It may seem naive, but when I thought about sidechains, my conclusions were similar. Definitely, if you want to make a test network, then it is sufficient to just prepare all transactions off-chain, without moving any coins at all. Because then, a simple test network can be deployed: it starts with zero coins, and they appear on the network if you sign them, and disappear, when you move them on-chain in any way.
And obviously, that model is not “the final state of things”, because if Alice knows all conditions behind a given UTXO, then she can always move them on-chain, no matter what was signed previously, and broadcasted to any parties. However, if you note that you can hide N-of-N multisig, behind a single public key, then you can see some potential in this idea.
So: my conclusion was simple: if you want to build any network in this way, it should have general rules like that: “sign on-chain coins to make a peg-in, and move on-chain coins to create a peg-out”. And that rule should not be restricted any further, when it comes to checking, if the history is valid. However, to prevent misuse, you can then restrict it further by introducing standardness rules. Which means, that peg-ins and peg-outs of the whole network, should work even with OP_TRUE. But: the client you interact with, can for example say: “you have to show me some on-chain UTXO, where there is P2TR, with 2-of-2 multisig, and one of those keys are owned by me”.
Guess what: this is the perfect task for the sidechain network. Imagine that some of the current Bitcoin nodes would have additional features, like “storing penalty transactions”. And then, those nodes could act as a global watchtower. But: to complete the whole picture, you need to note, that if all transactions are public, then someone may just broadcast all of that unconditionally, even if there is no dispute. So, to mitigate that, you should also encrypt penalty transactions, so they will be decrypted and broadcasted, only when nodes encounter the previous transaction.
If they will run their full nodes with those new features, then it would be sufficient. Of course, there is always a risk, that some miners may alter the default settings, but well: any second layer can be always attacked, if miners are malicious. So, it is all about ensuring, that the majority is honest, and share your software with that majority.