Yes, that's true for a shared domain, yes. The TXT record points out directly to the final user. True. On the other hand, DNS architecture allows the user to hide behind a DNS recursive server (from the ISP, institution, DoH providers, etc), whereas it's easier to leak your final IP to the HTTPS server (if you don't user a webproxy). Different privacy compromises, I guess.