> I believe Nvidia chips have a secure way to run your model on other infra.

Yes. And its already on offer today.

See Tinfoil(US)[1] and Privatemode(Germany)[2]

Tinfoil have not been independently audited, it is somewhere on their long-term radar.

Privatemode have been thoroughly independently audited with documentation available on request.

[1]https://tinfoil.sh/ [2] https://www.privatemode.ai/

Confidential computing is not secure against a potential attacker who has physical access to the hardware. The CC security guarantees explicitly assume the attacker has no physical access.