You're thinking about hardware authenticators, not Passkeys. Passkeys are definitionally synchronized and backed up in the cloud (otherwise you just have a sparkling WebAuthN authenticator).

Proprietary clouds and sync backends create their own set of problems, but they do solve the availability issue of always having to register at least two different security keys with each service.

> to be honest, I wouldn't mind if google/Apple can take all my private data and passkeys hold them

That's exactly what you can do today!

> I show my ID they should allow me to setup my new phone.

You have to show them your phone number, which for better or worse is our age's "showing ID", but then you can indeed get back in.