You can use more than one key you know.

Keep the private key you actively use in the secure enclave. The system you actively use is most at risk.

Keep a secondary offline private key as backup. You can generate and store it in a secure location, and never move it around. Airgapped even if you want. You could even use a yubikey or other hardware for the secondary key giving you two hard to export keys.

Distribute pub keys for both of them.

Best of both worlds?