If they don't, maybe you could make a regular symmetric key, store it in HSM, and use it to encrypt the taproot keys.
Discussion
That already happens today. But it's not as safe as a private that cannot leave an hsm directly.
If they don't, maybe you could make a regular symmetric key, store it in HSM, and use it to encrypt the taproot keys.
That already happens today. But it's not as safe as a private that cannot leave an hsm directly.