A database that’s crummy (but functional) is an important issue, but one that seems like it can wait.
That's often the problem with how software is perceived by a user. Simple functionality might introduce complexity in already existing functionality effectively breaking it at the scale it is supposed to support. The technical aspect of a piece of software will always seem secondary for the end user, regardless of the functionality it appears to be second to. That's only logical. You don't care about a certain metal's properties when you buy a knife, you care about the kind of cuts it can perform.
My issue with the project is that it's mostly written in a language that I am not familiar with, and much of the scale it's built to support is over a protocol that is also new to me. I can't really judge whether the issues (especially content removal and how actions are synchronized between separate federated instances) are a database issue, a protocol issue, a sub optimal approach to the complexity or even just doable in the current context.
Designing and implementing properly and fully working transparent software is always hard. And in new protocols and contexts is even more so.
You are correct though, these things are not important for the people who use it. What is important for the users is how the piece of software can, and if it can, allow for the use they want to make of it.
I don't think there is a way to have both the option to host images and have zero risk of getting such image uploads. You either completely disable image hosting, or you mitigate the risk by the way image uploads are handled. Even if you completely disable the image uploads, someone might still link to such content. The way I see this there are two different aspects. One is the legal danger you place yourself when you open your instance to host images uploaded by users. The other is the obvious (and not so obvious) and undeniable harmful effects contact with such material has for most of us. The second, is pretty impossible to guarantee 100% on the internet. The first you can achieve by simply not allowing image uploads (and I guess de-federating with other instances to avoid content replication).
The thing is, when you host an instance of a technology that allows for better moderation (i.e. allowing certain kinds of content, such as images, only after a user reaches a certain threshold of activity), actually helps in a less obvious manner. CSAM is not only illegal to exist on the server-side. It's also illegal and has serious consequences for the people who actually upload it. The more activity history you have on a potential uploader, the easier it becomes to actually track him. Requiring more time for an account before allowing it to post images, makes concealing the identity harder and raises the potential risk for the uploader to the extend that it will be very difficult to go through the process only to cause problems to the community.
Let me also state this clearly: I don't have an issue with disabling image uploads here, or changing the default setting of instance federation to a more limiting one. Or both. I don't mind linked images to external sites.
I am sorry you had to see such content. No, it doesn't seem to go away. At least it hasn't for me, after almost 2 decades :-/