This logic works for software signing, but not remote attestation. For remote attestation, the "tamper-proof-ness" is the root of the trust chain, and the signing keys are individually baked into the specific piece of hardware and not controlled by a third party. You seem to be hoping that we can disrupt that chain of trust by having manufacturers not record the public keys associated with each piece of hardware (such that individuals could create their own signing keys on open hardware), but that's just not going to happen.
