I am one of those users who have asked, but how can I trust that the Tailscale coordination server will not inject hidden public keys to my network.
This feature is a very good step forward in security. I will take a look and if the implementation is sound, I am going to use Tailscale (namely if the Tailscale is compromised, I will not be automatically compromised, unless I manually accept external public keys, or install a bad update).
The problem with malicious updates can be addressed by providing as easy way to check the code signature. With a standalone infrequently updated app such as an AppImage app, this can be easily done by verifying the GPG signature upon download.
If you don't want to trust the Tailscale coordination server, and decide that tailnet lock is not for you, have you taken a look at Headscale? https://github.com/juanfont/headscale