App Attest Issue in Production - Attestation Object Size Increased

Privacy & Security General
myahmad_avey
myahmad_avey OP
Created Jul ’25
Replies 3
Boosts 0
Views 132
Participants 2

Hi Apple Team and Community,

We encountered a sudden and widespread failure related to the App Attest service on Friday, July 25, starting at around 9:22 AM UTC.

After an extended investigation, our network engineers noted that the size of the attestation objects received from the attestKey call grew in size notably starting at that time. As a result, our firewall began blocking the requests from our app made to our servers with the Base64-encoded attestation objects in the payload, as these requests began triggering our firewall's max request length rule.

Could Apple engineers please confirm whether there was any change rolled out by Apple at or around that time that would cause the attestation object size to increase?

Can anyone else confirm seeing this?

Any insights from Apple or others would be appreciated to ensure continued stability.

Thanks!

Replies  3
Boosts  0
Views  132
Participants  2
Apple Staff, Engineer
Engineer OP
Apple
Jul ’25

While I investigate this on our end can you answer some questions please:

  • are you still able to validate the oversized attestation objects?
  • what was the size you were seeing before, and what is it now?
0
myahmad_avey
myahmad_avey OP
Jul ’25

are you still able to validate the oversized attestation objects?

Yes

what was the size you were seeing before, and what is it now?

According to our network engineers, who have visibility over request sizes, the request sizes of our attestation requests were previously around 3750 bytes, then they increased to around 5250 bytes. The firewall's max request length rule was set to 5000 bytes, so it began blocking those requests. The request contains just a few headers; the bulk of the request size is attributable to the Base64-encoded attestation object.

0
Apple Staff, Engineer
Engineer OP
Apple
Jul ’25

Could you send us a couple of these larger attestation objects for us to see what might be going on.

Also, are these from iOS or some other device?

If you would rather not share the objects openly here on the forums, you can open a support request at https://developer.apple.com/contact/request/code-level-support/ and reference this forum thread in the "Did someone from Apple ask you to submit ..." section

And once you get the acknowledgement email, you can respond and add the objects as attachments to make sure we don't have garbled text, and I will take over from there.

Argun Tekant /  DTS Engineer / Core Technologies

0
App Attest Issue in Production - Attestation Object Size Increased
First post date Last post date
 
 
Q