Without having open hardware designs and trusted fabs about the best you can do is use as many discrete components as possible and FPGAs (whose designs greatly minimize places to hide backdoors). Definitely avoid SoCs.

These guys appear to be using some of the best ideas:
https://puri.sm/

On Thu, Apr 26, 2018, 9:11 PM grarpamp <grarpamp@gmail.com> wrote:
>         "we are working on encrypting the entire ledger using Intel
>         SGX, such that no human has access to the raw unencrypted data
>         "

"SGX isn't perfect - life is full of tradeoffs, and I'd love to move
to zero knowledge proofs once the technology has developed further"

"Intel ME isn't a backdoor - it's just a secondary computer"

"it's treated as part of the chipset so the tools for doing so were
given to computer manufacturers, not end users."

Right, a computer you have no fucking idea what it does,
what's inside it, what it's software is, or how to own it.
And you want to put money and secrets on it
and connect it to the internet? Lol.

Not that it matters since the entire planet runs
on completely closed and thus untrustable
hardware, and software, connected to the internet.

Sane people would rather trust opensource math
than closed hardware, or at least call out that
their worshipped hardware is in fact... closed.

There's just no excuse for not publicly loudly calling out
closed shit and demanding #OpenFabs , #OpenHW .

Instead of doing that, seems like everyone bought
the "security is number one" kool-aid Intel spun out
during Meltdown / Spectre / etc. Fools.