The processor’s key isn’t just stored in memory where it could be copied. It’s created at the chip’s “birth” in the factory, often burned into silicon or derived from microscopic manufacturing imperfections called PUF (Physically Unclonable Function). These imperfections are as unique as a human fingerprint and serve to generate a key that nobody – not even the manufacturer – knows or can copy. They can only cryptographically sign it at the factory.

The result is that a freshly manufactured chip has a private key inside it. When activated, it simply announces “my corresponding public key is this number,” and the factory system signs that public key (“processor manufactured according to standards”). The processor has hardware restrictions on when and how it will sign things with that key.

These technologies are known as Secure Enclave in Apple’s world, TrustZone (ARM technology used in Android devices), or TPM and SGX in computers and servers. It’s essentially a separate, miniature computer within the computer, with its own memory and logic, invisible to the operating system – and even to you with full administrator rights.

This is where mechanisms like Google’s Play Integrity API or Apple’s App Attest come in, using this hardware vault as a notary. When you launch a banking app or a game, it asks the vault to issue a “certificate of authenticity.” The vault checks whether the system has been altered, whether it’s running on an emulator at some server farm in China, and digitally signs this report with that non-extractable key, while the server on the other end verifies the manufacturer’s signature.

App developers now have a powerful weapon that gives them near-mathematical certainty that they’re dealing with a real, unmodified physical device, not some script trying to hack the game or create thousands of fake accounts. For developers, this means the end of cheap spam and a fair playing field for gamers. But for us, it means that if we don’t have a “kosher” system approved by the manufacturer, the door to the service stays closed.

The X app (formerly Twitter), for instance, now refuses to log you in unless full attestation passes. This means the only people who can sign in through the app are those with a certified, non-rooted phone, running the manufacturer’s original operating system, using the original unmodified X app installed from the Play Store or App Store.

it also runs completely counter to the internet’s philosophy. Instead of protocols that internet services were built on, we now have end-to-end controlled apps where we don’t even control the part running on our own device – our own property. If we decide to install a different operating system, or exercise our right to modify it under open-source licenses, we’re out of luck.