Skip to content

Avoid no-op EC KV reads in post-send pull sync#900

Draft
ChristianPavilonis wants to merge 1 commit into
fix/kv-eid-request-snapshot-ec-ttlfrom
fix/no-op-kv-reads
Draft

Avoid no-op EC KV reads in post-send pull sync#900
ChristianPavilonis wants to merge 1 commit into
fix/kv-eid-request-snapshot-ec-ttlfrom
fix/no-op-kv-reads

Conversation

@ChristianPavilonis

Copy link
Copy Markdown
Collaborator

Summary

  • Skip post-send identity-graph construction when pull sync has no eligible work.
  • Add a signed, one-hour browser completeness marker bound to the active EC ID and current pull-partner set.
  • Preserve shared snapshot reads required by auctions, EID ingestion, withdrawal, and orphan recovery while safely falling back for stale or invalid markers.

This PR is stacked on #885. The zero-operation guarantee is scoped to KV work caused solely by pull sync; other identity lifecycle consumers may still require the shared EC snapshot.

Changes

File Change
crates/trusted-server-core/src/ec/pull_sync_marker.rs Add the signed marker protocol, partner-set fingerprinting, cookie lifecycle, and focused tests
crates/trusted-server-core/src/ec/{mod,finalize,pull_sync}.rs Carry marker state, reconcile it before response delivery, and prepare no-op pull paths before graph construction
crates/trusted-server-core/src/publisher.rs Validate markers before snapshot preload while preserving reads required by other identity consumers
crates/trusted-server-adapter-fastly/src/main.rs Construct the post-send identity graph only after pull-sync preparation succeeds
docs/guide/edge-cookies.md Document the host-only marker and its bounded behavior
docs/superpowers/plans/2026-07-13-issue-880-no-op-pull-sync-kv-reads.md Record the reviewed implementation plan and validation contract

Closes

Closes #880

Test plan

  • cargo test-fastly && cargo test-axum
  • cargo clippy-fastly && cargo clippy-axum
  • cargo fmt --all -- --check
  • JS tests: cd crates/trusted-server-js/lib && npx vitest run
  • JS format: cd crates/trusted-server-js/lib && npm run format
  • Docs format: cd docs && npm run format
  • WASM build: cargo build --package trusted-server-adapter-fastly --release --target wasm32-wasip1
  • Manual testing via fastly compute serve — not run
  • Other: cargo test-cloudflare, cargo test-spin, cross-adapter parity, and all Cloudflare/Spin native + WASM clippy targets

Checklist

  • Changes follow CLAUDE.md conventions
  • No unwrap() in production code — use expect("should ...")
  • Uses log macros (not println!)
  • New code has tests
  • No secrets or credentials committed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant