Thanks for taking ownership and admitting your failure(s). We all have them, and it is important we look back at them, build better and build our code with the thought of minimizing attack vectors.

One thing I'd recommend is maybe doing a couple bug bounties of 10K-50K sats before releasing the product. This may have been found if it went through a bounty. Cheers and best of luck on your future projects!