I don't think that blockstream is malicious or incompetent.

That said, I prefer to trust coldcard because nobody seems as security paranoid or shows as much attention to detail as Coinkite.

Also those things are built to last decades.

Seems pretty good tbh as long as you’re prudent about your seed phrase and passphrase

I’ve only really heard good things about Jade that i can recall

Probably one of the safest options available at the moment, unless you want to go to the trouble of building your own signing device. There’s no web3 garbage in it and if you don’t care about Liquid you can ignore that feature. You can also disable Bluetooth and just connect it with USB.

As far as I know, as long as you don’t share your 24 words or pass phrase, you should be good?

I had this same concern and paranoia years ago which lead me to multisig

Just keep it airgapped, simple and don’t update firmware unless absolutely necessary imo. Same as you, not a dev. But problems start when you mess around. I prefer coldcard but just keep it simple 🤙

I prefer COLDCARD but only heard good things of Jade

If you are concerned about manufacturers, you can mitigate risk by compartmentalizing your stack by generating seeds using different hww, and splitting your stack between them. It's not as good as multisig, but it's not a bad practice.

I've no concerns about my Jade.

The jade is a very solid hardware wallet, the funds are safe.

Unless things have changed, I'm not a fan of the keyserver model where you need internet access to their keyserver to unlock the device. This is a good solution for day to day use but not the best cold storage signing device imo.

I haven't heard/seen anything bad about them.....yet.