This also means you can't use another computer or that your key is lost if you clear browser data. Unless you'd do backups but I doubt this is standard procedure of ProtonMail users.
That's true assuming that the browser doesn't offer any way to manage that using e.g. Chrome/Firefox Sync.
What PGP really needs is a modern security model so you'd have many device keys registered to an identity rather than requiring the risk of spreading copies around. I think I have IIRC 8 GPG subkeys currently (6 of them being Yubikeys) and every aspect of that toolchain is unacceptable in the modern era.
I've got the same setup with subkeys per Yubikey (though I had to rotate due to Infineon).
What do you mean by "device keys"? Something like forward secrecy keys for initial session setup as used by e.g. Signal? This could be done with some effort... actually Rust OpenPGP library Sequoia developers already work on making this use case easier.
Another set of patches circulating on the ML adds support for TPM bound keys, that are non extractable.
