I've setup a 2/2 multisig wallet on Electrum and cosigned it with a hardware wallet (Ledger).
From what I've understood, your keys never leave the hardware wallet when signing transactions, correct?
And since if I try and make a transaction on the electrum multisig wallet, I still need to sign it with the hardware wallet then broadcast it; it is an added security. Is my understanding correct?
If so, are there any possible vulnerabilities in this setup? A possible means of someone accessing the multisig wallet I've setup and actually spending the coins, without access to the hardware wallet.
Also, if the hardware wallet gets lost, I wouldn't be able to spend the coins too unless I restore it on another device. Correct?
Sorry if I sound dumb, I tried searching specific answers and couldn't find any and as you know, some sources also cannot be trusted so I think it is better to get answers here instead.