diff --git a/core/container.go b/core/container.go
index 9d2c976d8b3..e8e82c0d66e 100644
--- a/core/container.go
+++ b/core/container.go
@@ -1007,7 +1007,14 @@ func (container *Container) WithExec(ctx context.Context, opts ContainerExecOpts
 
 	// this allows executed containers to communicate back to this API
 	if opts.ExperimentalPrivilegedNesting {
-		clientID, err := container.Query.RegisterCaller(ctx, opts.NestedExecFunctionCall)
+		callerOpts := opts.NestedExecFunctionCall
+		if callerOpts == nil {
+			// default to caching the nested exec
+			callerOpts = &FunctionCall{
+				Cache: true,
+			}
+		}
+		clientID, err := container.Query.RegisterCaller(ctx, callerOpts)
 		if err != nil {
 			return nil, fmt.Errorf("register caller: %w", err)
 		}
diff --git a/core/query.go b/core/query.go
index be086d49d5f..22114d5cac8 100644
--- a/core/query.go
+++ b/core/query.go
@@ -18,6 +18,7 @@ import (
 	"github.com/dagger/dagger/dagql/call"
 	"github.com/dagger/dagger/engine"
 	"github.com/dagger/dagger/engine/buildkit"
+	"github.com/dagger/dagger/engine/slog"
 )
 
 // Query forms the root of the DAG and houses all necessary state and
@@ -154,8 +155,10 @@ func (q *Query) RegisterCaller(ctx context.Context, call *FunctionCall) (string,
 	// also trim it to 25 chars as it ends up becoming part of service URLs
 	clientID := clientIDDigest.Encoded()[:25]
 
-	// break glass for debugging which client is which operation
-	// bklog.G(ctx).Debugf("CLIENT ID %s = %s", clientID, currentID.Display())
+	slog.ExtraDebug("registering nested caller",
+		"client_id", clientID,
+		"op", currentID.Display(),
+	)
 
 	if call.Module == nil {
 		callCtx.Deps = q.DefaultDeps
diff --git a/engine/server/buildkitcontroller.go b/engine/server/buildkitcontroller.go
index a3ad5a58a20..450df5c6e92 100644
--- a/engine/server/buildkitcontroller.go
+++ b/engine/server/buildkitcontroller.go
@@ -267,6 +267,12 @@ func (e *BuildkitController) Session(stream controlapi.Control_SessionServer) (r
 	if err != nil {
 		return fmt.Errorf("failed to register client: %w", err)
 	}
+	defer func() {
+		err := srv.UnregisterClient(opts.ClientID)
+		if err != nil {
+			slog.Error("failed to unregister client", "err", err)
+		}
+	}()
 
 	eg.Go(func() error {
 		bklog.G(ctx).Trace("waiting for server")
diff --git a/engine/server/server.go b/engine/server/server.go
index ffcb20465a4..f7bca64d2dd 100644
--- a/engine/server/server.go
+++ b/engine/server/server.go
@@ -382,10 +382,6 @@ func (s *DaggerServer) RegisterClient(clientID, clientHostname, secretToken stri
 		return nil
 	}
 	s.clientIDToSecretToken[clientID] = secretToken
-	// NOTE: we purposely don't delete the secret token, it should never be reused and will be released
-	// from memory once the dagger server instance corresponding to this buildkit client shuts down.
-	// Deleting it would make it easier to create race conditions around using the client's session
-	// before it is fully closed.
 
 	return nil
 }
@@ -403,6 +399,13 @@ func (s *DaggerServer) VerifyClient(clientID, secretToken string) error {
 	return nil
 }
 
+func (s *DaggerServer) UnregisterClient(clientID string) error {
+	s.clientIDMu.Lock()
+	defer s.clientIDMu.Unlock()
+	delete(s.clientIDToSecretToken, clientID)
+	return nil
+}
+
 func (s *DaggerServer) ClientCallContext(clientID string) (*core.ClientCallContext, bool) {
 	s.clientCallMu.RLock()
 	defer s.clientCallMu.RUnlock()