Fair enough on there not being a performance difference. I suppose you could run an IPMI or redfish query (assuming they expose it to you) to get hardware specs on the server to see if any storage is physically connected?

I guess there's a larger question - is it possible to construct a completely transparent architecture for customers who are trustless in you as a service provider?

You just described https://en.m.wikipedia.org/wiki/Software_Guard_Extensions

The CPU essentially signs running code and API responses using a key that only the CPU manufacturer knows. That way, you can verify that your cloud services are running the binaries you told them to run.

Note the long list of vulnerabilities on that page and the removal of this feature from desktop CPUs. (Let’s be real, its only use case on desktop is DRM)

No.

I mean, you need some kind of trust, somewhere. Maybe you don't have to trust the service provider, if it provides some type of TPM attestation traced to the key of someone you do trust.

On the other hand, they have physical access. Even with efforts at remote attestation, etc, the game is lost.

> RAM-only means there is no intentional or even unintentional logging to non-volatile memory or storage

Let’s say worst case, there is an unintentional leak to a another machine, pretty likely that machine has a disk. These are very obviously highly connected machines. Sorry, but it can never be anything but faith - which is fine if you have or, or chose to.

I don't have a lot of faith in such things, at base, you always have to trust the provider as people or an organization. I'm just describing what this technical measure is and what it is not. It's also not a silver bullet that on its own means you can trust their service enough for your needs -- no purely technical measure can do that.