Passkeys would be better without remote attestation, no doubt. But remote attestation is not only optional but also, passkeys are not a prerequisite for requiring remote attestation.

Lots of services that don't support passkeys currently require remote attestation. Boycotting passkeys (an open, possibly beneficial tech that doesn't require remote attestation) will not prevent bad actors from requiring remote attestation (with or without passkeys).