I thought of a way where someone could order physical bitcoins without any risk of loss in the mail.  I have never had any of my shipments lost, but of course it is always possible.  And the obvious solutions aren't easy.

• If I send funded bitcoins and they get lost, they're gone.
• If I send funded bitcoins and they don't get lost, the recipient could claim they were lost.
• If I send unfunded bitcoins and they get lost, someone out there (a postman) will have unfunded coins.  Unfunded coins are a problem because it makes it impossible to accept coins without checking block explorer - defeating the purpose of the whole series of coins.
• If I send unfunded bitcoins and they don't get lost, recipient could claim they were lost and ask for a replacement, but then they would have unfunded coins.
• If I send funded bitcoins but keep private keys, none of the problems are solved.  I could take back the funds, but then there's an unfunded piece somewhere.
• The very idea that I could keep private keys scares buyers of large value bitcoins.  It would also be nice to have physical bitcoins produced by two parties, so the buyer doesn't have to worry about the possibility of manufacturer scams.

I thought of "binary bitcoins" as an idea.  Basically, this would be a physical bitcoin in two parts, neither of which is the complete physical bitcoin.  For example, I could come up with a gold bar that has a hologram like normal, but also on the bottom, a precisely hollowed out spot that would accept, and permanently hold, a coin-shaped object, which would be an activation token with the 2nd key.  The bar could have a serial number (XYZ123) and lasered text to clearly indicate that the bar has no value without the matching hologrammed brass activation token, also bearing the same serial number (XYZ123) lasered on its face.

1.  I, and some other trusted party, would each generate a private key, and then calculate the bitcoin address of the combined key using only the public keys, and EC addition.  So nobody has the full private key.
2.  I would send out the piece with my half of the key.
3.  When the recipient said the bar arrived, the other trusted party would send out the activation token with his half of the key.
4.  When the recipient said the token arrived, he would "snap" it into the dugout on the gold bar, so it would permanently stay there.  At that point, I would fund the address calculated in step 1.

If the recipient says the bar didn't arrive, I could simply send a new bar with a different address.  The risk of loss becomes limited to the value of the unfunded bar.  Wherever the first bar ended up, whether a postal worker or a dishonest buyer, it would never become complete.

If the recipient says the token didn't arrive, as many duplicates as necessary would be sent.

Neither part has any Bitcoin value for customs purposes, and it doesn't really matter if customs seizes it.  Neither part should be mistakable for a complete item.

With this scheme, the buyer is assured that no mailman or customs agent can steal his bitcoins.  And no manufacturer can steal his bitcoins either, once he has had his bar funded.