i don't get how the attestation works? from the FAQ, the proofs are generated on the rpi, which AFAIK doesn't have anything like a modern HSM/vault which would allow them to 1. not allow user access to the secret or 2. not allow user to put ai-generated imagery onto the device for 'attestation'