Merge #1098: Add cargo crev reminder to readme

ded1a32 Add cargo crev reminder to readme (Tobin C. Harding)

Pull request description:

  As suggested by the `cargo-crev` project; add a comment to the readme reminding people to use `cargo-crev` to check their dependencies.

  ### Notes

  Today I explored `cargo-crev`, it was new to me before today. I completed proofs for `bech32`, `rust-bitcoinconsenus`, `bitcoin_hashes`, `rust-secp256k1`, and `rust-bitcoin`. I published the proofs to https://github.com/tcharding/crev-proofs.

  If I'm understanding correctly proofs are only useful if the author is connected to a web of trust. So far I only found @dpc within the active rust-bitcoin devs with a `crev-proofs` repo (that includes an ID). Since he wrote `cargo-crev` its not surprising he has one :) Two other devs have `crev-proofs` repos but they are both incomplete (no ID) so I was unable to climb onto their web, so to speak. I am not a particularly well know dev so I imagine it would be more useful if some of you more well know fellas publish proofs as well.

  If we can get a web of trust between all the regular hackers here then we can start doing reviews/proofs of our dependencies and publishing them.

ACKs for top commit:
  Kixunil:
    ACK ded1a32
  apoelstra:
    ACK ded1a32
  sanket1729:
    ACK ded1a32

Tree-SHA512: c2d3b195a522095fcabcf51bb956b339f3a421541652f646f8e56286ebf850aa106d4acbf4defd344b5b0f57dd9626d1dbafe50c9d54b1436fd9e2c8b434fc07

README.md

@@ -31,6 +31,9 @@ Supports (or should support)
 For JSONRPC interaction with Bitcoin Core, it is recommended to use
 [rust-bitcoincore-rpc](https://github.com/rust-bitcoin/rust-bitcoincore-rpc).
 
+It is recommended to always use [cargo-crev](https://github.com/crev-dev/cargo-crev)
+to verify the trustworthiness of each of your dependencies, including this one.
+
 ## Known limitations
 
 ### Consensus