ok, but how does the vault trust that the key was generated on the card and wasn't forged outside? Is it signed with the public key you publish somewhere?
Discussion
if you are interested in how it works in detail, check out the spec for bolt card
https://github.com/Amperstrand/boltcard/blob/main/docs/SPEC.md
not sure if this is the official one, but you'll find it i'm sure