I have the uncanny feeling that the only "state actor" that would try to attack Bitcoin itself is not Russia or the USA, but North Korea. They are exactly the kind of people who would attempt something like this.
If this attack were to be realised it is almost certainly would be a joint operation of the western intelligence services (CIA, MI6, DSGE, Mossad etc.).
Your concern can be addressed by using the multisig wallet where HWs act as cosigners. The most secure setup involves the quorum of devices from different manufacturers, so that each one serves as a safeguard against potential compromise of the others.
True, but this doesn't help if every SE vendor is compromised and the kind of threat model I'm envisioning this is a credible scenario.
I think the best way to protect from this is two-fold. 1) Cybersecurity, and specifically the art of finding bugs, needs to be made an essential part of Bitcoin education. 2) The community needs to start producing its own chips. Whether by 3D printing or some other way.
Yes, some kind of hardware that can sign transactions that can be built and verified at home using more standardized building blocks rather than a fully integrated Secure Element. I haven't looked into the details but something *like* this betrusted.io device that incorporates a user-coded FPGA in lieu of a microprocessor.
https://betrusted.io/
"Transparency is the bedrock of trust. Understanding what makes a thing tick gives us an evidence-based reason to trust that it works as intended. Betrusted is unique in that, instead of a black-box CPU chip, it uses reconfigurable hardware – an FPGA – for computation. This means you can compile our reference processor design from source, instead of simply having to accept on faith that this black epoxy rectangle contains precisely the circuits it advertises. "