Hi guys,
I've just purchased a Ledger and a Coinkite. The beauty of Coinkite hardware wallet is that you never have to connect it online. However, I am thinking: how can I be sure that the BIP39 seed they generate for me is actually randomly generated and not pre-programmed into the device? For example could Coinkite or Ledger could pre-program 1000's of seeds into the devices so that they know there is a high probability that I end up using one of these seeds?
For the ColdCard not only is the software open source so is the hardware:
Firmware:
https://github.com/Coldcard/firmwareBuild your own hardware:
https://blog.coinkite.com/coldcard-hardware-shared/So, yeah you can trust them.
-Dave