>Once Q-Day happens, your only source of security is PQ anyway, so if we're going to do hybrids with today's threat model in mind, PQ+PQ is the way you really want to go
I want to broadly agree but I still can't resist arguing :)
EC is really cheap on the CPU and I trust that libsodium's X25519 is implemented pretty solidly. After Q day, the $ price to break EC is still not negligible.
Whereas PQ+PQ is really expensive. I'm anti PQ+PQ hybrid just on cost. PQ+EC is practically free and still inflicts $'s on attackers after Q day (attacks do get cheaper and you discard the EC at some point, but practically I don't see EC as instantly worthless).
I’ve seen arguments that PQ algorithms are easier to implement correctly than ECDH, thus reducing that risk. I’d have to try it myself to really asses that, but for now I believe them. I’d say the real cost is performance.