Who Appraises the Appraiser? Decentralized Attestation with Partial Appraisal and Aggregated Results

We present a decentralized approach to remote attestation that moves evidence appraisal from a central verifier to Trusted Execution Environments (TEEs) at the edge, emitting compact attestation results instead of raw evidence. Our design supports partial appraisal - explicitly encoding unknown or missing evidence - and aggregation of (partial) attestation results across composite systems, anchored in provisioned keys and reference values (RVs). To answer "Who appraises the appraiser?", each edge verifier is itself attested (e. g., Intel SGX/TDX, AMD SEV-SNP, Arm Trust Zone-A/M, RISC-V Keystone and MultiZone®, NVIDIA H100) and its TEE quote is cryptographically bound to the attestation result, enabling relying parties to appraise both the device and the verifier. The approach instantiates cleanly across domains - constrained IoT/smart metering (SMGWs), automotive zonal architectures, cloud/edge multi-tenant stacks, Network Functions Virtualization (NFV) chassis, and power substations - with identical semantics for partial appraisal and aggregation. A prototype using CHAllenge-Response based Remote Attestation with TPM 2.0 (CHARRA) with the verifier inside Intel Software Guard Extensions (SGX) using the Gramine library OS demonstrates reduced network volume and central CPU load with acceptable overheads while preserving conservative security semantics under partially appraised evidence.