3. Bitcoin's use of secp256k1 is...ok, but given that SafeCurves (Daniel J. Bernstein and Tanja Lange) view secp256k1 as unsafe, the use of the same curve is a little bit of a risk (Monero uses Curve25519).
You don't know your own code, lol. Cyptonote uses Ed25519 for EdDSA, not Curve25519. It is an understandable mistake because Ed25519 is very similar and related to Curve25519. But that you don't know the difference, shows you are not the low-level cryptographer for Monero. And we all knew that any way. You are the server and networking guy correct? So no offense intended.
Afaik, the main improvement that Bernstein achieved was to eliminate side channel timing attacks because his formulation of ECC is constant time (if implemented correctly). But some have argued that attribute isn't necessary in Bitcoin's application of ECC (ECDSA).