Sorry, how are passkeys not device bound? Every single article I read explaining why they're "better than passwords" touts precisely this as a strength - your authentication takes place on device, so there's no server of passwords for anyone to hack. If you lose the devices your passkeys are paired to, you've locked yourself out of that account for good.