From what I understand the actual signing still happens at the user, so it's just an overcomplication with doubtful benefits.
so the owner receive a message asking for a signature (not transactions, messages only) and if he approves that connection request so the user can connect on the other side.
What if a malicious third party intercepts the message and ask for signing a transaction that send coins to a different address? Will your design get the user see and deny that?
like a 2FA
2FA is not as good as you'd think. There can be many ways to go around it if the whole system is complicated.
However, let's say that all goes great. You have basically an online wallet where one still needs a local corresponding wallet to sign the transaction.
What stops the online wallet mine all kinds of data about the customers? And what's the benefit of those customers? (I don't see any.)