::
> As per title. I understand Shamir (SLIP39) uses word lists that are not included in BIP39 word list.
>
> Does that mean that it is essentially impossible to replicate the same wallet address with purely 12/24 word seed phrase using BIP39 words?
Yes — it is not possible to generate a 12 or 24 word BIP39 seed that opens the same wallet as a Shamir backup.
No — it’s not because Shamir uses a different wordlist 🙂 It is a matter of how the seed data is generated from the mnemonic. BIP39 is applying a one-way conversion to the words. So if you’re starting with a Shamir wallet, you would have to reverse this one-way conversion to find the corresponding BIP39 phrase.
It is actually theoretically possible that there _exists_ a pair of BIP39 seed phrase, a BIP39 passphrase, and a Shamir backup, such that both the BIP39 combination and the Shamir wallet are identical. But (a) there is no practical way to _find_ the combination, and (b) there is no guarantee that for a _given_ Shamir wallet, a corresponding BIP39 wallet exists.
If you go the other direction and start with a BIP39 seed phrase, and select one passphrase to go with it, you can encode the resulting wallet with Shamir backup with 59-word shares.
> Just like the famous Ethereum address on the first page (first address) on keys.lol , where a supposedly invalid private key generated a valid (blackhole) address, the same can be said of addresses that were generated by Shamir Backup (assuming the recovery shares are not exposed to anyone of course).
That’s like saying that because _you_ don’t have the keys to _my_ Bitcoin address, it’s a black hole. Private keys generated by a Shamir backup are just as valid as private keys coming from a BIP39 backup.