Why do you focus on the extended private key or seed phrase? If a ZK system were implemented that ran Bitcoin consensus rules (including Bitcoin script, and everything else) inside a proving circuit, then people could simply publish proofs that they had validated their own transactions spending the coins.
Perhaps I misunderstand, but in the scenario in which two people both have access to the relevant private key (the true owner and an attacker who has reversed ECDLP and obtained the private key), how does providing a ZK validation of a transaction solve the problem, given that either party could produce such a proof? Surely the true owner needs to provide a ZK proof that they can derive the private key from some parent key/seed/number/etc., which the attacker would be unable to do. Please correct me if I'm wrong.
It is difficult for me to imagine that a consensus on this would be somehow reached. I have been asking this theoretical question for a couple of months now and the community is divided almost like 50/50.
I'm sure a consensus will be reached when it becomes worth reaching. Such a scenario is decades away, while bitcoin itself is only 13 years old. There are far more pressing things to discuss and develop than to work on some quantum computing solutions which will almost certainly be hugely outdated by the time they are relevant.