Wayland on its own may be ready but you can’t build a whole desktop with just Wayland. The rest of the stack needs time to catch up.^(*) And no, not everybody is willing to use KDE and restrict themselves to whatever combination of elements happens to work right now.
^(*) Because the bright people who did this decided they needed to throw the baby out with the bathwater on X. They couldn’t possibly find a way to ditch only the obsolete parts and fix the problems and maintain compatibility as much as possible. No, everything had to be rewritten from scratch.
So here we are 15 years later, with another 5 or so to go until the whole Linux desktop ecosystem will be thoroughly redone.
Securing the desktop protocol against keyloggers on Linux is like wearing a helmet when you’re walking down the street… yeah in theory it’s a good thing and would improve your safety, but it’s also wildly impractical and the things it protects you from are extremely unlikely.
And even if keyloggers were a huge everyday threat, you still have to allow for legit explicit uses of the technology (automation, accessibility etc.) But nah, they just said “we’re not implementing it at all”. What sense does that make?