[limpkin]

Disclosure: I'm the creator of Mooltipass.

When creating the Mooltipass offline password keeper we actually spent a considerable amount of time thinking about solutions for the particular problem explained on this website.

We therefore opted for the following techniques:

- only allow signed firmware updates, signed using an encryption key unique to each device

- given that firmware flashing using external programmers requires complete flash/eeprom erase, we implemented a challenge/response protocol to check for tampering during shipping.

Obviously things are way easier when you don't allow custom firmwares to be flashed on a device. But as a general rule I wouldn't trust a device that would allow other programs to run on it (eg phones, computers...)