You’re right — under direct physical coercion this design does not provide strong resistance. My current threat model is focused more on long-term survivability and secret non-storage rather than state-level coercion resistance. I’m experimenting with limited deniability extensions (e.g. decoy derivation paths), but I’m aware that application-layer branching is not equivalent to formally secure deniable encryption. So I wouldn’t claim this passes a true “wrench test.” At best it may reduce risk in casual coercion scenarios. If the goal were coercion resistance specifically, the architecture would likely need to move toward threshold schemes or multi-party secret sharing instead.

I appreciate the pushback.