But as long as there is no mathematical proof that such attack is impossible, I do not feel entirely comfortable with deterministic keys
You might have bigger problems then since ecdsa is also only assumed to be secure.
Why? My private keys are not sent to the server. so if the Electurm server turns out insecure, still nobody can steal my keys.
Private Keys are stored in the electrum.dat file otherwise known as the wallet.dat file. This file can be password encrypted but the seed can still be used to generate a copy.
Electrum is a brain wallet.