rich1.0Big Barry Bitcoin (npub1pk…tpxa6)https://yabu.me/npub1pktmatjk0l8vn3jhfuwxaasjd65kn4ye9sce3egup7k993f8fg2q5tpxa6njumphttps://yabu.meI was thinking about 2 things... 1. The coldcard's co-signing feature https://coldcard.com/docs/coldcard-cosigning/ 2. Their satscard/tapsigner. In both cases, you could have the device generate a master key that you will never know. Only the device knows it (I might be wrong about the co-signing feature). With the tapsigner, you give it a chaincode, and that _theoretically_ gives you a key that you know Coinkite would never know. You can export the XPUB of m/0' (I think) and it will have your chaincode in it. But... Since the rest of the derivation path is hardened in a typical key, you can't verify that the xpub for a typical wallet is derived using your chaincode. So.... What if, just for that one key in a multisig setup, you don't use the typical derivation path so that you can confirm that it uses your chaincode, and since the change and index are not hardened, it still works as expected. Just trying to think about how you can Guarantee that neither the manufacturer or yourself knows the private key.