My plan is to make a multisig between coldcard and trezor. I want to audit and verify that I indeed own the 2 keys of these wallets, using a raspberry pi zero (no wifi/bluetooth by definition) on a very old HDMI tv with no internet either, and using a virtual keyboard and simply a mouse on the pi zero.
These are the possible risks I want to mitigate:
To eliminate the risk of the trezor generating a private key I don’t own, I’m gonna put its key on the raspberry pi zero and see that it generates the same master pubkey and shown in trezor. This proves I own this key, but it might be a kew that someone already owns. No problem, that’s why I’m doing multisig.
On the coldcard, I’ll generate a seed using dices, and then verify on the raspberry pi that those dice rolls indeed generate the private key shown by coldcard. This proves that I own a private key that no one owns, because it was generated using dices.
Now that I have 2 private keys that I own, and at least one of them I’m the only owner, I can create a multisig wallet on Ethereum or maybe BlueWallet. I’ll annotate the first 10 addresses generated by the software wallet, and verify if they match on the coldcard and on the trezor. If the 3 show the same 10 set of addresses, I can consider these addresses safe for receiving Bitcoin.
I’ll then receive some Bitcoin on one address, erase both wallets, restore them with the private keys, and then try to spend this Bitcoin, just to make sure I really owned the coins.
What are the possible problems I can encounter? Am I forgetting something important?
PS: I know that if the trezor has a malicious random number generator and it creates a private key that not only myself own, this is a privacy leak, but not a problem. And it’s a privacy leak only when I spend from this address, revealing the public key on the blockchain.
I also plan to use just PBST air-gapped transactions on Coldcard, and a trusted computer to broadcast.