IMEI can be recovered once you throw the sticker away. A private key that can be used to install new software cannot be recovered, or if it can that's a huge security risk.

The device should not have the private key loaded onto it at all, just the corresponding public key. The private key would only exist on the sticker and thus be unrecoverable if you threw it out or destroyed it.

The IMEI example was just to demonstrate the ability to slap a device-unique code + matching sticker on something during manufacturing at scale.

Slapping stickers on something is not a scaling issue. The secure storage and transmission of private keys is. The idea that you'd just slap the private key on a sticker and have no other record of it is not something I even considered because that's very user-hostile behavior (unless they already have the intention to mod the device software before they buy it, they're unlikely to retain the sticker). It also screws with the secondhand market, both because secondhand devices won't have their key, and because the original owner obviously had access to the key and could have tampered with the software on the device before selling it.

maybe a physical button to generate a new private key + QR code for the PK displayed on screen ?

You're confusing physical access with ownership. If I have physical access to a device, that does not mean I should have the power to install compromised software on it, because it may not be my device at all.

This is a surprisingly common oversight that the hardware freedom crowd keeps ignoring. I don't understand why so many people just implicitly assume that physical access means security should be thrown out the window.