Just as a side note, memory encryption isn't limited to niche secure hardware anymore. Mainstream x86 CPUs have supported it for years: AMD has SME/TSME (and SEV on the server side), while Intel provides TME/MKTME. The memory controller transparently encrypts DRAM contents with hardware-managed keys, so protection against physical memory extraction attacks is already available on many ordinary PCs and servers.