Smartcards have attestation too.
But how can you verify that the processor's own software, which ultimately runs the application, has not been compromised?
But how can you verify that the processor's own software, which ultimately runs the application, has not been compromised?