The user is meant to keep a backup copy of the seed written down somewhere safe.

If the firmware had been tampered with, there is no safe way to extract the key. Better that the user uses the recovery seed on a fresh device.

Which means the weakest link of your fancy hardware wallet is how well you hide that bit of paper with your seed phrase.

If the attacker's goal was to erase the user's data, and the firmware _didn't_ erase data on invalidation, then the attacker could simply write a firmware that erases the user's data.

Why complicate things? Just smash the device. This is only effective if the user doesn't have their seed phrase.

Edit: Looks like I was beaten to this down thread.

I think in this case the idea is that the attacker isn't physically in possession of the device, but rather has tricked the user into running a malicious firmware updater for the device.

Ah, yeah,that makes sense. Hadn't considered that angle. Would track with the user behavior exposed here, namely getting their stuff from an unofficial source (be it the device itself or the firmware).

Thus the importance of backing up the seed phrase. Bad actor that wishes to cause harm can use a hammer.

If an attacker succeeds in tampering with the firmware on a crypto wallet (and more generally any secure authentication/transaction confirmation device), losing authentication/signature capabilities is very likely the second worst outcome.

Good point.

Same design as the HDD on your laptop. The solution is a backup.

Unlike a safe, a hardware wallet doesn't store money, it stores private keys. These keys are derived from a seed phrase you are supposed to back up offline.