servers memorize the security token of each pear on the first setup, and check against this memory every time before autosync. If device substituted (same internal drive + ip) the sync is aborted.
the client (local storage) memorizes security tokens of the trusted servers, clients secret key is encrypted on the server with security chip and saved back encrypted to the local storage. Only the trusted server can be accessed with such client ID.
verify something on the server layer, examples: