The wallets can have a malicious random quantity generator.
There are a number of methods to be malicious. Sometimes random quantity mills are thought of malicious when they’re
someway predictable, so in the event you use them another person can guess your “random quantity”.
However that does not look like what your plan protects you from.
What you confirm along with your process is that your {hardware} pockets don’t offer you a special seed (once you do the preliminary setup or ask to export it) from the one it used to generate the personal keys and associated addresses, that it makes use of once you obtain or ship funds with him.
On this which means, the seed (from which personal and public keys are derived in HD wallets) wouldn’t be yours however belong solely to your {hardware} pockets: you possibly can obtain and ship utilizing the system, however in the event you import the seed elsewhere there aren’t any related funds, as a result of it is totally different from the one utilized by Trezor.
Nevertheless I’ve by no means heard of such an issue on any {hardware} pockets.
The wallets can generate deal with for keys that aren’t mine
This do not make sense to me, public addresses are derived from personal keys, so the pockets have to have the personal
keys to generate addresses … i am undecided what you imply.
Moreover, you possibly can’t confirm that you’re the only proprietor of a seed or a personal key, probably the most you are able to do is make
certain that this doesn’t leak out, but when someway somebody manages to repeat, predict or generate it randomly, you possibly can’t
discover till the cash goes away.
So, all issues thought of, I believe you possibly can keep away from having to confirm the seeds that your wallets offer you, as a result of this
provides virtually nothing to the safety you have already got utilizing multisig addresses with 2 {hardware} wallets evaluated
as Trezor and Coldwallet, which can be already closely scrutinized, as you possibly can see right here for instance.
PS: I do know that if the trezor has a malicious random quantity generator and it creates a personal key that not solely myself personal, it is a privateness leak, however not an issue. And it is a privateness leak solely after I spend from this deal with, revealing the general public key on the blockchain.
I am not conscious of troubles with Trezor rng (have you ever any reference for this?), but when your personal keys are leaked you’ll lose your funds virtually istantly, there isn’t any want to attend you spend, as stated earlier than, public key and addresses derive from personal key, so when you have this you do not want anything
