A PAKE scheme with a passcode communicated out of band during pairing feels more appropriate to make sure no one is snooping.

A one-time out of band authentication (usually some form of trusted physical interaction) is key if you don’t want to trust intermediaries.