This article asserts some opsec failures - time zones switching when they shouldn’t etc.

It’s quite plausible that they didn’t manage perfect vpn usage every single time.

Expert level opsec - very rarely make deliberate "mistakes" by having an inconsistent timezone, or tunneling through someone's compromised home device instead of a VPN, to throw adversaries on wild goose chases.

They also committed with a different email address and a different name once or twice. This may have been intentional, though, to misdirect.

I'm surprised they didn't set up guards to prevent mistakes like commits with the "wrong" timezones...

Probably; but ask Ross Ulbricht how easy it is to screw that up.

The thing is you only need to make a mistake once.