What version of the package are you using?

latest

Does this issue reproduce with the latest release?

Yes

What OS and CPU architecture are you using (go env)?

irrelevant

What did you do?

Set up a TrustAnchor (using the provisioning process) with no CoSWIDs. Thus, there is not SoftwareID.
The system is set up for the Endorsement Store to use the memory back end.

What did you expect to see?

Calls to GRPC.GetAttestation with a token for that TrustAnchor to gracefully handle the case, and not produce an error.

What did you see instead?

When GRPC.GetAttestation is called with a token for that TrustAnchor, it calls GRPC.extractEvidence, and extractEvidence returns a proto.EvidenceContext with SoftwareID set to "".
Then, back in GetAttestation, the call to o.EnStore.Get, with key set to "" returns error "The supplied key is empty".

This causes GetAttestation to return the error.

It appears that santizeK is not prepared to handle the case when the key is empty. Possible solutions are to change that behavior in santizeK, or to add a check in GetAttestation for an empty ec.SoftwareID before calling o.EnStore.Get().