The technology disclosed herein provides a cryptographic key wrapping system for verifying device capabilities. An example method may include: accessing, by a processing device, a wrapped key that encodes a cryptographic key; executing, by the processing device in a trusted execution environment, instructions to derive the cryptographic key in view of the wrapped key, wherein the executing to derive the cryptographic key comprises a task that consumes computing resources for a duration of time; using the cryptographic key to access program data; executing, by the processing device, the program data, wherein the executed program data evaluates a condition related to the duration of time; and transmitting a message comprising an indication of the evaluated condition.