Rename Synthetic ID to Edge Cookie (EC) and simplify generation#479
Draft
ChristianPavilonis wants to merge 5 commits intomainfrom
Draft
Rename Synthetic ID to Edge Cookie (EC) and simplify generation#479ChristianPavilonis wants to merge 5 commits intomainfrom
ChristianPavilonis wants to merge 5 commits intomainfrom
Conversation
aram356
previously requested changes
Mar 16, 2026
Collaborator
aram356
left a comment
aram356
left a comment
There was a problem hiding this comment.
Summary
Comprehensive rename of Synthetic ID → Server Side Cookie (SSC) with simplified HMAC generation (client IP only, dropping Handlebars templates). Cookie, header, query parameter, config section, and error variants are all renamed. The handlebars dependency is removed.
Blocking
🔧 wrench
- Missing new SSC headers in
INTERNAL_HEADERS:x-ts-ssc-freshandx-ts-ssc-trusted-serverare defined but not added to theINTERNAL_HEADERSblocklist, allowing potential leak of user-identity headers to third-party origins viacopy_custom_headers(crates/common/src/constants.rs:49)
Non-blocking
🤔 thinking
- Cookie name break:
synthetic_id→ts-sscsilently invalidates existing user cookies (crates/common/src/constants.rs:3) - Query parameter break:
synthetic_id→ts-sscin proxy forwarding may break downstream consumers (crates/common/src/proxy.rs:438) - Entropy reduction: HMAC now uses only client IP; users behind same NAT share the HMAC prefix (
crates/common/src/ssc.rs:63)
📝 note
- Silent template field removal: Old configs with
template = "..."are silently ignored (nodeny_unknown_fields). Operators won't know the field is unused.
CI Status
- cargo fmt: PASS
- cargo clippy: PASS
- cargo test: PASS
- vitest: PASS
- format-docs: PASS
- format-typescript: PASS
- CodeQL: PASS
prk-Jr
previously requested changes
Mar 16, 2026
Collaborator
prk-Jr
left a comment
prk-Jr
left a comment
There was a problem hiding this comment.
Summary
This PR completes the Synthetic ID → Server Side Cookie rename and simplifies ID generation, but I found a couple of migration/privacy regressions plus a docs/behavior mismatch that should be fixed before merge.
Blocking
🔧 wrench
- Docs and implementation diverge on consent + proxy behavior: the new SSC docs state that ID generation/forwarding are consent-gated and that
/first-party/proxygenerates a new SSC ID when missing, but the current implementation still generates IDs unconditionally incrates/common/src/publisher.rs:239,crates/common/src/integrations/registry.rs:659, andcrates/common/src/auction/formats.rs:81, while proxy forwarding only reuses an existing ID incrates/common/src/proxy.rs:427. Either implement the documented rules or update the docs so they match the code.
CI Status
- fmt: PASS
- clippy: PASS
- rust tests: PASS
- js tests: PASS
ChristianPavilonis
force-pushed
the
feature/ssc-update
branch
from
692fcca to
6e51272
Compare
ChristianPavilonis
dismissed stale reviews from aram356 and prk-Jr
Addressed: added x-ts-ssc-fresh to INTERNAL_HEADERS, removed x-ts-ssc-trusted-server. Non-blocking items are intentional design choices.
