Right, i just looked. I think you just get 32 bytes from /dev/urandom, as it notes there you have a negligible chance of an invalid seckey. But also you can check there, right.
Mostly you just use bip32 master secrets ofc, in practice.
Discussion
thanks a lot. i was thinking about that as well, but i thought its too simple to be real. that's wonderful!
generally im writing some golang bindings for this library and im trying to provide an api to generate a keypair. im not sure how much it makes sense at all. since the original source says you can read random bytes yourself.