Skip to content

test: debug Phala attestation tcb_info_issuer_chain parsing failure#2707

Open
barakeinav1 wants to merge 2 commits intomainfrom
test/debug-phala-attestation
Open

test: debug Phala attestation tcb_info_issuer_chain parsing failure#2707
barakeinav1 wants to merge 2 commits intomainfrom
test/debug-phala-attestation

Conversation

@barakeinav1
Copy link
Copy Markdown
Contributor

@barakeinav1 barakeinav1 commented Apr 5, 2026

DO NOT MERGE — debugging only

Temporary debug changes to investigate the tcb_info_issuer_chain parsing error when uploading TDX quotes to Phala's attestation service.

Changes

  • Dump raw Phala response before parsing (length, first/last 500 chars)
  • Show response context around the error column on parse failure
  • Fall back to Mock attestation instead of crashing (so the node stays alive for further debugging)

Background

All MPC nodes fail Dstack attestation with:

Missing or invalid field: tcb_info_issuer_chain at line 1 column 5620

See mpc-private#261 for full investigation.

To test

Build and push the MPC node image from this branch, deploy in a TEE CVM, check logs.

@barakeinav1
test: add debug logging for Phala attestation upload failure
d8fd7ca 
Temporary debug changes to investigate tcb_info_issuer_chain parsing error:
- Dump raw Phala response before parsing (length, first/last 500 chars)
- Show response context around the error column on parse failure
- Fall back to Mock attestation instead of crashing on failure
- Add serde_json to tee-authority dependencies

DO NOT MERGE - for debugging only
@claude
Copy link
Copy Markdown

claude bot commented Apr 5, 2026

PR title type suggestion: This PR modifies source code and dependencies, not test files. Since it's addressing a parsing failure, the type prefix should probably be fix: instead of test:.

Suggested title: fix: debug Phala attestation tcb_info_issuer_chain parsing failure

@claude
Copy link
Copy Markdown

claude bot commented Apr 5, 2026

Review: test/debug Phala attestation

PR is marked DO NOT MERGE — reviewing for issues that could cause harm if accidentally merged or if the debug branch runs longer than expected.

⚠️ Critical: Mock attestation fallback bypasses TEE security

crates/node/src/run.rs:90-99 — On attestation failure, the node silently falls back to MockAttestation::Valid. If this code reaches any non-debug environment, it means a node can join the MPC network without a valid TEE attestation, completely undermining the trust model.

Even for a temporary debug branch deployed to a CVM, this is risky:

  • If other nodes or the contract accept Mock attestations, this node would be operating without hardware-backed integrity guarantees.
  • The error is logged, but nothing prevents the node from participating in signing.

Suggestion: If the goal is to keep the node alive for log inspection, consider failing after logging (i.e., still exit/crash) or gating the fallback behind an explicit --unsafe-allow-mock-attestation flag so it can't happen silently.

Minor: Response body may contain sensitive data in logs

crates/tee-authority/src/tee_authority.rs:153-163 — Dumping up to 1000 chars of the Phala response at info level. This is fine for a debug branch, but ensure these logs aren't shipped to any shared/persistent logging backend where the attestation service response could leak.

No other issues found. The debug logging and serde_json parse-then-report pattern are reasonable for the stated investigation purpose.

⚠️ Issues found — do not merge as-is (which aligns with the PR's own label).

@barakeinav1
fix: don't crash when TEE attestation fails on startup
bb95e41 
The node crashed immediately when the attestation service was
unavailable or returned an error. The node is fully functional
without attestation — it can sync blocks, generate signatures, etc.

Now the node logs the error and continues running without
attestation. The periodic attestation resubmission task will
retry later.

Closes #2710
@claude
Copy link
Copy Markdown

claude bot commented Apr 6, 2026

PR title type suggestion: This PR modifies source code files to fix a parsing failure, so the type prefix should probably be fix: instead of test:.

Suggested title: fix: handle Phala attestation tcb_info_issuer_chain parsing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@barakeinav1