bootldr is encrypted with the console key (how we get it decrypted would require knowing that except for this method which seems to bypass that). As such it's IMPOSSIBLE to EVER update the bootldr as then the console key for each console would be the same. If you write a bootldr that dumps lv0 (which is the only step required here) and sign it then we're done forever. No more updates can ever hide the keys.
We'd get access to lv0 by getting the bootldr to decrypt lv0 (which it already knows how to do as the bootldr is the FIRST link in the chain of trust) and simply telling it "Hey, rather than storing it memory and deleting it after it's done lets also dump it to say my internal hard drive or USB stick after decrypting it". Then we simply fetch the file later.