btw. what I want to generally spend more time on is the talk about supply-chain attacks of wallets. It's potentially easier to compromise some dependency or a build than accessing some RAM on servers directly.