Although the fact there are blocks that contain QC-resistant signature means some mining pool support the upgrade.
They don't have to get support from existing miners, focused on mining 80-byte block headers. They can do that behind Proof of Work on DER signatures, so legacy nodes will check only the size of the signature, and nothing else. And all other rules can be executed only by quantum nodes, and nobody else. If their miners will produce more Proof of Work, that any attacker will do in 10 minutes, then they will get it confirmed on-chain faster, than it will be attacked by anyone. And if their quantum proofs will be good enough, then nobody will even discover a public key behind the puzzle, before it will be broadcasted on-chain. It can be unknown for all participants, even behind quantum nodes, if done correctly, and Proof of Work can protect them from short exposure attacks, as long as ECDSA is still strong (and even later, SHA-256 will still protect them, even if ECDSA will be broken, just Proof of Work will raise accordingly).
It's not fully true though, since non-SegWit node still store TX created by Ordinal without witness data.
Yes, there is some data, related to a particular address. But: seeing OP_TRUE, and some 32-byte data push for Taproot address, is not that much. And similar things can be done here: a small signature on-chain, which would take for example 50 bytes, is a small price to pay for committing to some 50 kB signature, which would be visible only by upgraded nodes, and which can be ignored by anyone else.