Beyond Smart Contract Audits: The Security Checklist Most Crypto Projects Miss