heres the thing...

in the digital world, made of code..
EVERY bug, flaw, attack vector could be blamed on "malicious software"
you know.. because its.. code


but in a network of users of software. where there is a broad network protocol each users follows to stay inline with each other.

if two users across the planet are using a network where that network cannot guarantee someone is going to get paid right.. guess what. that is not a guaranteed payment network.
especially if there is ways to prevent it but idiots dont want to fix it at network level and just cry "blame the user"

if at network level you do not have a rule to seek/avoid such, (which can punish or ban users that try to be malicious).. its a no longer 'just' a software problem. its a network problem if that problem affects different users across the network

bitcoin. for people paying and receiving in bitcoin on the bitcoin network there are network rules.. that prevent many many payment attacks

EG
 if different people were to pay a user of 0.01btc (recipient uses say electrum)
an electrum server cant fake that to make the electrum user only get confirmed 0.0000001

however in LN of nodes where recipient of funds is d
      x    y
      |     |
      v     v
A->b->c->d

where abczx was to pay d.. c can abuse d's receipt and d ends up with loss

...
if the problem is about one users interaction, where the problem is not about the payment but the users storage. where the risk is his own wife using his client.. . then that is a local software problem

as for capslock

if users across the planet can abuse another user somewhere else, by fake paying them 1xx,xxx,zzz amount that
look as being paid 1,000sat at a network set rate of 1:1000 yet the user settling up only gets 1sat

its not a rounding error(remove the z)
its a conversion error(zx total is divided by more then 1000)
emphasis
1,xxx,xxx,zzz msat
dividing by more then 1000 = more than the z being cut off