Phala — In light of the recently disclosed WireTap research demonstrating a vulnerability in Intel SGX on DDR4 platforms, Phala is announcing a strategic transition away from SGX toward next-generation confidential computing technologies, including Intel TDX and NVIDIA Confidential Computing (CC).
The WireTap team demonstrated extracting SGX attestation keys via DRAM bus interposition and forging quotes on DDR4-era servers.
In response, we are shutting down SGX usage across Phala and migrating to Intel TDX and NVIDIA Confidential Computing. There is no impact to the Phala Network: Phala’s master key is safeguarded by a permissioned set of gatekeepers, and gatekeeper admission is restricted.
What happened
At the 2025 ACM CCS conference, the WireTap team presented a practical, low-cost attack on Intel SGX. Using sub-$1,000 equipment, they interposed on DDR4 DRAM buses to observe enclave memory traffic and successfully extracted SGX attestation keys.
With the attestation key compromised, attackers can:
- Forge attestation quotes, making malicious enclaves appear genuine.
- Breach confidentiality by extracting encryption keys from enclaves.
- Breach integrity by faking proofs of execution or storage.
Their proof-of-concepts highlighted real-world blockchain deployments (including Phala, Secret, and Crust) as potential victims.
Minimal Impact on Phala
Phala’s architecture ensured that the WireTap discovery has had no impact on network security:
- No evidence of compromise: Phala Cloud and dstack are not affected by this vulnerability, as they are note based on SGX.
- Attack surface limited: SGX usage was minimal within Phala’s infrastructure. Arbitrary SGX nodes cannot join the network; gatekeeper admission is tightly controlled.
- Master key safeguarded: The master key is secured by a permissioned set of gatekeepers, and no new gatekeepers have joined the network since deployment.
Phala remains committed to advancing the state of confidential computing and strengthening the privacy infrastructure that underpins the Web3 ecosystem.
Decisive Action: Shutting Down SGX Infrastructure
In response to WireTap, Phala Network is shutting down all SGX compute infrastructure. This decision aligns with our long-term vision to support more secure and future-proof technologies. We are now focusing exclusively on Intel TDX and NVIDIA Confidential Computing to power the next generation of Phala’s confidential compute network.
Existing miners using SGX hardware will no longer be able to join the network, and no action is required from users as network security remains intact.
- Deprecating SGX
- Effective immediately, Phala will no longer admit new SGX workers.
- Existing SGX workloads are being stood down.
- Migration Path
- Intel TDX: Built for DDR5 platforms, outside WireTap’s demonstrated scope, and hardened against physical bus-level attacks.
- NVIDIA Confidential Computing: GPU-backed enclaves for AI and high-performance workloads.
- Continuous Security Review
- We will publish updated operator guidance and migration notes for developers.
- Our roadmap will focus entirely on TDX and NVIDIA CC.
What you need to do
No action is required from users as network security remains intact.
- Node operators: Stand down SGX workers; operator migration guidance is forthcoming.
- Developers: Prepare to target TDX/NVIDIA CC. Documentation and migration notes will follow.
- Users: No action required. Your confidential transactions remain protected.
For further details, please refer to our governance proposal: Referendum 77.
Why This Matters
WireTap’s findings demonstrate that once SGX attestation keys are extracted, trust collapses. Forged quotes enable attackers to bypass network-level verification — a critical failure for any confidential computing platform.
Building the Future of Confidential Computing
“WireTap is a pivotal reminder that trusted execution environments must evolve,” said the Phala CTO, Hang. “Thanks to our architecture and security model, Phala remained unaffected — and this moment accelerates our transition to TDX and NVIDIA CC as the foundation of a more resilient, future-ready network.”
By migrating to Intel TDX and NVIDIA CC, Phala is future-proofing its network:
- Modern platforms (DDR5 era) outside the current WireTap attack scope.
- Hardened confidential computing aligned with industry’s next generation.
- Continued security-first design for confidential AI and blockchain.
Closing
Phala has always been built on the belief that trust must be earned, not assumed. SGX played a pioneering role, but the industry must move forward. By deprecating SGX and embracing TDX + NVIDIA CC, we are reaffirming our commitment to safeguard confidential computing at scale.
We thank the WireTap researchers for their responsible disclosure and Intel for their cooperation.
Stay tuned for our operator guidance and migration documentation.
