A duress PIN provides absolutely no protection in the following scenarios:

- The attacker can open up your Coldcard and use basic timing measurements

- You are using multisig

- They have a lower bound on your holdings

- They know you use a duress PIN and therefore ask you to reveal both