In the context of cryptocurrency hardware wallets, what are pro and cons of a single TEE controller (Trusted execution environment) approach versus a dual microcontroller approach (one microcontroller is secure), as seen for instance on Ledger Nano?
Which architecture can be considered more secure?
This question is essentially comparing a full real microcontroller dedicated to executing trusted code and only trusted code vs. a "virtual" microcontroller, i.e. a trusted execution environment within an existing microcontroller.
A microcontroller with TEE essentially executes trusted and untrusted code on the same hardware and only provides a soft separation between trusted and untrusted code. Given that trusted and untrusted code share the same resources it is more likely to successfully execute side channel attacks based on timing or caching behavior (i.e. attacks like Meltdown or Spectre) then with a full hardware separation.
Other than that both setups can be messed up. The problem is usually that trusted and untrusted code somehow need to interact and it might be that the trusted code is handling data from the untrusted side without properly treating the data as fully untrusted. Software can and usually will have bugs and this is true for trusted code too. Another problem is how to make sure that only trusted code gets loaded into the trusted part of the system, especially considering that once trusted code might no longer be trusted since bugs in it were found.
Of course, having a single microcontroller with TEE has also advantages. These boil down to the advantages virtualization usually offers: less hardware needed and therefore cheaper to build, easier to integrate and less power needed.
