So, to sum up, there are many ways to make the whole system secure, without pushing everything on-chain. But users just decided to put their data anyway, even if there is no need to do so.
Thank you very much for your answer. I think I'm starting to wrap my head around this better...
So when someone makes an ordinal they are not using tapscript right? They are simply writing Opcodes into the transaction just like you would with a non-taproot transaction? If I did a typical P2PKH transaction I would put
"scriptPubKey": "OP_DUP OP_HASH160 HASH_OF_PUBKEY_IN_HEX OP_EQUALVERIFY OP_CHECKSIG"
as my locking script, but If I wanted to do an ordinal I would make my locking script
"scriptPubKey": "OP_DUP OP_HASH160 HASH_OF_PUBKEY_IN_HEX OP_EQUALVERIFY OP_CHECKSIG OP_FALSE OP_IF OP_PUSH "ord" OP_PUSH 1 OP_PUSH "text/plain;charset=utf-8" OP_PUSH 0 OP_PUSH "Hello, world!" OP_ENDIF"
? Does this mean that I could do an ordinal in a non-taproot address bitcoin transaction? So I could mint an ordinal with a P2PKH address?