When sending message out you incorrectly loop through msg.slice_refs(), instead of message.slice_refs(). It looks unintended, but only allows validator to cancel messages.

The only difference between transactions created by user and validator is expiration time (when they will be auto-confirmed). But during confirmation you check specifically against validator public key. Which means that validator can simply confirm his own transactions.

You do not decrease tx_count anywhere. But it is used only in get method just returning incorrect information.

Your try_init simply calls accept_message, it does not contain seqno=0 check (nonce in your contract). Anyone can send empty message to drain wallet funds.