Hrm, don’t really want to start this argument up again 😅 but SeedSigner has a lot more hardware risk than a ColdCard, except (perhaps) for targeted supply chain attacks — because a SS is widely available off the shelf stuff, it has ‘herd safety’ whereas CC is obviously only for Bitcoin so has a clear incentive to be attacked. SeedSigner is also more closed hardware than the ColdCard is (RasPi is very closed), though neither are fully open as CC give schematic but PCB layout is closed and Secure Elements are mega closed and the ST Microprocessor is also closed.

Similarly, for the software risk, ColdCard software stack is way way fewer (orders of magnitude) lines of code than what’s in a SeedSigner which AFAIK is running an entire Linux. CC firmware can be deterministically built, whereas SS doesn’t and that might be tricky to achieve.

So while both are great, they have slightly different security characteristics and for *most people* the ColdCard comes out as the stronger option