My point was that this situation doesn't allow for Software Freedom, since you the user cannot control the OS, its an unmodifiable blob unless you are either someone with a blessed key (like Google, or GrapheneOS devs), or are willing and able to to go without the apps that use the attestation APIs, or have one locked down device for attestation apps and a separate one that you can actually control. Probably the only way to deal with that is make attestation to third parties illegal, I assume governments and banks would get exempted from such laws though.