Essentially, what I wanna say is that I believe that running your own paper-wallet generator offline is the best method in terms of privacy and security.
What do you think ?
I think that 99.99% of people who try to design their own paper wallet generator will end up with something insecure. Your method combines a brain wallet, which are very insecure, with SecureRandom, which has also suffered from critical vulnerabilities resulting in people having their coins stolen -
https://www.theregister.com/2013/08/12/android_bug_batters_bitcoin_wallets/.
A far safer option to generate raw private keys would be to use Bitcoin Core. If you don't want to use a piece of software, then flip a coin 256 times.
I thought that in a brainwallet you need to remember a phrase. The reason why I get the user to input a random sequence of characters is to simply immitate the mouse-movement entropy. I just tell the user to randomly press anything they want in the keyboard and of course, not to remember it.
Actually a private key is nothing more than a 256bit random sequence (e.g. 010110...1001)
The words that you refer to, derive from this 256bit number, if you add 8 bits more (checksum).
Therefore, it is quite simple to get the words, like you mention above.
You are confusing separate concepts here. A seed phrase does not encode an individual private key. A seed phrase is used to generate a near unlimited number of private keys in a deterministic manner, meaning backing up the seed phrase backs up all the private keys that it generates.
Yes, my english may not be very good, but I understand what you say and that's what I wanted to say actually.