3. Bitcoin's use of secp256k1 is...ok, but given that SafeCurves (Daniel J. Bernstein and Tanja Lange) view secp256k1 as unsafe, the use of the same curve is a little bit of a risk (Monero uses Curve25519).
You don't know your own code, lol. Cyptonote uses Ed25519 for EdDSA, not Curve25519. It is an understandable mistake because Ed25519 is very similar and related to Curve25519. But that you don't know the difference, shows you are not the low-level cryptographer for Monero. And we all knew that any way. You are the server and networking guy correct? So no offense intended.
Afaik, the main improvement that Bernstein achieved was to eliminate side channel timing attacks because his formulation of ECC is constant time (if implemented correctly). But some have argued that attribute isn't necessary in Bitcoin's application of ECC (ECDSA).
You're completely misunderstanding. I'm ONLY talking about the curve, and Ed25519 uses the same underlying curve as Curve25519, albeit with different representations. That is why SafeCurves doesn't need a separate Ed25519 section, as Curve25519 covers it. That also explains why you can trivially convert Ed25519 public keys to Curve25519.
In fact, the IETF Ed25519 draft qualifies this by saying "For Ed25519, the curve used is equivalent to Curve25519 [CURVE25519], under a change of coordinates, which means that the difficulty of the discrete logarithm problem is the same as for Curve25519."
It would be difficult for me to reference SafeCurves, but then talk about Ed25519, without going into great detail explaining this relationship. As the relationship is obvious to anyone (such as yourself) it is sufficient for me to merely state that I'm talking about the curve.
I'm not the "server and networking guy" - Monero is an open source project with a great many contributors. You can learn more here: https://getmonero.org/knowledge-base/people