The design of the key-value server API, version 2, appears to include a way to bundle parallel requests in the same request. As a general rule, we tend to advise people using HTTP not to do that sort of thing. If the content needs to be processed independently, then separate requests is generally a good idea.

There is a traffic analysis exposure when multiple requests are made. Intermediaries will be able to observe the size of the separate queries and learn more information. In this case, the intermediary is the code that runs outside of the TEE. Request coalescing in HTTP can help protect against on-path attackers, but the operator of the TEE will learn sizes. I don't know whether this is enough of a serious attack to justify the bundling feature though.