That's why the user should be smart enough to add at least 2 U2F devices. I use U2F because I do not want to use a 2FA app, so this limitation blocks me from using 2FA at all... Please consider reverting.
A user shouldn't lose access to their account if they lose their U2F key
This requirement undermines the security of a U2F key. For U2F to be of any benefit to authentication security the opposite must be true (2FA should be disabled when U2F is enabled so that they loose access) - People will break in through the weakest link not the strongest.
I understand the desire to prevent the fallout of users who don't realise that they could loose account access when they loose their key, however that is the desired scenario to gain the security benefits of U2F.
Instead how about first: ensure the user is made aware of this possibility through the U2F setup process, and second: suggest alternatives like backup U2F key and hard copy recovery keys etc.
WebAuthn has higher security than authenticator applications because a WebAuthn key is by design limited only to the same origin. This makes WebAuthn much more phishing proof than authenticator apps. Please consider removing requirement. If people losing their tokens is a big worry then maybe put a big warning that you should have backup keys rather than enforcing poorer security.