It seems VisualEditor is not compatible with the LockDown extension because the MediaWiki server needs to do some HTTP requests to some RESTbase API entry points.
https://www.mediawiki.org/wiki/File:Restbase_request_flow.svg
The problem with this design is that MediaWiki does anonymous HTTP requests to these APIs and so with the LockDown extension is not authorized to see its content.
This may have some big security considerations and needs some thoughts.