I am working on a project to take Bitcoin private keys and integrate them into legacy PKI applications.

The basic gist is if you need to trust someone has kept their keys secure, send them some BTC.

If the UTXO stays put, then it's a good chance they have kept the key safe. 

Monitoring a wallet is much cheaper than a red team.

Opinions?