I totally agree with that and I understand the underlying concerns.
I certainly didn't mean any offence to you, I hope you don't take it that way. Nor am I trying to cast suspicion towards any other legitimate vendor of pre-keyed cards or coins.
Oh no, I did not take it personally so no offense at all, and I believe the legitimacy will appear with time (e.g. Casascius coins)
However, having it done yourself doesn't necessarily mean they are safer than private keys created by someone else.
I also agree with this, the key is only as secure as the machine on which it was generated. However, even if I trust that a pre-keyed card is safe and secure, then fund it with my mother's coins for safe keeping, now she has to trust not only that you are trustworthy, but I am capable of making that judgement for her. The chain of trust has now gotten deeper.
[...]
If they are incapable, or have yet to learn, I will put the
onus on myself to generate a key that is as secure as possible. Since I would be dealing with OPM, I no longer have to concern myself with convincing others to trust the vendor whom I trust, only that they trust me and hold only me accountable.
Yes, your statements about the chain of trust are accurate.
I was underlining the misconception that your keys are "safer" if you are the one who generated them just for the sake of it being oneself who generated them.
You very likely have the skills, the knowledge and you understand the implications of what you're doing when you generate a key, and fund it.
I can say that compared to the global
(uneducated) population, you are part of a tiny winy
(educated) minority.
A relative bought 5k€ worth of
BTC in early 2017.
He went to
La Maison du Bitcoin (
Coinhouse) in Paris as they have a counter where you can change fiats to crypto.
He brought in 5k€ in cash, ID/KYC himself, etc etc...
My friend went away with a bit less than 2.5
BTC ... on his Android phone !!
Just on an app called mycelium they get him to install during the transaction.
So they get his 5k€, (their commission was 10% at that time) and if this
BTC would have gone missing, then they would have blamed my friend for not having a ""secure" setup".
("Who puts 5k without knowing", "what ? your phone system is not secured for that purpose and yet you complain", "yada yada...")
No education about the keys, nothing. Go figure out what would have happened in a legal dispute about this practice.
I know he is very careless about what link he opens on his computer and I'd rather not tell you about his phone...
When he announced that to me, I explained the risks he is under, and I escrowed his
BTC while he was waiting for a HW wallet.
I think that we need something to fill this gap.
Sure, any educated
BTCitcoiner, cypherpunk, IT specialist will be averse to solutions coming with a pre-generated private key and that is completely understandable.
Still, the gap remains.