Comment by jmb99

An HSM bypass (extracting keys, performing unauthenticated crypto ops) on any recent iOS device is worth 10s of millions, easily. Especially if combined with a one-click/no click. In that sense, it’s auditable, because it’s one of the biggest targets for any colour hat, and the people smart enough to find a bug/backdoor would only be slightly aided by a spec/firmware source, and a bit more by the verilog.

This is true for pretty much every “real” hsm on the planet btw. No one is sharing cutting edge enclave details, Apple isn’t unique in this regard.