Few thought and question,
1. I see few API has wallet_password parameter and i couldn't find anything about HTTPS/secure connection. Is it right to assume developer must setup HTTPS by themselves (e.g. by using reverse proxy)?
2. Does the software open/load all wallets all the time?
3. Mentioning exact/tested version of Python library used would be great. Who knows if the library suddenly change their API.
1. Yes the developer must use HTTPS by themselves. You can also use reverse proxy or just bind the service only to localhost so that only your webapp can access it
2. The wallet is loaded only when API command is executed.
3. It needs python3. As mentioned it internally uses Electrum-4.2.1 library so all dependencies of electrum apply. Thanks for the suggestion, we will mention that as well