If that is the case, what stops people from setting up bot farms to gathering millions of valid keys per origin, and then passing them off to requesting users to use with unapproved devices? Seems like the same choke point still exists, in that captchas may be required to prove the token requestor is human.
And since you also could do it maliciously in the sense that you could fire and forget requests if you didn't care about the token, you could spoof your ip across the range of all residential ips to try and force captcha rate limiting on everyone that requests an attlestation.