use at least two or better three signing devices to VERIFY
i bought another pizero and an aluminum enclosure because a second signing device is absolutely needed to verify. what almost no one knows: an attack is possible if wallet company and signing device manufacturer conspire criminally. let’s say they are in high debt from gambling or they get extorted by a mafia to kill their family and they are very desperate. in a coordinated attack, they could send your funds to their wallet instead of where you intended to send it, even if you verify all addresses on your signing device. the same is true for receiving funds. in a coordinated criminal attack of the signing device manufacturer and the wallet manufacturer they could even show your funds in your wallet for months or years under your utxo when in fact the utxo was already emptied by them. for this fact it is necessary to use a signing device which does not come from a wallet manufacturer. it is better to use two or three opensource signing devices and verify all addresses on two or three self custodial wallets. remember: never trust anyone, always assume that everyone is rogue, be paranoid and verify EVERYTHING. the described attack becomes even harder or close to impossible if you use 2/3 multisig. but multisig is not for everyone. it is very complicated to do, it requires a lot of knowledge and a lot of backups and in addition to that in increases the fees of every bitcoin transaction.