This point is very interesting, and to expand on it I think a multisig or TSS involving multiple enclave vendors could add an additional layer of security, arguably even 3FA.
Especially combined with this, I imagine it is significantly difficult or at least prohibitively expensive to attack multiple architectures and in the span of a single transaction.
There are attacks which can fake attestations of bad enclaves, so I don’t think key rotation alone would prevent those on a single architecture, but I’m not sure how easy it is to perform such attacks on multiple enclave architectures at once before one patches it.
This seems strictly better than a SNARK alone, especially with
- enclaves from multiple vendors in a multisig
- rotating keys every transaction