The robustness of a cryptographic protocol is based on knowing what the algorithm does, making it public and being tested, like a peer review but in real life.

The more times a cryptographic protocol has been tried to be attacked and failed, the more valid it is to be used in production.

Right now there are accusations that the NSA and NIST are hiding the development of new post-quantum cryptographic protocols.

"Daniel Bernstein at the University of Illinois Chicago says that the US National Institute of Standards and Technology (NIST) is deliberately obscuring the level of involvement the US National Security Agency (NSA) has in developing new encryption standards for “post-quantum cryptography” (PQC). He also believes that NIST has made errors – either accidental or deliberate – in calculations describing the security of the new standards. NIST denies the claims."

“NIST isn’t following procedures designed to stop NSA from weakening PQC,” says Bernstein. “People choosing cryptographic standards should be transparently and verifiably following clear public rules so that we don’t need to worry about their motivations. NIST promised transparency and then claimed it had shown all its work, but that claim simply isn’t true.”

The key here is that NIST will approve them for use in industry, industry will accept them because oh my god, the quantum age has arrived, and they will discard secure algorithms for insecure and poorly tested algorithms, a perfect strategy.

Quantum computing is currently a fallacy just like fusion energy, it is just a public money grabber.

On the other hand, it was recently discovered in the snowden papers that Cavium, which was then one of the main manufacturers of cryptographic coprocessors for VPN devices, had a backdoor introduced by the NSA in its chips, these chips were used for years by most manufacturers such as CISCO.

And some still recommend hardware wallets with secure elements that are closed source 😂. 

Robust cryptography can only and only be opensource, you understand? from the beginning to the end. 

 Hey man interesting post and food for thought, thank you. 
Which hardware wallets use the closed source chips?  

 For example BitBox. However, only one of the 4 keys is stored in this closed-source secure chip. The rest is all open-source. 

 @jb55 can we do something in future releases that size of click-on note is controlled? These massive letter hurt me eyes! 

  https://i.nostr.build/wGLVr.jpg  

 Aren’t all current secure elements closed source? Open one in development? What would you recommend instead? 

 Good take. Some things only work if they're general and open. 

@giacomozucco  has talked a lot about the role of a large enough anonymity set for some privacy tools to work properly. 

I think this is a similar effect. From that point of view, there was no alternative to opening Tor to the public. Makes perfect sense. 

Btw, using hardware wallets instead of standard hardware increases risk for the same reason: it marks you as part of a relevant and smaller subset.