Mk3 is broken

ATECC608B

Mk4 also uses ATECC608B + a DS SE that is also broken.

The ATECC and DeepCover SEs user by the Coldcard lack critical protections aginst LFI/EMFI.

There are also architectural flaws in the design of the Coldcard device that also allow the easy production of counterfeit devices

And these attacks only get cheaper by the day… a reasonable DIY setup may run $1K at most with pretty good capabilities.