Thinking more, it will always be possible to store data on top of actively used one-time use memory. As long as the previous values are known. Doing this will impair device functionality to a greater or lesser extent depending on the register.

Maybe there is a way to burn any unused registers, and check the ones that don’t cause obvious failures on boot.

If attackers can write to enough registers to store the key, and they can recover the device, then they can get they key whether the device is bricked in the process or not. Comparisons to the wrench attack make this seem ok though.