After my
earlier post, being also inspired by
pixie85's post and by icopress' suggestion, I decided to check the hardware integrity of the Ledger I received from Betnomi.
Very nice post, and somewhat reassuring.
The first, and only, thing I made with that signing device was actually performing an integrity check. I guess you are manually doing what the ledger live app is doing behind the curtain.
Don't trust, verify.
The only thing that puzzles me:
The entire list of TargetIDs is available on the website I mentioned above (obviously, none of these can be found directly on Ledger's website so you need deep Internet search for obtaining all this information):
Can you trust a list found on the internet? Why Ledger doesn't disclose this kind of information?
Otherwise,
Great work!