I think the insecurity of their function was a mistake. I doubt they would deliberately code something that threw collisions and have a cover up plan that is basically name it curl and hope people get it mixed up with the real curl.
fwiw, was bored and exploring for the first time the (my God) toxic social timelines of these crypto coins and happened to end with IOTA and the story of the home grown hash function. Just posting what I just read about this topic and not an +/- either way on the topic at hand:
Sergey Ivancheglo (@Come-from-Beyond) claims the collisions were intentional and for the purposes of IOTA the hash merely had to be a one way function:
He addresses his base-3 number system design decision as well (by appealing to authority no less :)
> name it curl
In above he references Curl-P and the final letter (see his last gist) also explicitly asks that the MIT security blogger use the full name which she declined.
