A "secure", closed source processor. Given the Ledger bootloader had a rather nasty and bluntly obvious bug in it that allowed you to bypass all of the write protection and boot any firmware, I'd give them nearly zero chance of having got anything else right.
Hi, I've written bootloaders before.I know that blacklisting addresses doesn't work, as many memory locations will be mapped multiple times. Strangely, most people that have worked with microcontrollers is aware of this, except for the people who wrote the closed source bootloader at ledger.