My proposed BIP would be that the transaction is mathematically constructed in a way where the math contained would only compute accurately IF the transaction was sent to the EXACT and only the EXACT address displayed on the Hardware Wallet.
Can not get it. Malware sited inside machine may substitute for your destination address its own one to sign it. Hardware wallet i
n this case will reveal you that substituted address
that is way it is strongly recommended to check twice what you sign by HW. How do you suggest to l cope with this by mathematics?