Actually it may already easily be solved by using a multisig of hardware with electrum in just a normal multisig.
Multi-device multi-sig is definitely the direction we should head as it helps a lot. You turn the risk into where their supply chains overlap. It's important to keep a few things in mind:
* All devices must be from different manufacturers. If you do 2 of 3 where two are form the same manufacturer you've lost the supply chain resistance entirely
* If two of the manufacturers use a component in common your supply chain resistance is decreased
* If two of the manufacturers use a secure element in common your supply resistance is gone entirely
* The chances of a similar *wafer producer* being used between any of the components is quite high
* If the same wafer producer is used for the secure elements your supply resistance is gone entirely
* Even if the secure elements are printed using different wafer producers, they may use the same wafer machines. It is not simple but a wafer making machine itself could be updated to modify the secure elements it prints to inject malicious circuits.
* Most importantly, you can never be certain these things aren't happening. On-chain 2FA however is easily verified by looking at the blockchain.
By using on-chain 2FA you're able to "stake" on unrelated supply chains in a way that can only increases security. Throw a key on the iPhone supply chain for instance, or Android. You could even do both, adding as many as you like. Each that you add increases your security. The attacker must infiltrate all of these supply chains to succeed and using existing large supply chains makes the attacker's task much more difficult.
So really these approaches should be combined. On-chain 2FA plus multi-device multi-sig is an awesome combination of security factors.
Multi-device multi-sig protects you against malicious hardware wallet software while on-chain 2FA protects you against malicious hardware wallet hardware.
Since you're depending on both electrum technologies Gmbh and hardware wallet producers like trezor and ledger to be in kahoots so its really unlikely your funds can be attacked... You can also input numbers to produce a seed and can verify it with a few different websites or an interpreted version of the code (interpreted as apposed to compiled, checking every function).
Creating your own seed phrases and importing them into your hardware wallets is much more secure than letting the devices generate them.
This assurance only works however if you never use the wallet to sign anything and only sign one transaction that withdrawl all the funds. After that the key you created should be considered tainted and never used again.
This is because of the chosen nonce attack.
On-chain 2FA does help mitigate some of the concerns of a chosen nonce attack.
