Per EIP-3607, the account can no longer originate transactions so the key is not useful to the core protocol. ERCs that use simple cryptographic checks, like permit, may still be able to use the private key to control some of the accounts funds.
I do have some doubts related to
codeAddr: Is this address supposed to be known and supplied by users? Or generally, do you expect wallet providers to facilitate this migration?
This address is supplied by the originator of the transaction, but I assume that wallet companies will deploy the code they want their users to use (likely a proxy account) and when the tx is sent, the codeAddr will be the address associate with the wallet and the storage element will define the owner of the contract wallet.
Any address is valid for codeAddr as long as it has code deployed, so it is completely customizable.