There is so much variation in the methods that have already been used to derive "nothing up my sleeve" numbers that you could easily come up with 2^10 equally plausible methods. The 24 chosen bits for "BADA55" might be overkill; depending on the circumstances, being able to pick "A55" might be enough.
I agree that the collection of all nothing-up-my-sleeve numbers anyone has ever used gives you a good starting point to find a 1/10000 curve flaw, but I'm not advocating for allowing cos(1), sqrt(2), 1/pi, &c. I'm saying: "use the leading digits of pi, or the first N digits that pass some security function if you need to be picky".
