Self-custodial w/o compromises is absolutely what we're aiming for.

As far as SGX security, Intel has been pretty good about releasing mitigations and TCB recoveries in a timely manner. Usually that means we need to change a few compiler flags in exchange for reduced performance or update some certs. Running on the most recent Intel CPUs also helps a lot here. When the Lexe app wants to provision keys to the node, it can check that nodes have mitigations applied, are running on recent hardware, etc...

At the end of the day, security isn't all-or-nothing and I think SGX gets us to a good middle ground.

Adding on to what Philip said, we've also tried to be practical and architect things in a way where we aren't solely depending on SGX for security. User nodes aren't exposed to the public internet, for example, which would allow attackers to attempt exploits by sending crafted network messages. If a 3rd party wants to attempt an SGX exploit, they'd have to get into our infrastructure first, or find a vulnerability in our reverse proxy.