I haven’t kept up with it, but OpenCores is a balwark against this type of thing. FPGAs, while not as efficient as fab silicon, AFAIK lets one implement CPUs, interconnects and peripherals without any predefined channels to target for subversion. The NSA or other boogeymen couldn’t craft a backdoor for your FPGA CPU, since the FPGA is just a ‘blank slate’ until programmed so they have no idea even what to attack beforehand. The chip could be literally anything once programmed. FPGAs by design have to faithfully implement the basic gates, with no jiggery-pokery, otherwise it would be evident immediately that something was up. Right?