But in the "age binary replaced" threat scenario, isn't just gameover even with hardware keys? Eg. the same exact age code with an extra call after the print password to stdout that uploads it somewhere?
The difference with hardware keys is that the primary key can’t be exfiltrated, and only one secret can be decrypted per physical touch, so rotation and recovery are possible without invalidating all secrets.