Got an answer from #smartcash about the mic permissions: https://mobile.twitter.com/scashofficial/status/1090547011022131200 "It's not being used right now. We may add voice ID as an alternative login method in the future. We're using the camera to scan QR codes" This is not unreasonable, though I think throwing that permission in before strictly needing it isn't the wisest move. A disclaimer about the permission in the app desc might be worthwhile. That said, the source code for the SmartCash wallet does appear to be fully open source: https://github.com/SmartCash/electrum-smart ..so that goes a long way to alleviating concerns. That said, if I ever run this wallet, I think I'll be permablocking mic access as a precaution.