It's not 2fa if you assume some catastrophic exploit chain that allows an attacker to dump your macbooks secure element.

I don't think that's a reasonable assumption for most people, and you're screwed in that situation even if you use yubikeys.