Most unlikely thing in the world or trezor glitch?

Hey all.

I was going through the process of recovering my wallet with my seed and to my horror I noticed that one of my words written down wasn’t a valid seed word.

I set about trying every combination until I got into my wallet. I got in quite quickly with a word that looks just like the word I had written down. However, I noticed that with my passphrase, it opens a completely new wallet. At first I thought it was my passphrase, so I tried a million other possibilities with no luck.

So next, I went back to iterating through other possibilities for my incorrect seed word and found that another one worked too. Since it is a statistical impossibility that I’d randomly accessed 2 different wallets with recovery seeds differing only by 1 word, I figure this has to be some sort of glitch with trezor? Particularly because this doesn’t seem to be my wallet either!

So, I now have access to at least one wallet that is not my own - each random seed differing by one word.

Any thoughts on this topic would be great but specifically, here are my questions.

  1. If a 24 word random seed is valid, does that mean it’s necessarily a trezor wallet or could it be another branded BTC wallet?

  2. Is there some kind of safety mechanism with trezor devices that creates a new wallet with whatever random seed you enter after a certain number of incorrect recovery attempts?

  3. If the answer to (1) is yes, it’s necessarily trezor. This surely has to be a glitch or at least negligently non-random generation algorithm used to generate seeds?

  4. Or is this just the most unlikely coincidence in history?

There is 1 in 256 chance that a completely random 24-word seed phrase is valid.
So it’s definitely not a “statistical impossibility”.

It seems you are slightly confused as to what it means that a seed is “valid”.

There are 2^256, or 115792089237316195423570985008687907853269984665640564039457584007913129639936, possible wallets in total. That is a little less than the total number of atoms in the observable universe.

When Trezor is generating a seed, it randomly picks one of these wallets.
No “new wallet” is created in this process. You pick one of the 2^256 possible wallets, and encode which one it is in the seed words.

This works fine, because the chance that you pick the same wallet as someone else is so small as to be a practical impossibility.

However, you can sit there all day generating new seeds that pick different wallets out of the 2^256 options. (And there is still next to zero chance that you hit someone else’s wallet.)

When you change a word in your seed, the new seed encodes a different wallet. By itself, this would mean that every combination of the 24 words encodes a wallet. But that is impractical – it would mean that if anyone ever makes a mistake in writing down the seed, they get no error and just open a different wallet (an empty one, because the chance of hitting a wallet already in use is next to zero).
For this reason, the seed also encodes a checksum. If you write down the seed wrong, the checksum does not match, and Trezor can tell you: “you probably wrote down the seed wrong.”

There is 1 in 256 chance that the modified seed just happens to pass the checksum, so Trezor does NOT think that it’s badly written down, and just opens the wallet that is indicated.

1 Like

Ahhhhh. Thanks very much for clearing this up.

So, to clarify, any combination of the 24 seed words is valid, but only 256 of them pass trezor’s checksum?
So the statistical impossibility is that I’ve stumbled into someone else’s wallet, but its 1 in 256 that the incorrect seed I entered happened to pass the checksum?

I assume you mean “1 in 256”, right?
You’ve got the gist of it, but more precisely: any combination of the 24 seed words encodes some wallet, but only 1 in 256 is valid, i.e., it also passes the checksum.

(To be even more precise: for every possible wallet, there are exactly 256 different ways of encoding it into 24 words. Out of those, exactly one is considered “valid”. This is the checksum: you selected some wallet, and you encoded it in the right way out of the 256 options.)

That’s right.