Fair enough on there not being a performance difference. I suppose you could run an IPMI or redfish query (assuming they expose it to you) to get hardware specs on the server to see if any storage is physically connected?
I guess there's a larger question - is it possible to construct a completely transparent architecture for customers who are trustless in you as a service provider?
The CPU essentially signs running code and API responses using a key that only the CPU manufacturer knows. That way, you can verify that your cloud services are running the binaries you told them to run.
Note the long list of vulnerabilities on that page and the removal of this feature from desktop CPUs. (Let’s be real, its only use case on desktop is DRM)
I mean, you need some kind of trust, somewhere. Maybe you don't have to trust the service provider, if it provides some type of TPM attestation traced to the key of someone you do trust.
On the other hand, they have physical access. Even with efforts at remote attestation, etc, the game is lost.
I guess there's a larger question - is it possible to construct a completely transparent architecture for customers who are trustless in you as a service provider?