How are you proving supply?
"The could be a hidden bug" is not the point, the point is you wouldn't detect it if it were exploited.
Its written in C++ which isn't considered memory safe (same as Bitcoin also written in C++).
Of course you guys could just fork over to a memory safe language.
So anyway, how are you proving supply?