Then you’d be running unsigned, unreviewed binaries bypassing iOS controls directly on the CPU, which would be a security nightmare for iOS. This way it’s a completely emulated environment that’s isolated from the underlying system.
Running x86 binaries under software emulation, and forking off arbirary ARM binaries, aren’t the only two alternatives. You can do what Wine or gVisor does: run native-architecture code, but virtualize system calls as calls into the host binary.
Oh come on, security and privacy on Android barely exist at all except at the most general level. We're past the days when Samsung disabled all OS security controls on their flagship phone just to get the camera working for launch day, but Play Store apps are so infested with spyware and trackers the security of sideloaded apps is barely relevant.
