Most anti-cheat works by looking for bad things — scanning for cheats, watching for tampering. Hardware attestation flips the question: instead of hunting for what is wrong, it asks the hardware to prove that things are right.
What attestation means
Attestation is a device producing cryptographic proof about its own state. Rather than software saying "trust me, nothing is wrong," the hardware itself signs a statement describing how the system started and what it is running. A remote service can check that proof. It is the difference between an unverifiable claim and a verifiable one.
The role of the TPM
The Trusted Platform Module makes this possible. During startup, components of the boot process can be measured — recorded as cryptographic values — into the TPM. The TPM can then sign those measurements with a key that never leaves the chip. The result is a report, rooted in hardware, that a service can verify: this device booted in this state, attested by a real TPM, not by software that could be lying.
Why anti-cheat is interested
The appeal for anti-cheat is clear. A kernel-level cheat works by compromising the system that the anti-cheat itself runs on — if the cheat is deep enough, the anti-cheat's own report cannot be fully trusted. Attestation moves the root of trust below software entirely, into hardware. A system that cannot produce a clean hardware-rooted attestation is suspicious regardless of what its software claims.
The trade-offs
This is powerful and also constraining. Hardware-rooted attestation depends on specific hardware features being present and enabled — a TPM, a measured boot path, Secure Boot. It raises the baseline a PC must meet. It is part of the same trend that made TPM 2.0 and Secure Boot requirements for some games — trust moving downward into firmware and hardware.
The takeaway
Hardware attestation has the device cryptographically prove its own integrity, rooted in the TPM rather than in software that a deep cheat could subvert. It points clearly at where anti-cheat is heading: away from only scanning for cheats, toward verifying the platform itself — which is also why hardware identity keeps becoming more central.