https://ethresear.ch/t/2fa-zk-rollups-using-sgx/14462/10

What if we would move the remote attestation off-chain? Do you see any scenarios where it would make rollups less secure?

The rollup could serve the remote attestation via a different channel upon request, allowing any user interested in interacting with the rollup to verify its attestation (and that it is the owner of privkey). Since the smart contract verifies signatures generated by SGX, full trust is established.

Even key rotation could be implemented by the rollup, by just creating and storing the remote attestation of every key used.