If signing devices want to be evil and have the signing device sign malicious transactions, there are simpler ways than leaking keys through maliciously chosen nonces.
nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc explains with nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 and nostr:npub1p4kg8zxukpym3h20erfa3samj00rm2gt4q5wfuyu3tg0x3jg3gesvncxf8 why signed firmware matters in BR072. #DarkSkippy