> Apple already has already implemented a perfectly functional balance between security and developers rights on the Mac

They really haven't - some APIs are locked behind entitlements that you can only get by paying the developer fee and requesting it specially from Apple. Among other nuisances.

Only when an app is distributed from their store though? You can request a developer certificate, notarise your apps and deploy them from your website using any API you desire...

That's incorrect, some MacOS APIs (I'm not sure why you think a website is involved here?) require special entitlements (regardless of how they're distributed) and you cannot use them with a normal developer certificate - you need to pay the Apple tax and speak with someone at Apple directly to get them.

If they follow the Mac model of non-notarized app packages being installable with a warning (which can he disabled system-wide with a hidden setting) then that's basically equivalent to the Android model, which requires jumping through extra hoops to enable third-party app installs as well.

People will be tricked into jumping through all of those hoops to install malware on their phones, but people are already tricked into harming themselves via their phones all the time on iOS and Android alike. People are ticked into using their (legit) bank apps to send money to fraudsters, into downloading (from the App Store) NFT scam apps, into downloading (from the App Store) scammy and predatory apps disguised as free colorful puzzle games. What does this proposed malware do? Surreptitiously record location data? Trick the user into parting from their money? Pop up unexpected ads and redirects? Apple's blessed apps already do all of that. What bad behavior is possible in from within an app sandbox that isn't common practice on the App Store? The only thing that comes to mind is location recording and sending of that information to the attacker, ie a spying GPS app installed by an abuser. The platform-level way to fix that would be to allow users to provide apps spoofed locations without informing the app that the location isn't real, which Apple won't do because... it would harm Netflix and Niantic's business model, I guess?