[jiehong]

If one pass phrase was stored as a screenshot on his iPhone (which is automatically stored on iCloud without much encryption), I have little faith about the certainty of his paper words having never been accessed.

Anyways, either someone had access to his hardware wallet and had a copy of that paper at the time of the theft, either wallets are insecure.

If wallets were that insecure, more complains and warnings would be found online, and the wallet company would probably loose all its customers. So I say it’s unlikely.

[fadys]

That's partly why I'm posting this here. There must be something else going on. The paper with the seed words WAS NOT accessed.

[jiehong]

Plus, if someone has a copy of his recovery words, they would be able to actually recover / clone his hardware wallet I think, because that’s what they are for.

If your nephew didn’t access that paper for years, it doesn’t mean someone hasn’t. Was it stored in a box with glitter nail polish on the lid ? Just something that can prove the location wasn’t opened without his knowledge. Believing it, is not enough.

Could he has noted those words on a block notes and the piece of paper below it recorded an imprint of those words that were recovered be someone else?

Have fun being a Sherlock! But I guess not much can be done.

Not sure the police would consider such a case as a valid theft (at least not yet)

[fadys]

Can you imagine a scenario where you secretly write some words down on paper, three years ago, near no devices, and you store it somewhere where you absolutely know for sure no one will ever access? I can imagine such a scenario for myself.

That's what he did.

Then we have the whole Trust Wallet compromise on his iPhone.

[doggosphere]

That's what you believe he did.

He may have taken a photo of it. Maybe left it out on the table when a friend was over. Maybe wrote a text copy as backup and forgot he ever did that.