I am trying to understand the comparative differences between the Intel SGX and SubtraTEE SGX infrastructure in designing a threat model for SubstraTEE. Any pointers would be super helpful.
SubstraTEE (today) relies on SGX and IAS, so it adopts all integrity and confidentiality assumptions from SGX.
Remote attestation is verified by our blockchain to gain public auditability, without the need for a verifier to obtain a license with Intel or use IAS at all. In this regard, we add security assumptions of that blockchain too. Our goal is to launch a parachain on both Kusama and Polkadot, so your threat model should involve the Kusama and Polkadot Chains too.
btw: SubstraTEE is being rebranded to Integritee (https://integritee.network)