> Intel were able to repeatedly patch and reseal SGX in the wild without needing hardware replacements

I take it you haven't caught up on https://tee.fail/ ?

(Which has been known as a hypothetical ever since Intel quietly changed their threat model to exclude such physical-access attacks, but now we have practical PoCs)