diff --git a/Cargo.lock b/Cargo.lock
index 13ac274..66406e3 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2482,7 +2482,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_agent"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "axum-core",
  "base64 0.22.1",
@@ -2510,7 +2510,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_cdk"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "candid",
  "ciborium",
@@ -2523,7 +2523,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_cli"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "anyhow",
  "candid",
@@ -2546,7 +2546,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_host_daemon"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "anyhow",
  "clap",
@@ -2559,7 +2559,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_identity"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "candid",
  "ciborium",
@@ -2577,7 +2577,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_logtail"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "anyhow",
  "clap",
@@ -2588,7 +2588,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_nitro_attestation"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "candid",
  "ciborium",
@@ -2604,7 +2604,7 @@ dependencies = [
 
 [[package]]
 name = "ic_tee_nitro_gateway"
-version = "0.2.8"
+version = "0.2.9"
 dependencies = [
  "aws-nitro-enclaves-nsm-api",
  "axum",
diff --git a/Cargo.toml b/Cargo.toml
index 9ad5ec3..61c2d7a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -18,7 +18,7 @@ strip = true
 opt-level = 's'
 
 [workspace.package]
-version = "0.2.8"
+version = "0.2.9"
 edition = "2021"
 repository = "https://github.com/ldclabs/ic-tee"
 keywords = ["tee", "canister", "icp", "nitro"]
diff --git a/src/ic_tee_cli/src/main.rs b/src/ic_tee_cli/src/main.rs
index 668ed6a..509013a 100644
--- a/src/ic_tee_cli/src/main.rs
+++ b/src/ic_tee_cli/src/main.rs
@@ -36,7 +36,6 @@ use std::{path::Path, sync::Arc};
 
 static LOCAL_HOST: &str = "http://127.0.0.1:4943";
 static IC_HOST: &str = "https://icp-api.io";
-static SETTING_KEY_ID: &str = "id_ed25519";
 static SETTING_KEY_TLS: &str = "tls";
 static COSE_SECRET_PERMANENT_KEY: &str = "v1";
 
@@ -68,7 +67,7 @@ pub enum Commands {
     /// derive the principal with canister and seeds
     IdentityDerive {
         /// TEE kind to derive the principal
-        #[arg(long, default_value = "Nitro")]
+        #[arg(long, default_value = "NITRO")]
         kind: String,
 
         #[arg(long)]
diff --git a/src/ic_tee_identity/src/api.rs b/src/ic_tee_identity/src/api.rs
index e8c02f8..736dc88 100644
--- a/src/ic_tee_identity/src/api.rs
+++ b/src/ic_tee_identity/src/api.rs
@@ -30,7 +30,7 @@ fn whoami() -> Principal {
 fn sign_in(kind: String, attestation: ByteBuf) -> Result<SignInResponse, String> {
     let attestation = match kind.as_str() {
         "NITRO" => parse_and_verify(attestation.as_slice())?,
-        _ => Err("unsupported attestation kind".to_string())?,
+        _ => Err(format!("unsupported attestation kind: {}", kind))?,
     };
 
     let now_ms = ic_cdk::api::time() / MILLISECONDS;
diff --git a/src/ic_tee_nitro_gateway/src/main.rs b/src/ic_tee_nitro_gateway/src/main.rs
index 0b7d517..a689f9a 100644
--- a/src/ic_tee_nitro_gateway/src/main.rs
+++ b/src/ic_tee_nitro_gateway/src/main.rs
@@ -216,12 +216,21 @@ async fn bootstrap(cli: Cli) -> Result<(), BoxError> {
     };
 
     let principal = tee_agent.get_principal();
-    log::info!(target: LOG_TARGET, "start to get master_secret");
+    log::info!(target: LOG_TARGET, "start to get my_master_secret");
     // should replace with vetkey in the future
-    let master_secret = tee_agent
+    let admin_master_secret = tee_agent
         .get_cose_encrypted_key(&SettingPath {
             ns: namespace.clone(),
-            user_owned: true,
+            user_owned: false,
+            key: COSE_SECRET_PERMANENT_KEY.as_bytes().to_vec().into(),
+            subject: Some(principal),
+            ..Default::default()
+        })
+        .await?;
+    let my_master_secret = tee_agent
+        .get_cose_encrypted_key(&SettingPath {
+            ns: namespace.clone(),
+            user_owned: true, // admin can't read user owned master_secret
             key: COSE_SECRET_PERMANENT_KEY.as_bytes().to_vec().into(),
             subject: Some(principal),
             ..Default::default()
@@ -229,11 +238,11 @@ async fn bootstrap(cli: Cli) -> Result<(), BoxError> {
         .await?;
     log::info!(target: LOG_TARGET,
             elapsed = start.elapsed().as_millis() as u64;
-            "get master_secret");
+            "get my_master_secret");
 
     log::info!(target: LOG_TARGET, "start to get_or_set_root_secret");
     let root_secret =
-        get_or_set_root_secret(&tee_agent, &start, namespace.clone(), &master_secret).await?;
+        get_or_set_root_secret(&tee_agent, &start, namespace.clone(), &my_master_secret).await?;
 
     let info = TEEAppInformation {
         id: principal,
@@ -283,7 +292,8 @@ async fn bootstrap(cli: Cli) -> Result<(), BoxError> {
                 None
             } else {
                 log::info!(target: LOG_TARGET, "start to get_tls");
-                let tls = get_tls(&tee_agent, &start, namespace.clone(), &master_secret).await?;
+                let tls =
+                    get_tls(&tee_agent, &start, namespace.clone(), &admin_master_secret).await?;
                 let config = RustlsConfig::from_pem(tls.crt.to_vec(), tls.key.to_vec()).await?;
                 Some(config)
             };