Be up-front about security: OpenSSL is known to have issues, you can’t trust what comes down the pipe, and your private key’s integrity is a hard requirement. Not a situation where you can be careless. letskencrypt is a client for Let’s Encrypt users, but one designed for security. No Python. No Ruby. No Bash. A straightforward, open source implementation in C that isolates each step of the sequence.
All good 'n well, but the non-OpenBSD code still depends on LibreSSL
The only dependency of letskencrypt-portable is LibreSSL. The standard letskencrypt has no dependencies.
Although one might debate LibreSSL is “safer” than OpenSSL, it still could contain security flaws
The point of letskencrypt is that it isolates usage of OpenSSL function calls (LibreSSL) into their own locked-down processes. So that the security flaws, inevitable in any software, have a minimal effect on one’s system. (Disclaimer: I wrote it.)
The dep on LibreSSL is for libtls, though.