Compared to for example SeedSigner with a hypothetical FROST implementation with paper backups, what would be the benefit of this device? Spend limits sound cool, but they can’t be securely enforced without a SE. And not a simple PIN-protected secure memory, but one that can run arbitrary code. Also, how is key reconstruction handled when changing for example the quorum size?