As well as distributed ledgers, cryptography and the consensus mechanism, the Bitcoin security chain includes key generation and management for storing keys and signing transactions.

If security is dependent on the weakest link, then why does "Verify, Don't Trust" for the monetary protocol not apply equally to the hardware used for key management? It seems that when it comes to HW, "Trust Me, Bro" is the prevailing ethos.