from my understanding, the firewall basically protects the main chain - and so all other sidechains - from gains created in an adversary controlled sidechain.
Of course, every sidechain should offer the same 51% major honest security as a “simple” blockchain would do. I have no information yet how transactions will scale on side chains, but from my understanding, it’s not a transparent multi-channel processing where the user has no idea on which one he is currently running on. I expect the side chains are there to process things like epochs of a business, or a certain project, without creating a transaction for every peanut on the main chain. It then depends on this projects/business requirements if this side chain is private or decentralized. Or they can fulfil regulatory requirements.
Anyway, it would be interesting to know more about, because it’s not only a question of “adversary gains destroys real ADA” but also on how or if ADA can leave a side chain - for example to a private wallet. Or how it would be possible to earn something on this side chain if it’s not possible to move this back to the main chain.
I already posted a similar question regarding this sidechains: Think about when someone sets up a private one, send ADA there, then back and destroy the entire side chain, in order to cut the traceability. That would be more efficient than any mixing service.