Exactly this. I will never trust a device that someone else holds the key for - ever. This is a fail in all respects & I urge everyone to avoid it until they change this anti-feature.
Trezor for the win.
we also have a single-sig option coming soon.
Is there an ETA?
I understand the motivation behind the server key, and it made sense for a web wallet implementation. It obviously makes less sense for a hardware wallet.