I agree with a lot of what you write, and I also think we are way beyond that "comprehensibility boundary" when it comes to modern tech stacks. There is just no single person who understands exactly what happens on all levels of the stack when I send this reply.
But also, this process of "we got it, wait we didn't..." is just how real world security works, there is no way around it. Security is not <clever research team coming up with moon math> and problem is solved. Security is complex, and takes years of attack incentives and hardening to mature. TLS implementations can use the best crypto algorithms we know of, and we still get Heartbleed. Intel already with the very first release of SGX introduced the TCB recovery mechanism, precisely because they knew users are bound to find vulnerabilities.
There is also a strong hysteresis effect because of the long release cycle of chips. For example, SGX was released in 2015/2016 with Skylake, and then two years later we discovered Meltdown/Spectre and with them a whole new dimension of attacks on the CPU. However, Intel couldn't just release a hotfix for their hardware, it took a lot of time and work to re-design the CPU to be more side-channel resistant, and in the meantime security researchers naturally latched onto these attacks, giving the false impression that the whole idea of secure compute is flawed.
Personally I would not bet on CC tech becoming obsolete, on the contrary, a lot of Big Tech are pumping more and more resources into it, and there is increasing demand from various industries. The tech will stay around, it will mature, and perhaps vendors will even start to introduce HSM-like hardware protection mechanisms if there is enough demand.
But also, this process of "we got it, wait we didn't..." is just how real world security works, there is no way around it. Security is not <clever research team coming up with moon math> and problem is solved. Security is complex, and takes years of attack incentives and hardening to mature. TLS implementations can use the best crypto algorithms we know of, and we still get Heartbleed. Intel already with the very first release of SGX introduced the TCB recovery mechanism, precisely because they knew users are bound to find vulnerabilities.
There is also a strong hysteresis effect because of the long release cycle of chips. For example, SGX was released in 2015/2016 with Skylake, and then two years later we discovered Meltdown/Spectre and with them a whole new dimension of attacks on the CPU. However, Intel couldn't just release a hotfix for their hardware, it took a lot of time and work to re-design the CPU to be more side-channel resistant, and in the meantime security researchers naturally latched onto these attacks, giving the false impression that the whole idea of secure compute is flawed.
Personally I would not bet on CC tech becoming obsolete, on the contrary, a lot of Big Tech are pumping more and more resources into it, and there is increasing demand from various industries. The tech will stay around, it will mature, and perhaps vendors will even start to introduce HSM-like hardware protection mechanisms if there is enough demand.