Trezor T is vastly superior solution for U2F / WebAuthn and also fully open source. The main advantage is super mature backup (Shamir's secret sharing) and PIN-locking with exponential escape. Being a Bitcoin hardware wallet, security is very well tested.
> Being a Bitcoin hardware wallet, security is very well tested
Given the history of the cryptocurrency field, A is very far from implying B. And there's at the very least the Ledger analysis[1], which reveals several vulnerabilities. (The core issue for me is the order->backdoor->return issue - it doesn't seem there's a way to verify integrity of device or supply chain)
Given the history of reputable Bitcoin hardware wallets, A actually does imply B. Hardware wallets are the only viable way to store cryptocurrency securely, with great track record since inception in 2014.
Regarding the supply chain, there is very little that can be done, and yubikey-like solutions certainly do not excel here. Trezor T at least comes with no firmware (to be installed by the user) and holographic sticker. Basic, but better than Yubikey et al.
It's interesting that Trezor and Solo are mentioned here. We specifically with OnlyKey decided not to go with an STM chip like the ones used in these devices due to the vulnerability that affects these devices described here -https://medium.com/@Zero404Cool/trezor-security-glitches-rev...
