writing there is not the problem afaik because the zap is signed by the sender.

but for the relay unauthenticated connections are a problem those cost resources (websocket connections use a lot of server resources)

and if relays start to require some authentication then NIP57 will fail from my current understanding.

I am very interested how Nostr people see this. Maybe it's a no-problem, or relays just have to deal with it? or LNURL-zap tools/providers have to pay all the relays to be able to connect?