It's common practice to publish source code for review. Exactly for the reason mentioned in that my post. Noone needs any grounds to assume that software is insecure, all programs working with cryptography and financial stuff are assumed insecure until audit is done.