It would be helpful if people submitted more samples from the OnePlus 7 Pro with Auditor. See attestation.app/tutorial#expan for instructions. It appears that OnePlus may have shipped an update changing the calculation of the verified boot key fingerprint, so it's failing verification.
Conversation
The app uses the verified boot key fingerprint as a key to look up the device in the database of known devices. It uses this to identify the device model and obtain the other information needed to verify the device, including which workarounds to apply for device-specific quirks.
Replying to
The verified boot key fingerprint is included in the normal hardware-based attestation, unlike the device model, and it's not supposed to change. Qualcomm may have changed how they calculate the fingerprint in their keymaster and some vendors are shipping this breaking change...
1
3
Titan M StrongBox keystore implementation uses sha256 of the Android Verified Boot key in the pkmd.bin format generated by avbtool. Qualcomm used something more complicated and may have switched to using a simple sha256 instead. It shouldn't change on existing devices though...
4