Thanks Gidon for raising this! It's great that we start to think through REST API support for encryption. We have been asked to support Encryption in the Polaris community multiple times.
For metadata.json integrity, the REST catalog can add a checksum to the metadata.json file at the commit time and validate it while loading it back. There are certain use cases where engines may still load tables directly from storage even when IRC is used for committing. It seems like a loophole, but IRC couldn't really do anything about it. It's probably the system admin's responsibility to take care of it. For metadata.json confidentiality, I thought the metadata.json itself is encrypted as well, no? Yufei On Wed, Nov 5, 2025 at 12:28 AM Gidon Gershinsky <[email protected]> wrote: > Hi all, > > The REST catalog server implementations that keep the table metadata in a > json file in an untrusted storage, are not safe for table encryption [1]. > The data confidentiality and integrity can be broken by malicious > modifications of the metadata.json. > > We propose a short addition to the REST spec [2] that requires protection > of the metadata integrity in catalog implementations that will be used for > encrypted tables. > > Being a spec add-on, this is brought for a community discussion. All > comments are welcome. > > Thanks, > Gidon > > > > [1] thread starting at > https://github.com/apache/iceberg/pull/13225#discussion_r2465759567 > [2] https://github.com/apache/iceberg/pull/14486 >
