It's easy to write this when the safety of your users is both an abstraction and an externality; it's a lot tougher when you have to own your mistakes.
Please don't presume. I do care about my users. Their safety is not an abstraction.
You personally made sure it wouldn't be an externality either. I can count on you to make me pay for any mistake I make (only one of any consequence so far, and it was over 2 years ago: https://monocypher.org/quality-assurance/disclosures).
I know exactly how tough it is to own up to my mistakes.
He's someone I would really have liked to have around when I asked about the Edwards/Montgomery conversion for EdDSA all over the place. (Something I knew from the outset: when you deal with crypto, you don't do it alone. You seek advice and feedback.)
No one at the time warned me this conversion was dangerous. Yet another hint that we don't have enough cryptographic engineers.
