[nitpick] The secret is logged in browser memory (as `secretHex`) and never cleared. For security best practices, consider clearing sensitive data after use. While the secret is ephemeral for this registration flow, explicitly clearing it after the register transaction completes would be more secure.

[ScottyPoi]

[nitpick] The secret is logged in browser memory (as secretHex) and never cleared. For security best practices, consider clearing sensitive data after use. While the secret is ephemeral for this registration flow, explicitly clearing it after the register transaction completes would be more secure.

Example:

// After line 219
secret.fill(0); // Clear the original secret bytes

Originally posted by @Copilot in #24 (comment)