@TimothyRoes @soulsource @khleedril @K4mpfie @ErikJonker @pojntfx
Apparently, the standard Android hardware attestation API can attest more than just the hardware. From https://grapheneos.org/articles/attestation-compatibility-guide:
"The standard hardware attestation API can be used to verify the authenticity/integrity of the hardware, firmware, OS and the app running on it. It provides a verified boot key fingerprint for the OS for permitting secure aftermarket operating systems. The app ID, signing key fingerprint(s) and version code of the app enabling hardware attestation are included in the signed public key certificate for the generated key. This enables the app's service to make sure the app is genuine and unmodified along with chaining trust through the OS to the app which can sign messages with the attested hardware keystore key to prove they come from their app running on top of a verified OS, firmware and hardware. The only practical way to bypass hardware attestation is through exploiting the hardware keystore to obtain attestation signing keys, which is protected against by the ability to revoke keys that are being misused. "