I may be picking you up incorrectly here so apologies, but I am pushed for time as usual.
We all do this is why algorithms are trusted over time. Its good you just thought up some ideas, I am sure they will provide use to people as another mechanism to check and perhaps implement.
In terms of the key not being one time, then perhaps look again, it is one time (the key is the data, that is why the AES happens). This is explained in the system docs.
In terms of random then its an infinity zero edge of universe thing, what is random is there any such thing? Who knows, it’s hard to prove, you can use chi squared tests etc. but even then true random is like infinity perhaps. As I say who knows. Glad you are looking though.
We should do some reward for decrypting a chunk perhaps ? Like the DES competitions etc. it all helps.
In terms of burden of proof, lets see how that goes, are you saying I need to answer every single person who does what you just did and who does not want detail? The math for hash, xor and AES are readily available.
I do not need to explain the metallurgy of a nail for you to pop it one with a big hammer. I think that is a burden somebody else can carry I am kinda busy right now, but I doubt I have found a way to make AES weaker
We are working on systemdocs so perhaps that will help, but cheers for the benefit of the doubt comma but