The issue appears to be an OS-level provisioning bug with how Apple's internal Privacy Proxy handles production bundle identifiers. Apple's CipherML is trying to route PIR token requests through a Privacy Proxy. In the beta, the App Store (production) build fails the ⁠NEMembershipChecker⁠ (Code 3). Because the membership check fails, the proxy isn't provisioned. Since CipherML is designed to "fail closed" if a proxy can't be established, the connection drops entirely, resulting in your ⁠-1009 Offline⁠ error and the ⁠_NSURLErrorPrivacyProxyFailureKey=true⁠ flag. Dev-signed builds route to a proxy, so that's why Xcode works. When a VPN is active, iOS bypasses internal system Privacy Proxies to avoid tunnel-in-tunnel conflicts. That's why VPNs work. If you haven't already, install the VPN (NetworkExtension) debug profile on your test device. This will un-redact the ⁠com.apple.CipherML Code 1800⁠ errors in the macOS Console and should explicitly confirm the proxy provisioning failure. Update your Feedback/Radar ticket to highlight that ⁠NEMembershipChecker⁠ Code 3 is failing specifically for production-signed profiles, causing CipherML to fail closed on the privacy proxy. Also, if the ⁠NEURLFilterManager⁠ or PIR configuration APIs allow it, see if there is a temporary parameter to set the proxy behavior to "fail open" (direct connection fallback) for the duration of the beta cycle.