Security question:

Could we have the same level of security - or very close to it - from requiring a secure enclave like a vm running on the device for banking apps with hardware passthrough, or would there be no way for that vm to verify it has actual hardware passthrough and that it's not being tampered with?

That way you would just get the entire vm with the app from the Play Store or Apple, and nobody needs to worry about root?