- Rename all external identifiers: x-synthetic-id → x-ts-ec, synthetic_id cookie → ts-ec, synthetic_fresh → ec_fresh - Simplify hash generation to use only client IP with HMAC-SHA256, removing User-Agent, Accept-Language, Accept-Encoding, and template rendering - Rename config section [synthetic] → [ec] with backward-compat alias - Rename ec.rs to edge_cookie.rs for clarity - Remove handlebars dependency (and transitive deps) - Add x-ts-ec-fresh to internal headers blocklist - Update all docs with new Edge Cookie (EC) terminology - Fix review findings: remove redundant serde rename, stale optimization entry, leftover 'synthetic' references in agent configs and docs Closes #462
ChristianPavilonis
force-pushed
the
feature/ssc-update
branch
from
28391cd to
11e39dd
Compare
- Rename allows_ssc_creation → allows_ec_creation and update all doc comments, test names, and assertion messages to use Edge Cookie (EC) - Fix intra-doc link [`ec`] → [`edge_cookie`] in lib.rs - Downgrade test log from info to debug in edge_cookie.rs for consistency - Add fallback comment and wire-protocol breaking-change doc in openrtb.rs - Run prettier --write on 3 doc files to fix format-docs CI - Update integration-tests Cargo.lock to sync derive_more 2.1.1
ChristianPavilonis
changed the title
…ences - Rename TRUSTED_SERVER__SYNTHETIC__SECRET_KEY to TRUSTED_SERVER__EC__SECRET_KEY in CI action and local integration test scripts (root cause of CI failure: Viceroy could not start without the EC secret key) - Update stale doc reference synthetic.secret_key → ec.secret_key - Update stale comments in consent_config.rs and consent/types.rs
- Rename struct Ec → EdgeCookie, field settings.ec → settings.edge_cookie - Add serde alias "ec" for backward compatibility with existing configs - Update all TOML configs, env vars, CI actions, scripts, and docs - TRUSTED_SERVER__EC__* env vars → TRUSTED_SERVER__EDGE_COOKIE__* - Validation messages now reference edge_cookie.secret_key
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
infotodebuglevel since client IP is sensitive dataChanges
crates/common/src/edge_cookie.rs(new)synthetic.rs; simplified hash to IP-only HMAC-SHA256; removed template renderingcrates/common/src/synthetic.rs(deleted)edge_cookie.rscrates/common/src/constants.rsSYNTHETIC_ID_HEADER→HEADER_X_TS_EC, cookie/query names updatedcrates/common/src/cookies.rssynthetic_id→ts-ec, function names to ECcrates/common/src/error.rsSyntheticId→Ecerror variant; removedTemplatevariantcrates/common/src/settings.rs[synthetic]→[ec]; removedtemplatefieldcrates/common/src/settings_data.rscrates/common/src/lib.rssynthetic→edge_cookiecrates/common/src/http_util.rscrates/common/src/openrtb.rssynthetic_fresh→ec_fresh(breaking wire-protocol change)crates/common/src/proxy.rssynthetic_id→ts-eccrates/common/src/publisher.rscrates/common/src/consent/mod.rsallows_ssc_creation→allows_ec_creationwith updated docs and testscrates/common/src/consent/kv.rscrates/common/src/auction/formats.rsX-Synthetic-ID→X-TS-EC,X-Synthetic-Fresh→X-TS-EC-Fresh,X-Synthetic-Trusted-Server→X-TS-EC-Trusted-Servercrates/common/src/integrations/*.rscrates/common/src/test_support.rscrates/common/Cargo.tomlhandlebarsdependencycrates/js/lib/src/integrations/gpt/index.tsCargo.lockcrates/integration-tests/Cargo.locktrusted-server.toml[synthetic]→[ec]; removedtemplatefieldCLAUDE.mddocs/guide/edge-cookies.md(new)synthetic-ids.mddocs/guide/synthetic-ids.md(deleted)edge-cookies.mddocs/**/*.md(30+ files)Breaking changes
user.ext.synthetic_fresh→user.ext.ec_freshin OpenRTB bid requestsX-Synthetic-ID→X-TS-EC,X-Synthetic-Fresh→X-TS-EC-Freshsynthetic_id→ts-ecsynthetic_id→ts-ec[synthetic]→[ec](no backward-compat alias)Closes
Closes #462
Test plan
cargo test --workspace— all tests passingcargo clippy --all-targets --all-features -- -D warnings— zero warningscargo fmt --all -- --check— cleancd crates/js/lib && npx vitest run— all tests passingcd docs && npx prettier --check .— cleanChecklist
unwrap()in production code — useexpect("should ...")tracingmacros (notprintln!)