Yes, all options always have their pros and cons.
We are planning to support more access roles, including read-only in near(ish) future. That may provide security wise bit better approach for sharing API tokens with services.
API based approach could be more "future-proof" in the sense that we follow semantic versioning in the API very closely. That means it will be pretty stable for this kind of service to access it. Also the the master API provides basically all information related to services. The etcd schema has only the bits Kontena LB needs, so it might be actually somewhat limited.
I haven't been digging into traefik code that much, but based on the quick look that I had it should be fairly straight-forward to "port" the generic etcd provider to Kontena-etcd provider. If you get something working, even partially, let me know and I can take a look.