good wallet, good business. few moments.
1. when i view something on Delphi - on my eyes blink - ATTENTION, VUNNERABILITY.
2. primary question. what function you use for generation priv. keys. Exist VUNNERABILITY generation mechanisms when hacker may sweep all keys generated wallet.
1. Why? I wrote this wallet from a scratch, always focused on security. This code is native, do not use webview or other things which may be vulnerable. It's all native
2. Look at function priv256forHD in misc unit, private keys are created from concatenating master seed and given coin params, then hashed. It's not inversible, so hacker must own a masterseed. Masterseed is generated with ISecureRandom + data from move sensor + taps/clicks etc, then hashed.
MasterSeed is then secured with TCA alghoritm for key streching and SPECK. In early version of HODLER every single private key were also secured with key strech algo but we left this feature because it takes too long for generate pool of addresses for receive/change feature.