To fill in a small detail: in the Bitcoin transaction format, and therefore also in the transparent parts of the Zcash transaction format, a transparent input does not explicitly encode its value. It only points to an output from some previous transaction. However, the “effecting data” that is signed does commit to the input values, as of v5 transactions. Zcash started using this approach with ZIP 244, which activated in NU5. A Zcash hardware wallet could just always use v5 transactions, or alternatively it could always use shielded inputs (if it supports that), for which the sum of all shielded input values has always been explicit.
Even without this, the h/w wallet can infer that the total value of inputs plus fee matches the total value of the outputs, by definition. The issue that motivated the change in BIP 341 or ZIP 244 is that the fee is also not explicitly encoded, in either Bitcoin or Zcash. We’ll fix that as well in Zcash at some point, I think in NU7. (It was a candidate change for NU6 but we decided not to do a transaction format change.)