I have heard of social engineering attacks where ssh/login attempts have been made to vps, ostensibly to steal funds. Fortunately not heard of any funds lost this way.

There was the story about similar social engineering, tg imposter convincing sb to transfer funds from a borked node. Felt bad for that chap.

I agree. Complexity kills it for many, and can be overkill in many cases.