An immutable hardware or firmware element (e.g., fused public key, secure element) that anchors all higher-level trust decisions like secure boot and attestation.