5) Paper/descriptors backup
Core already lets you export the descriptor set (including privkeys) via RPC:
listdescriptors true --> JSON of descriptors with xprv.
dumpwallet <file> --> legacy: all keys + metadata in text.
You can take that JSON/text offline and GPG-encrypt it. Printing a QR is your choice (be mindful of QR size; you'll likely split across multiple QRs). Core doesn't do the QR/encryption for you in the GUI; you'd script this yourself on an air-gapped machine.
Use a long, unique wallet passphrase; Core's KDF has an iteration count but passphrase quality dominates. Make multiple offline backups (wallet.dat and/or listdescriptors true) in separate locations.
If you want extra protection at rest, put the backup inside an encrypted container or GPG it--in addition to Core's native encryption. Test your restore procedure once, then seal the backups.
The above setup gives you: usable day-to-day wallet (locked), plus verifiable offline backups with defense-in-depth.
I think we both described the same process for step (5). What I am actually asking is whether there is a good, recommended by Core's developers, in order to back up the wallet.dat in a physical medium, rather than a digital one. But, writing an XPRV isn't the optimal way, because it lacks encryption. So, I am wondering if they do it, if they recommend it and if they endorse it in general as a concept.
There isn't an "official paper-backup format" for Bitcoin Core and the project doesn't endorse one.
Core only guarantees an encrypted wallet.dat file (your day-to-day wallet), and the ability to export the key material in plaintext if you ask for it (listdescriptors true, or legacy dumpwallet).
Once you export keys/descriptors they are not encrypted by design. Core intentionally doesn't invent a special "paper-encryption" scheme or mnemonic. If you want a physical backup you have to add the protection yourself.
Core devs generally recommend encrypting the wallet (encryptwallet), then keep multiple offline copies of the encrypted wallet.dat in different places (USB/offline disk, etc.).
On top of that, keep a verifiable text backup of descriptors (listdescriptors true) offline and protect it yourself (e.g., GPG-encrypt and print the ASCII-armored text; or split with Shamir/SSKR if you like). Test a restore once, then seal the backups.
So the practical, supported path is: keep the encrypted wallet.dat (digital) + store the passphrase and an offline, operator-protected descriptor dump (physical if you wish). There is no Core-endorsed "paper wallet.dat" because any exported key material is necessarily plaintext and must be protected by you.
Hope this solves your issue.