Bitcoin Pizza Day and the lost Newport hard drive have company — an Ethereum wallet worth over a billion dollars, frozen since 2014.
Summary
- In 2014, Estonian banker Rain Lõhmus bought 250,000 ETH in Ethereum’s presale, storing it in a wallet that has never been accessed.
- The stash, worth about $1.18 billion today, is fully visible on-chain yet unreachable without the lost presale password and JSON wallet file.
- Lõhmus’s case joins Bitcoin Pizza Day and James Howells’s landfill hard drive as one of crypto’s most famous billion-dollar “what if” stories.
- Ethereum’s presale encryption makes brute-forcing the password nearly impossible without strong clues, leaving the fortune likely to remain untouched indefinitely.
The untouched Ethereum wallet of Rain Lõhmus
In the summer of 2014, Ethereum (ETH) was still a bold experiment, its future uncertain and its value measured in cents.
The project’s founders were raising funds through a 42-day presale, offering early supporters a chance to buy ETH at roughly $0.30 for each token, a price that seemed speculative at the time but would later prove life-changing for those who held on.
Among the early buyers was Rain Lõhmus, an Estonian banker known for co-founding LHV Bank. He secured a large allocation, placing it in a newly created wallet that, from that moment, would remain untouched.
The wallet’s existence might have remained a quiet footnote in Ethereum’s history if not for a public revelation nearly a decade later.
In late 2023, Coinbase executive Conor Grogan linked an address holding exactly 250,000.0256 ETH to Lõhmus. The connection surfaced after Lõhmus appeared on Estonian public radio and mentioned losing access to his original presale wallet.
He openly admitted that it was no secret he owned it and even suggested he would consider splitting the funds with anyone who could help recover them.
On-chain records confirmed his claim that the address, labeled “Rain Lohmus” on Etherscan, had never executed a single outgoing transaction since the day Ethereum allocations became spendable.
Despite this inactivity, it had steadily accumulated a range of airdropped tokens over the years, a side effect of simply existing on the blockchain during a period of relentless innovation.
At today’s market levels, with ETH trading at around $4,700 and daily global spot volumes approaching $60 billion, that dormant stash is worth about $1.18 billion.
Against its original cost basis of less than $80,000 in 2014, the increase is almost unimaginable, rivaling some of the most famous early crypto windfalls.
Yet unlike those who eventually sold or reinvested, Lõhmus’s holdings remain frozen, inaccessible without the private keys that have been lost for years.
Where Lõhmus fits among crypto’s most famous losses
Crypto’s early years are dotted with stories that blend chance, miscalculation, and the relentless march of market prices into billion-dollar legends.
The first, and perhaps most cited, is Bitcoin Pizza Day. On May 22, 2010, programmer Laszlo Hanyecz spent 10,000 BTC to buy two pizzas, the first documented commercial transaction using Bitcoin.
At the time, the payment was worth around $40. Fifteen years later, with Bitcoin trading above $120,000 as of Aug. 14, those same coins would be valued at roughly $1.2 billion.
The second is the case of James Howells, a Welsh IT worker who accidentally threw away a hard drive believed to contain between 7,500 and 8,000 BTC.
For years, Howells pursued legal avenues to excavate the landfill where it was discarded, offering recovery plans backed by investors and engineers.
In early 2025, the UK’s High Court dismissed his claim, effectively closing the chapter on any realistic retrieval. At current prices, that cache would also be worth close to a billion dollars, securing its place in the canon of lost digital fortunes.
Rain Lõhmus’s situation now joins these as a third defining example in crypto’s “what if” category. However, the distinction lies in the nature of the loss.
Unlike Hanyecz’s spent Bitcoin or Howells’s physically destroyed storage, Lõhmus’s 250,000 ETH remains fully visible on-chain, preserved in a single address that has not moved a fraction of a token since Ethereum’s launch.
On-chain data shows it represents around 0.2% of Ethereum’s circulating supply of roughly 120.7 million ETH.
While this is far from a destabilizing amount for the market, it is large enough to be noticed and large enough to cement its status as one of the clearest examples of a billion-dollar ghost balance in the history of digital assets.
Why cracking a presale wallet is nearly impossible
Ethereum’s 2014 presale distributed purchased coins in the form of encrypted JSON files known as “presale wallets.”
These files contain the seed data needed to generate the private key, but the seed is locked behind the password chosen at the time of purchase.
The encryption process relies on PBKDF2-HMAC with a unique salt, a deliberate design choice that significantly increases the time and computational power required for brute-force attacks.
Without the exact password, or at least very strong hints, cracking the encryption moves from challenging to practically unfeasible.
While there are open-source tools and professional recovery firms that specialize in this type of work, all of them require the original JSON file to begin.
The process is not about blockchain-level intervention or any form of reset; it is a localized password-cracking exercise applied to a strongly protected file.
Even with powerful hardware, the work involves systematically testing password candidates from a finite search space, making the quality of any remembered fragments critical to success.
Presale wallets introduce further complexity. If the wrong password is used, the decryption process can still output a valid-looking seed that produces an Ethereum address, but it will often not match the intended target.
This quirk means that recovery attempts must include a verification step to ensure the derived address is indeed the correct one, eliminating any benefit from so-called near misses.
Public discussions in developer forums and documentation for password-cracking tools consistently highlight this as a major constraint.
In practice, recovery rates remain low. Password-recovery services report most successes when clients can recall substantial parts of their original passwords, often in combination with personal wordlists tailored from past habits.
Even the most optimistic practitioners frame their results in terms of carefully constrained dictionaries and years of accumulated expertise rather than guaranteed outcomes.
For someone in Rain Lõhmus’s position, the starting point is binary. If he no longer has the presale JSON file or any strong clues to the password, the probability of recovering 250,000 ETH is negligible.
If he does have both, the task shifts into an extended engineering effort that could take months or years, with a measurable but uncertain chance of success.
In either case, the outcome depends less on public curiosity and more on what was preserved, and how much of it remains accessible a decade after the purchase.
