If you don't think "hire people that know what they are doing with crypto" is better advice than "have a contest that doesn't even prove security under known plaintext attacks and pay out $100k to someone who finds a MITM attack to prove you're serious", you're actually not qualified to determine who the right person to determine "reasonable effort" is. I know I sound like a complete jerk, but that's just the honest truth.
The fact is that it is highly inappropriate to have a new, completely unvetted cryptographic protocol in a context where people are relying on it to provide actual security, and they are flat-out ignoring advice from talented and knowledgable people.
The fact is that it is highly inappropriate to have a new, completely unvetted cryptographic protocol in a context where people are relying on it to provide actual security, and they are flat-out ignoring advice from talented and knowledgable people.