It’s trivial for the service provider to deny service. I do not know what mechanisms they have in place for this at present but it is definitely technically possible.

Afaik you have the unilateral exist way always possible with Spark if they try to KYC shotgun ? If unilateral exist is possible then how is it really different from a LSP disabling your channel if you don't KYC ? Last question, wouldn't blind signatures on top or Ark\Spark be a reasonable trade-off for good UX and almost impossible denial of service attack ?