Wayland in general does not have "permissions".
My understanding of the Wayland security model is that applications do not by default have access to other applications windows.
That is the security model of the protocol, not of every implementation.
More accurately, I believe the security model is that applications do not inherently have access to other applications' windows. It is not a question of "default permissions" as there is no permission system built into Wayland; rather, such operations are literally not part of the protocol (as I understand it).
For example, in X11 each window has a global XID assigned; the base protocol has functions to enumerate all windows; and merely knowing that XID is enough to operate on the corresponding window (whether it's the "root window" belonging to the X server itself), including getting its buffer as a bitmap and more. You might have seen programs like w3m or Ranger draw images on the terminal – they literally draw on another program's window just by knowing its XID (which the terminal helpfully supplies through $WINDOWID).
Wayland doesn't have this mechanism at all. If I understand correctly, it is more of a "capability based" system where programs can only operate on resources they've been explicitly given through some or other protocol call, while other resources 'do not exist' from the program's point of view. So it's not that default permissions prevent them from accessing the contents another window – it's more that the base protocol doesn't even define the means to do so.
Instead, the compositor (window manager) – which also performs the job of the display server in Wayland – is in charge of providing (and controlling) such access in some unspecified way.
Each compositor might not provide such access at all (limiting it to its built-in screenshot hotkey), or provide it through a protocol that uses some "permission" system (like GNOME does with its Android-style xdg-portal framework), or provide it without any access restrictions at all (like many wlroots-based compositors do). As you've noticed, SwayWM is among those which do not implement any access control for its protocol, at least for now.
¹ Since it is not part of the base protocol, there are at least two competing systems – GNOME/KDE which use D-Bus, and wlroots which uses Wayland-based extension protocols. (Both are generally more advanced than what was available in X11; e.g. when they do provide screen recording or screen-casting, they can do so in more efficient ways than the X11-style "grab a screenshot every X ms".)
