At this point do you think the incentive is large enough so someone in the supply chain has included in hardware, eg in Apple silicon or similar that looks for and sends crypto-sensitive info back?
I don't know about automatically sending sensitive information, but similar incentive already large enough and already happen on few product. Search "cisco backdoor".