pull down to refresh
Remote hands are free or pretty cheap if you get a cabinet, you just need to provide very clear instructions of what to plug in where, unskilled labor will rack and plug. If you thought out the layout before shipping it should be done in under an hour.
Off-lease hardware on eBay, configure locally, then ship with plug and play instructions to the colo.
Older Dell R-series etc are practically given away, the risk is pretty minimal since you own the hardware and configured the OS etc. The bulk of the risk imo is in the channel states rather than the keys.
Maintenance and dealing coordinating resources for hardware failures is another job then though.
That said Lightning is inherently a hot wallet, the mental model people have of keeping large amounts in it are completely wrong... you're closer in thinking to use it as a proxy of sorts. You can have nearly unlimited inbound capacity on a VPS you barely trust and then swap it back to chain automatically at a given threshold, ensuring you never keep too much hot for more than a few seconds.
Keeping a lot of outbound hot would be where mobile becomes acceptable since you may want to manually approve spends.
There's a few colo providers that have specialized racks for mini PCs, including mac mini's and pi's. Good for individuals, but not really dense enough for scaling as a service. That gets back to the bigger risk of channel state corruption with SPOF, but a more sophisticated user can mitigate that with streaming backups... the more casual users you really need to ensure there's no SPOF in getting writes to disk.
Yes. Same for most dedicated server places you see advertised.
I've done the AWS vs Colo calc many times for large systems over the years. The differentiator is always labor (and duration.) Though I think that the additional risk with the TEE systems are the endless streams of hardware vulns. It's been bad for both Intel and AMD these past few years.
I was looking late last year into getting hosting for a minimum Zen 5 box that I can get secured access to to set up the enclave host. This would right now cost about 20M sats over 2 years (because minimum 24mo contract); a huge commitment for a simple FOSS dev to make, perhaps even prohibitive, especially for just another development project. Those 24 cores are way too heavy too. Apple M4 is the only affordable-ish enclave-capable solution, but that doesn't help with developing things for AMD or Intel, at all.
So I'm a bit on the fence about the capabilities we need to securely run an LN node; have been for a longer time. The only solution is to not maintain much outbound liquidity on an insecure public node, and instead run a private mobile node channel for inbound. I know you hate these but in lieu of having a stable, secure home to host things, or a hosted fully secure enclave, this is all I can think of :-/