Part 1 of a 2-part series on TPM attestation
Background These days, the Trusted Platform Module (TPM) is a pretty ubiquitous piece of hardware. This is thanks in part due to Microsoft requiring it [since 2016 for Windows 10] (https://docs.microsoft.com/en-us/windows-hardware/design/minimum/minimum-hardware-requirements-overview#37-trusted-platform-module-tpm) .
The TPM enables very interesting security features, like decryption/signing of data, key exchange protocols, and more, without handling the private key in software.
One of the other big things a TPM can be used for is attesting a server to a remote server.