I don’t think that these attacks indicate things one way or another for ZKPs vs TEEs. After all, you yourself mention catastrophic breaks for various TEE implementations.

There are two kinds of issues: a break in the proof system, and a break in the program that proof system is proving.

The first is analogous to vulnerabilities in the TEE platform, of which, as you yourself note, there have been numerous.

The second is analogous to a bug in the program running in the TEE. Again, this is a kind of bug that’s totally possible when writing plain software too.

Yes, ZKP-based privacy mechanisms have an issue where if you have these soundness bugs, it can be catastrophic. We can and should design ZKP systems that are resistant to such issues. But it’s just part of the maturity cycle of the tech. AFAIK dusk was an early adopter of the tech back when we were still figuring out how to implement things securely.