logoalt Hacker News

Retr0idyesterday at 1:37 PM0 repliesview on HN

You can store key material in hardware-backed enclaves without involving remote attestation. If someone has a modified device/client that stores the keys elsewhere, that's on them - they're only weakening their own security.