Comment by nicce

I did read that, but I meant that you should describe threat models, and from that point describe implementation how it relates to threats. So describing pure implementation leaves still many questions, and is less convincing. Threat models helps for question "why". Why this is selected? It gives feeling that you have thoroughly gone through the selection process. In cryptography, there are so many different algorithms and they are meant for different uses. There is no one good for everything. It is important to note, that why this is good for this scenario. And what are pros and cons.

If you have correctly described your threat model, it is easier to convince others, that your algorithm selection is good, even if it might have been good already. It leaves so many mistakes out. And from that point of view, it is also easier to sell, especially as you are branding as E2EE service.