The result: there is now effectively one dominating web browser run by an ad company who nigh unto controls the spec for the web itself and who is finally putting its foot down to decide that we are all going to be forced to either used fully-locked down devices or to prove that we are using some locked-down component of our otherwise unlocked device to see anyone's content, and they get to frame it as fighting for the user in the spec draft as users have a "need" to prove their authenticity to websites to get their free stuff.
(BTW, Brave is in the same boat: they are also an ad company--despite building ad blocking stuff themselves--and their product managers routinely discuss and even quote Brendan Eich talking about this same kind of "run the browser inside of trusted computing" as their long-term solution for preventing people blocking their ads. The vicious irony: the very tech they want to use to protect them is what will be used to protect the status quo from them! The entire premise of monetizing with ads is eventually either self-defeating or the problem itself.)
"powerful-but-easy-to-code APIs for OS-level access" are actual hard-to-implement-right functionality that is often pushed to browsers with very little discussion or considerations.
It was critical for the web to be easy to implement the core of for a small team or even a single concerted god-tier developer--imagine Fabrice Ballard--and the current spec has failed so hard at this that even tech megacorps have thrown in the towel. People get upset about WebUSB... but that's not the API surface that is causing us issues. If I had to single-handedly implement all of canvas/WebGL/WebGPU and JavaScript/WebAssembly I could pull it off (noting I used to be a video game engine developer).