Exactly this. And whats more, the idea of device attestation makes people trust those devices, and the history of rooting consoles and phones proves that nothing holds, even tech backed by billions in commercial interest.

The whole point in reducing the blast radius is valid - by all means make this optional and allow the user to elect to tie their identity to the device. For everyone else, implement validation of actual transactions, not just user secrets and device secrets.