Imagine, for a moment, that an attacker has knowledge of these “less secure” seed phrases. They don't need to brute force the entire possible range of seed phrases, just the compromised range.
That's why you roll the dices yourself. Also verify off-device that it follows the seed-from-rolls standard (manufacturers provide code to verify it)
What if they could wait until your shiny, trustworthy hardware wallet is finally connected to your computer?
That's why you never connect it to computer. Only communicate through air-gapped medium like camera+qr_codes.
The supply chain for hardware wallets is mostly a black box
What about using generic hardware like rasberry_pi + seedsigner? Those devices are not build for bitcoin keys. Supply-chain attack probability is significantly reduced.
Yes, absolutely, Seedsigner is the way. Not promoted, not marketed, doesn't have piles of ads on bitcoin podcasts.
But it's the real thing.
There's also a telegram forum, they're very friendly if you have questions: https://t.me/joinchat/GHNuc_nhNQjLPWsS
reply