feat(kms): warn at startup when self-authorization is disabled

Copilot · kvinwang · web-flow · commit 39a3a31e2572 · 2026-04-16T10:13:18.000Z
Agent-Logs-Url: https://github.com/Dstack-TEE/dstack/sessions/45dd268c-01c8-4e86-bd8f-978cbb70dff7 Co-authored-by: kvinwang <6442159+kvinwang@users.noreply.github.com>
diff --git a/kms/src/main_service.rs b/kms/src/main_service.rs
@@ -26,7 +26,7 @@ use ra_tls::{
 use scale::Decode;
 use sha2::Digest;
 use tokio::sync::OnceCell;
-use tracing::info;
+use tracing::{info, warn};
 use upgrade_authority::{build_boot_info, local_kms_boot_info, BootInfo};
 
 use crate::{
@@ -76,6 +76,9 @@ impl KmsState {
             config.image.download_timeout,
             config.pccs_url.clone(),
         );
+        if !config.enforce_self_authorization {
+            warn!("self-authorization is disabled; trusted RPCs will not be gated by KMS self-attestation - do not use in production TEE deployments");
+        }
         Ok(Self {
             inner: Arc::new(KmsStateInner {
                 config,
