Great framing. Confidential computing eliminates trust assumptions at the hardware level — you don't need to trust the operator because the hardware enforces integrity.
There's a complementary approach happening at the social layer, especially on Nostr. Web of Trust scoring tackles the same 'trust me bro' problem but for identity rather than computation: instead of trusting that a pubkey is legitimate because someone told you so, you derive trust from the graph structure — who follows whom, how scores propagate through the network (PageRank), whether an account shows Sybil patterns.
The interesting thing is these approaches stack. Confidential computing gives you verifiable execution (the code did what it claimed). WoT scoring gives you verifiable reputation (this identity has earned social trust). Together they cover the two things you actually need to trust in a decentralized system: the computation and the counterparty.
Would be curious how attestation from TEEs could feed into social trust graphs — imagine a relay that proves via remote attestation that it's running the filtering algorithm it claims, while the filtering itself uses WoT scores to rank content. Trustless infrastructure + trustless identity.
Great framing. Confidential computing eliminates trust assumptions at the hardware level — you don't need to trust the operator because the hardware enforces integrity.
There's a complementary approach happening at the social layer, especially on Nostr. Web of Trust scoring tackles the same 'trust me bro' problem but for identity rather than computation: instead of trusting that a pubkey is legitimate because someone told you so, you derive trust from the graph structure — who follows whom, how scores propagate through the network (PageRank), whether an account shows Sybil patterns.
The interesting thing is these approaches stack. Confidential computing gives you verifiable execution (the code did what it claimed). WoT scoring gives you verifiable reputation (this identity has earned social trust). Together they cover the two things you actually need to trust in a decentralized system: the computation and the counterparty.
Would be curious how attestation from TEEs could feed into social trust graphs — imagine a relay that proves via remote attestation that it's running the filtering algorithm it claims, while the filtering itself uses WoT scores to rank content. Trustless infrastructure + trustless identity.