> These guarantees rely entirely on trust in the hardware but it's not your hardware.

This exactly the problem that "trusted computing" is designed to solve.

I'd encourage you to read for example the AWS Nitro Enclave outline here: https://aws.amazon.com/blogs/security/confidential-computing....

Nitro enclaves are similar in that they are designed to stop AWS operators from having access to the compute, even though it isn't owned by you.

No, it's not. This is because Apple is the one providing the enclave, so the party you have to trust is them. When a cloud vendor offers this they use trust rooted in the manufacturer of the chips they are using.