Most one-time pubkeys are wrapped in RIPEMD-160 and SHA256, so you have to crack those first before you even get to cracking ECDSA. This also offers temporary protection against sudden appearance of quantum computer. QC can break ECDSA, but cannot break hashes fast enough. So people would have time to switch to another algorithm or at least agree on the last valid blockchain state and stop all transactions.
