How secure is this code to generate Address-Key pair?

[CounterEntropy]

https://github.com/BitcoinPHP/BitcoinECDSA.php/blob/master/src/BitcoinPHP/BitcoinECDSA/BitcoinECDSA.php

Also, what if I keep $extra = 'FSQF5356dsdsqdfEFEQ3fq4q6dq4s5d' at L:852 as is? Will it be possible to re-generate the Address-Key pair if I dont change this?

[pooya87]

How secure is this code to generate Address-Key pair?

the biggest problem with this library that i see is lack of tests. a cryptography library that deals with sensitive things such as ECC must have a lot more tests than the handful of them this library has in BitcoinECDSATest.php
so i wouldn't use it for anything important.

Also, what if I keep $extra = 'FSQF5356dsdsqdfEFEQ3fq4q6dq4s5d' at L:852 as is? Will it be possible to re-generate the Address-Key pair if I dont change this?

that "extra" is used while generating a random key, with or without it you won't be able to re-generate the same key. it is used as some sort of extra entropy to be appended to the entropy generated by OpenSSL (according to the method name) and then hashed using SHA256.
but usually these extra entropies are generated on the fly not hard coded.

[ABCbits]

You need to audit security/cryptography expert to know how secure is it. I can't find anything that mentions audit on both source code and GitHub's issue feature.

If there's no particular reason to use that library, consider use https://github.com/bitcoin/bitcoin/tree/master/src/secp256k1

[Saidasun]

Is there any specific reason you want to use that libary instead of https://github.com/bitcoin/bitcoin/tree/master/src/secp256k1?

Unless there is a specific reason that you have not currently given I do not see any reason why you would use that instead of the above libary especially when it considering trust and the issues that a untested libary might bring up.