To comment as a ZCG candidate, I would be very hesitant to approve a project this like. I appreciate the time and effort that has already been put into this project as open source contributions.
While I agree in general that we need security and verifiability in our core software, this feels like a decision that the core developers should be making and not the community grants board.
This project sounds like it will also needs to be accepted and maintained by the current developers, and thus I think an undertaking like this should fall to a project manager for the given projects/code bases.