Interesting point, but it's a bit of the reverse for me: LN nodes seems a lot more natural to me coming from a tinkering with web tech background, while on-chain stuff seems a lot more shrouded in mystery in terms on encodings and secp256k1 etc, that's stuff I feel like I have to trust works.

That being said, I do think there's scary implications for LN nodes where lots of coins in hot wallets on self-maintained servers that are open to being poked on the internet; a zero-day for remote code execution could make a lot of people lost their shirt.

But maybe that's where the "diversity in immune systems" from plebnets come in; with enough difference in server and node software, one bug can't wipe them all out.

I built an app that uses LNURL last weekend, posted it here, and it got the wallet emptied (10K sats) within twenty minutes. This was because I did something stupid, and the point being if your funds are still there when you wake up, it's not for a lack of trying by adversarial actors, which gives credence to the idea your not just "trusting" but have been tested and found secure.