still, a pointless attempt.

coldcard for example has a dedicated privileged flash segment (the “boot ROM” which is not ROM at all) that handles retrieving the key and could store the PIN/root key in its small flash segment

it is not truly verifiable without ripping out the chip and faulting it