Next to PINs, another idea was to seed a PRNG with a device fingerprint and generate a key pair from that. This would mean that the device can always regenerate the same key pair without any user input required.

The first device would generate the passphrase as usual, but then encrypt it with its own public key.

New devices would then be approved by a previously authorized device to also gain access to the passphrase¹ and, therefore, to the wallets.

This is essentially a scheme to sync the passphrase that would only require user interaction when adding a new device.

However, I’m really not sure about using device fingerprints to seed a PRNG for cryptographic key material, lol.

So this still doesn’t solve how to deterministically derive a key (pair) on the client device with minimal friction for the user.

But if we can assume that a user doesn’t lose their key on all devices at once—so there’s always at least one device left to approve a new one—then just the “approve device” part of the scheme could make entering the passphrase much less frequent.