Deterministic choice of k unfortunately does not solve the issue, because you cannot verify that choice without knowledge of the private key.
Understood - but the offline device does have the private key and presumably could display that, and if it can do that then it could also display the "k" value that could then be audited via another offline device.