You are correct, this article is part of my self-hosted Tailscale series using Headscale, which is why I'm receiving the full benefits of moving Syncthing to it. Otherwise Tailscale would keep the same metadata that Syncthing discovery and relay servers were. I talk about that in Part 1 of the series, it's a main motivator for self-hosting Headscale.
Even with Coreboot on anything vaguely modern, there is a 'Management Engine' or 'Platform Security Processor' you can't practically control.
On the better understood Intel versions, this is running a full MINIX 3 operating system and controls the network card in ways the BIOS and operating system root cannot monitor. It runs a significant amount of code; with hardware obfuscation that has not yet been broken.
That was precisely Bitcoin's goal as stated in its whitepaper [0]
> A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.
> Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for non-reversible services. With the possibility of reversal, the need for trust spreads. Merchants must be wary of their customers, hassling them for more information than they would otherwise need. A certain percentage of fraud is accepted as unavoidable. These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party.
> What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers. In this paper, we propose a solution to the double-spending problem using a peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions. The system is secure as long as honest nodes collectively control more CPU power than any cooperating group of attacker nodes.
https://shop.mntre.com/products/mnt-pocket-reform