I think it is likely that the community member all have to go through a process of rectifying confusion around what a node is vs what a canister is. I myself had a bit of a brain shift reading your post. I wasn’t thinking clearly about it and I had specific issues I was most concerned with that were clouding my thinking. Great post!
I’m concerned about one malicious actor having infinite time to rip open a canister and look at the data in my canister. This is a problem until we have(and with side-channel attacks, maybe even after) we have secure enclaves. This is #1 in your post.
#2 seems like maybe it could just be fixed by some transparency and some ability for the user to pick their subnet? Maybe not…and I probably don’t understand the node/subnet distinction well enough to comment.
#3. Resilience is great and should be a long-term goal. I remember seeing some early designs where users were going to get to pick the number of nodes that would run their canister(with adjusting costs). I understand that was removed for now to reduce complexity, but I can see where that would be a valuable user choice to have.