I believe the boundary between libsecp256k1 and Bitcoin Core is fairly clear: all the things that entails operations on non-public or public keys is in libsecp256k1.
After all, in idea, something might be anyplace, however I do not suppose there may be a lot leeway right here. The truth is, I believe just lately the intention has been to go the opposite means, and develop barely what’s in libsecp256k1. Particularly, there are at present key-tweak operations in libsecp256k1 (each on non-public and public keys), however issues just like the precise BIP32 derivation logic (together with hashing and so on.) and the taproot key tweaking and verification thereof are in Bitcoin Core, constructing on libsecp256k1’s tweaking API. I believe that in some unspecified time in the future we might prefer to have BIP32 and Taproot-specific APIs in libsecp256k1 as a substitute, as we intention to have APIs there which are high-level and onerous to misuse.
After all, libsecp256k1 is not simply utilized by Bitcoin Core, so even when there was a want to go the opposite means (and transfer some logic to Bitcoin Core), we would not essentially have the ability to try this, as there could also be different customers of the library that may very well be relying on stated hypothetical performance.