A New Hardware-Level Attack — And What It Really Means
Today, researchers publicly disclosed an updated version of the https://tee.fail/ , a physical exploit targeting DDR5 memory used in Intel TDX and other trusted execution environments (TEEs).
The attack requires direct physical access to a running server — the adversary must attach a custom interposer to the memory bus to read encrypted traffic and infer cryptographic keys.
It’s a strong reminder that attestation alone doesn’t prove where your confidential workloads actually run.
Phala Cloud Is Secure — No Action Needed
Phala Cloud customers remain fully protected.
This attack cannot be executed remotely and has no effect on our operating infrastructure.
Phala currently runs on a combination of:
- OVH and bare-metal infrastructure deployed in professionally managed Tier-3+ data centers, featuring biometric access, full video surveillance, tamper-evident hardware controls, and audited operations; and
- New integrations in progress with major hyperscalers — Google Cloud (GCP), Microsoft Azure, and AWS — to extend our Proof-of-Cloud framework to enterprise-grade confidential computing environments globally.
Because all our systems run in verified facilities with continuous attestation and controlled supply chains, there is no feasible path for the physical DDR5 attack to occur.
Why This Matters for the Industry
The DDR5 vulnerability demonstrates that hardware trust must include physical provenance.
Attestation proves what is running, but not where it runs or who can touch it.
As confidential computing becomes critical infrastructure for AI and Web3, this layer of trust is non-negotiable.
Defense-in-Depth: Proof-of-Cloud
Proof-of-Cloud = Attestation + Provenance + Physical Security
Each Phala Cloud server is bound to a unique hardware id.
Through Proof-of-Cloud, anyone can:
- Verify that workloads run only on whitelisted CPUs and verified data centers.
- See real-time attestation status and provider provenance.
- Confirm the physical location and certification of every node.
- Detect and revoke compromised or relocated hardware immediately.
This framework closes the trust gap left by deterministic-encryption attacks like this DDR5 vulnerability, providing verifiable, transparent infrastructure security.
Collaborating With the Ecosystem
We’re working closely with Intel and leading TEE networks such as Secret Network and NearAI to standardize Proof-of-Cloud as an industry-wide trust framework.
Our upcoming integrations with GCP, Azure, and AWS will extend the same physical provenance verification to their confidential computing platforms — giving users a consistent trust model across clouds.
What Users Should Do
No action required.
Your workloads remain secure and continuously verified.
We’ll be publishing:
- A Proof-of-Cloud whitepaper and technical guide
- A dashboard for real-time verification and audit logs
- A public webinar with our partners to discuss post-DDR5-Attack best practices
A Closing Note on Transparency
Phala was founded on one principle: trust should be verifiable.
The DDR5 Attack disclosure reinforces that transparency — not secrecy — is the path to lasting confidence in confidential computing.
With Proof-of-Cloud, we’re ensuring that verifiable trust extends from the enclave all the way down to the rack.
Stay Informed:
Contact: [email protected]
Follow: @PhalaNetwork
