Where did I say that? I specifically stated that the one-way hash is kept in a Secure Enclave on the device. Nowhere did I say anything about requiring a connection to unlock the device. There is nothing about Apple security that is ever sent to the cloud unless the user decided to use iCloud. Even then nothing about the device security is ever sent to iCloud. ZIP, nada, nothing.
The Secure Enclave is part of the A13 Bionic SoC (System on a Chip) which includes the System Processor, the Encryption Engine which includes the Secure Enclave, Graphics Processing Units, Neural Engine, and other ICs, all incorporated into a single 8.5 billion transistor Integrated Chip. The passcode one-way comparison hash is kept somewhere in a randomized EPROM memory location inside a Secure Enclave inside the Encryption Engine in the A13 Bionic SoC, not on the cloud.
Incidentally, that specific A13 Bionic SoC is hardware registered to other components inside that specific iOS device. It cannot be pulled out and just stuck in another iOS device and work without being registered to those other components, and vice verse. This is more of the security iOS devices offer to keep the users data safe.
Looks like that should have been directed to PIF. Apologies