I think this is really cool! Currently, a Lightning node sysadmin also has full access to the all the funds locked up in that node. By utilizing a remote signing device the sysadmin can run the node without being able to control the liquidity on it.

I understand the motivation for moving the keys away, but it is not that clear to me how to prevent the device that is doing the signing from being fooled into signing something that it shouldn't.