[tzumby]

Banks store private keys for their ATMs in hardware security modules (HSM) and there are lots of crypto exchanges that started doing that. One of the features is private keys self destruct when tampering is detected. If you have a backup you’ll be able to recover the private key. While I agree that Trezor wasn’t designed with this in mind, I think it’s a good idea to include this feature. Not sure about the size requirements for that though, it might make the device significantly bigger.

[dfox]

True HSM with active self destruct needs to be constantly powered. On the other hand for many if not most applications, typical secure smart-card is is completely sufficient (and in fact typical POS card terminal stores most of it's long term secrets on SIM-like smart-card).

[numpad0]

Somewhere in my junk parts bin is such a PCI card I bought out of a junk bin at Akihabara, that has Mitsubishi logo clearly printed with archaic construction overall, apparently marketed by NEC somehow, which product brochure page disappeared after I mentioned it on Twitter,

Had a pair of blown AA battery for self destruction. I never bothered to get it working, but IIRC it was supposed to detect removal from PCI slot(the proper) to self erase. So it’s not rare or difficult.

[wbl]

At this years RWC someone fuzzed the software on the HSM. Keys came out.

[tzumby]

Thanks for sharing this, I had to google RWC. For others that don’t know the acronym: https://rwc.iacr.org

[bob1029]

Size requirements shouldn't be intensive, assuming it's a single-shot system. All you need is 128-256 bits worth of secret key data that is physically-destructible (e.g. with a high voltage spike). You then encrypt/decrypt the rest of the secrets stored in the device with this destructible key.

[Lucadg]

Bigger may be better.

After all these devices are hard to use in part because if the tiny screens.

Since most of the time you don't carry them in your pocket it does not appear to be a problem if they are bigger.