architectures, such as threshold signature schemes, bring similar protection to individual users. Platforms like Spark leverage these cryptographic primitives to enable self-custodial Bitcoin management without concentrating all key material in a single location.

Risks and Considerations

Escalation of Violence

As cryptocurrency values have risen, so has the severity of attacks. Incidents have escalated from simple robberies to kidnappings involving mutilation and extended captivity. France has become a particular hotspot, with incidents rising from 18 documented cases in 2024 to 67 in 2025 and 47 in just the first five months of 2026.

Expanding Victim Profiles

Early wrench attacks primarily targeted high-profile traders and exchange operators. The victim pool has broadened significantly: recent targets include family members of crypto holders, employees of crypto companies, and individuals with comparatively modest holdings. Attackers now target people based on blockchain analysis, social media activity, or tips from acquaintances.

Legal and Insurance Gaps

Most homeowner and renter insurance policies do not cover cryptocurrency theft. Specialized crypto insurance products exist but are expensive and primarily available to institutions. Victims of physical attacks may have little legal recourse for recovering stolen funds, especially if the attacker moves assets through mixing services or cross-chain bridges.

Tradeoffs in Self-Custody

The wrench attack represents the fundamental tension in self-custody: full control over your assets also means full responsibility for their physical security. Solutions like multisig and time-locks add friction to legitimate use as well as illegitimate use, creating a usability tradeoff. For a deeper comparison of custody approaches, see the research on self-custodial vs. custodial wallets and Bitcoin custody solutions.

This glossary entry is for informational purposes only and does not constitute financial or investment advice. Always do your own research before using any protocol or technology.