We know and every message here is pointing this out.

That may be the point for _you_, but really the point is to be offline, transfering a key between two offline devices is an option for some.. it's certainly an option for testing... and even simply testing increases your assurance, though its not a complete assurance for the reasons enumerated.  E.g. without determinism every device off the factory line may be leaking your keys in every signature, and no one could tell short of a successful reverse engineering of the device.  With determinism, the evil could only be intermittent and escape discovery ... since just a single user loading a static test key and checking the output would catch the case where device device leaks in every signature.

If your offline device is just a HSM that signs everything then there is an obvious solution: blind the signatures. It's trivial with schnorr but even for ECDSA there is a scheme which should work for this.  Otherwise, multisignature seems to be the only reasonable fix.   Any of the ZK proofs are too complex and expensive in the prover.  Your paper suggests the device create the proof, but thats likely out of the question complexity wise for many signers (running a k*G under a ZKP is a very expensive computation), better would be to blind the signature and then use the ZK proof to prove to the device that the blinded signature is something it wants to sign... this works better because existing constructions have fast verifiers.


Yes, if you have no trustworthy devices you are simply out of luck. No system can save you.  If _all_ of your devices are concurrently bad they can just emit your key instead of a signature and your online hosts can simply call home to report it.

There must be some assumption of honesty.  A reasonable one is that you will use multiple devices and at least one of your devices will be honest, or at least not serving the same evil master.  Under that assumption secure systems can be built, without it no secure system can be built.

Showing K doesn't seem prudent.  Better to just sign twice and compare the results: they should be identical.  If you really wanted to show K, better to show H(K).  Otherwise someone could just use the revealed K to immediately compromise the security if they could see the device's screen.