Recently I’ve been thinking about a decentralized software based root-of-trust. A significant advantage of that is to dodge all the obvious problems caused by the hardware root-of-trust, like root key extraction and the data loss due to hardware availability.