@ericfj unknowingly threw me into a rabbit hole of trying to figure out the state of the art in RISC-V freedom-tech-compatible secure enclaves, aka how to securely not use AWS Nitro Enclaves. This is interesting.