Update: It seems MiUnluck doesn't support AndroidOne phones, but like everything related to Xiaomi products, there is no "official" answer for that.
I disassembled my phone at the cost of scratching the phone, which was looking as if it was bought anew, and found out that even EDL mode requires authorization.
Sec_Boot0 PKHash-Index:0 OEM_PKHash: True Auth_Enabled: TrueUse_Serial: False
Sec_Boot1 PKHash-Index:0 OEM_PKHash: True Auth_Enabled: TrueUse_Serial: False
Sec_Boot2 PKHash-Index:0 OEM_PKHash: True Auth_Enabled: TrueUse_Serial: False

So, is my only option fishing for "leaked" Mi accounts, and/or waiting for benevolent hackers to find an exploit in the bootloader. Is that not a too stupid position to be in?
We cannot solve a simple software problem, because Xiaomi doesn't care a bit for their customers.