I think the Trezor Model T is the most secureable. I heard something about wasabi making some devil's deal with some data analytics company..😐
Discussion
Did you see Peter McCormack's interview with the CEO of Ledger and NVK of Coinkite/Coldcard? They both agreed without a flicker of a doubt that the private key could be extracted from a Trezor within 10 minutes. I wouldn't be so sure about the Trezor.
Trezor also partners with Wasabi who in turn are in bed with chainanalysis 🚩
I read about that, and it's a concern. So I probably won't use Trezor's connection with wasabi. I'll use something else if anything.
Most of the popular HW's are probably fine for most of you. But they all have glaring vulnerabilities. Depending on how you use them. But if you have a high threat level, I think Trezor is the only way to go. For now..🤔
Ref for some details. https://blog.trezor.io/our-response-to-the-read-protection-downgrade-attack-28d23f8949c6
Lol.. That's simply not true. After I create a wallet. I back it up and then verify it. Then I wipe it. You can hack something that isn't there lol.
But that's just one of many deterrents. I also use a high entropy passphrase\password. Which Trezor does not store. Even if I didn't wipe the device. The seed phrase is useless without the passphrase\password.
With Coldcard you have to trust not one but two closed source elements. Do you really want to trust you life savings to that..😐
Well, it's true that you can extract the key. But if you wipe it after creating it, I think you have solved the problem. Just don't forget to erase it.
I don't have a good answer to the issue that I have to trust the secure element. That is why Coldcard uses two, so if one is compromised and the other is not, you are still good. But you still have to trust that they are not both compromised.