in the course of boot, a PCR of your vTPM is extended With all the root of the Merkle tree, and later verified from the KMS ahead of releasing the HPKE non-public key. All subsequent reads from the foundation partition https://no-ransom-6dmd.vercel.app
