The encryption keys and protection mechanism are hardware based, not software based. The bytes in storage are useless without the phone's exact hardware. Unless they try and brute force the encryption. How many millions of years would that take?
There is only a 4 digit pin, which means it only has 10,000 passwords to try. If you have hardware access, then you control the storage, RAM, etc. No excuse why a lab could not image the drive bit by bit and just try combinations until the correct one is found. Even if it is set to self-destruct after 10 tries, loading up the storage image basically resets the clock. Tedious perhaps, but not impossible and won't take till the end of the time to crack such an easy code. Is there something more to the phone that isn't being published out to the public?