Those are all important points, though I wonder: with registration required, tied to email accounts, and if we were all running thousands of small irc/xmpp/matrix servers instead of one big system that is indeed simple to attack, would the dangers still be that serious?
Well... if you're the person that the server, domain name or association leadership is legally associated with, you are the person where the feds will knock on the door and raid if someone uses your server for pedo or warez content.
A bigger entity like a foundation, corporation or university (hopefully) has financial resources to pay for lawyers, to institute compliance and screening procedures and other things, but average Joe Admin does not. This is something many German TOR operators had to discover the hard way - especially dealing with the stigma of cops showing up for a CP investigation...
reply