You do need to trust Intel as it relates to deterministic and verifiable SGX hardware. SGX has had issues, but these are fixed pretty quickly [1]. Creating the isolated layer like SGX gives you verification of what is running on VP.NET's servers though, and the code is available to review and compile yourself so you can verify it is the same [2].

From a defense in depth standpoint, the more layered and isolated securities, the better.

[1] https://sgx.fail

[2] https://github.com/vpdotnet/vpnetd-sgx