What your saying about trust makes sense, thanks a lot for asking about the amazon locker attack vector. I was thinking more about it, and I think the amazon locker portion of the service is the most secure part of the hardware wallet supply chain. The locker has cameras, and one time use codes with a tracked record of access. No other portion of the supply chain has any security features. There is little to no security along the supply chain even if you buy direct. But trust is very hard to build, so your so right about that part.