#13 No conversation privacy in default scalable configuration. Anyone can see your to/from fields and bc #1 it's great metadata.
Need to verify how bad #13 is, I think you can mitigate but most people use a public channel. The header I think its technically encrypted BUT with a known public key so everyone can see whose talking to whom. I think you can get encrypted headers on the public channel but docs aren't clear and probably limits your hops.
Finally I suspect that IF meshtastic ever does fix their routing algo they will suffer from MITM exploits due to issues around #1, #6, #8, and #9.
Bc when you have MAC as the root of trust I can respond to your MAC and poison the routing table.
There might even by a solid security downgrade attack here too bc they have backwards compatibility for insecure DMs. So once I clone your MAC I can also downgrade security and ppl are trained to accept downgrades.