Haha, as both a dev and someone with recent painful experience with IOMMUs and libvirtd, I can say that there can be so many factors involved, unless you base it on a widely accessible, docker image for a version and platform with all the build components in a specific set and not messed around with.

Well, "messed around with"... like patches to severe vulnerabilities that were found and squashed since the first build, resulting in a substantially different output.

I'm sure that it is on its' way to becoming an industry standard though. Wallets, and wallet hardware must not require faith, but mathematics to function, focusing on ensuring the build is easy to reproduce and nothing is left out is a great thing.

Coinkite is pretty damn good in the business, one of the best. Their tapsigners are awesome, guaranteed to be cold and unlikely to have the space to compromise anything on an RFID circuit.

Honestly, any developer who doesn't have a tale of the interminable, endless struggle to make something that supposedly is easy work, 5 days later magically transformed into the fuzzy middle aged guy meme from an attractive twentysomething. and swearing off some brand or technology is LYING. and anyone who has any experience in IT and doesn't call them out on such obvious insinuations... that someone complaining is incompetent, in a business where literally 8 little bits wrong can make a program completely unpredictable and unreliable or not even compile. I had a literal single character bug just the other day. Out of 17000 LINES of code, 1 character wrong and it was really hard to find.