TL;DR: The reported issue only applies to the legacy Phala Phat Contract under unusual conditions. No user data was compromised, and key protections are already in place. We’re enhancing query verification for extra assurance. Phala Cloud is not affected.

Date: April 13, 2025

From: Phala Network CERT Team

Phala Network acknowledges a recent public research publication by The Chair for Information Security, Ruhr University Bochum, which outlines a theoretical enclave cloning vulnerability affecting TEE-based blockchain systems, including Phala.

We thank the researchers for their contribution to the security landscape of confidential computing. This notice provides Phala Network’s assessment of the reported issue, its real-world implications, and the steps we are taking to enhance the resilience of our platform.

Overview

The research explores a scenario in which a TEE worker enclave running a Phat Contract could be cloned and isolated from the blockchain. If the cloned enclave is disconnected from state updates, it may retain outdated contract data. An attacker could then direct client queries to this enclave, potentially returning stale responses.

The vulnerability hinges on a lack of direct synchronization awareness among enclaves — specifically, that a worker enclave does not actively verify its own sync status beyond the heartbeat mechanism managed by Gatekeepers.

Phala’s Security Assessment

Following a thorough review, Phala Network has assessed the issue as follows:

1. Phala Cloud is not affected Our primary confidential computing platform, Phala Cloud, does not depend on blockchain-based state synchronization for contract queries and is therefore immune to this class of attack.

2. Legacy Phat Contracts may be affected only under specific misuse scenarios. The attack assumes a malicious operator disables sync and bypasses client-side protections. In practice, exposure is extremely limited due to the following factors:
• Phala SDK protections: The SDK includes built-in sync checks to prevent stale reads during the client initialization process.
• Replay attack resistance: All worker queries are signed and protected from replay-attack with a random nonce. It ensures the worker operator cannot fool the client with a outdated response.
• Niche applicability: Only a small subset of developers using custom (non-SDK) integrations without sync checks could be exposed to outdated state reads.

These safeguards significantly reduce the real-world risk. Accordingly, we classify the issue as low severity and not exploitable in standard usage.

Response and Mitigations

Although the issue has minimal practical impact, we are implementing enhancements based on the research suggestions to further strengthen query reliability and user assurance.

1. Documentation Updates: Developer documentation will be updated to:
• Recommend migration to Phala Cloud for new and existing workloads.
• Provide clear guidance for non-SDK users to validate worker synchronization prior to accepting responses.

2. Synchronization Metadata in Query Responses: We will add metadata such as block height or timestamp to all contract query responses. This allows clients to verify the freshness of the returned data directly.

Given the low threat profile and effective existing defenses, these improvements will be integrated into our regular upgrade cycle, rather than issued as a critical patch.

Looking Ahead

Phala Network is committed to the long-term security and integrity of TEE applications. We appreciate the contributions of the research community in advancing this field, and we continue to welcome collaboration, review, and feedback.

For further inquiries or to report a security concern, please refer to our Responsible Disclosure Guideline or contact the Phala Network security team directly.

Phala Network CERT Team April 13, 2025