So, you want a secure system where nobody needs any kind of password/private key? Good luck with that.
There are already tons of projects out there do create private keys far away from the internet.
That would help somewhat.
So are you collecting statistics or metrics on how many keys were generated in this way? I know I'm not.
And I know somebody is, and that that information is both powerful and useful.
So what I'm saying is that it would probably be a good idea to make that information part of the protocol. What do you think? Can you think of any other such information that might be useful?
There is no way, to know, how a private key was generated. That is just not possible. Unless we are using your favorite tool: magic.