One of my biggest fears about using any wallet is the "whoops,
cosmic ray flipped a bit while producing receiving address; SFYL!"
possibility. For high value cold storage, I always generate my addresses
on two independent machines using two different pieces of software. Am I
nuts for doing that?
A randomly flipped bit would be extremely unlikely to yield a valid address, however, I still think it you are wise to use independent routes to confirm that your addresses match the keys. I do the same when I generating my cold storage key pairs. I think malicious address substitution is an under appreciated attack vector.
Regarding this thread in general, would it make sense for this proposal to include standards for multi-sig wallet interoperability? A whole spectrum of attacks would be made less likely - and easy for typical users to guard against - by using wallets on separate devices AND where the wallet software was written and provided by different parties.