A little history (as I understand it):
...
As I recall, ~jav open-sourced it and ~davout just took his work so perhaps some of these conjectures about at least the original ~jav vintage implementation could be verified. A good task to run down at a later date since it is late tonight and I'm tied up most of tomorrow.
...
I did a little hitorical reading and captured a few things of interest. Does not look like Jan ever open-sourced things.
https://sites.google.com/a/tcilgl.com/paymium/home/unorganized-info/instwallet_historyUnless he is more full of shit than I would expect, it looks like ~davout should have and could have noticed if the database held sensitive data in plain-text. Whether he told ~ballsac so he could, if he chose, answer the question asked is unknown.
Reminder to self: If someone claims a 'military grade server', run, don't walk away from the bozo.