I found a very serious issue, for the method above, the password is useless, it doesn't care what value I assign to the password, seems the generated address only depends on the seedPhrase and hdPathString
@michealChin The password is not used in the sense of BIP32, the purpose is to locally encrypt the seed and private keys using the password, so changing the password don't change generated addresses.
lightwallet.keystore.createVault({ password: password, seedPhrase: seed, hdPathString: "m/0'/0'/0'" }, function (err, ks) {..................
I found a very serious issue, for the method above, the password is useless, it doesn't care what value I assign to the password, seems the generated address only depends on the seedPhrase and hdPathString