<b>Nice work mate but a few point to mention</b>
First :
Handling private keys and seed phrases in plaintext is inherently risky. You stand at a very high risk if an attacker gets hold of your system.

Using user_variable for entropy is highly risky. Assuming a user provides a weak or predictable input?. Despite introducing randomness via salting understanding the strength of the entropy greatly relies on the quality of the user input

Lastly using RIPEMD-160 hash of the private key for the witness program is risky. This can lead to an invalid address or one that cannot be recovered .

It is best to use a proper public key derived from the private key when creating the witness program.