Release 4.7.0

Features

• [Private Aggregation] Limit contributions per adtech for private aggregation
• add TEE KV request response in EventMessage
• enable_tkv_v2_browser works in local startup scripts
• Handle interestGroups in TKV v2 adapter

Bug Fixes

• Explicitly set confidential_instance_type
• Port patch fix for bidding server hash stability
• Remove common patch causing bidding server hash instability
• Remove value wrapper from signals fetched from KV V2 response
• Specify exception in except block
• Support Intel AMX CPUs in sandbox2
• udf metric error message
• Verify buyer clouds are in SFE public key list

Note

Known Bug: the boundary of custom histogram metrics is not working. Other types of custom metrics work as expected.

Note

For GCP deployment, If your google provider is older than 5.31, you need to apply

diff --git a/production/deploy/gcp/terraform/services/autoscaling/main.tf b/production/deploy/gcp/terraform/services/autoscaling/main.tf
index 1d1d49c0..b0ee41aa 100644
--- a/production/deploy/gcp/terraform/services/autoscaling/main.tf
+++ b/production/deploy/gcp/terraform/services/autoscaling/main.tf
@@ -203,7 +203,6 @@ resource "google_compute_instance_template" "frontends" {
     enable_vtpm                 = true
   }
   confidential_instance_config {
-    confidential_instance_type  = "SEV"
     enable_confidential_compute = true
   }
 
@@ -360,7 +359,6 @@ resource "google_compute_instance_template" "backends" {
     enable_vtpm                 = true
   }
   confidential_instance_config {
-    confidential_instance_type  = "SEV"
     enable_confidential_compute = true
   }

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"5bd18b1383ddd309f11c50d55474b3ab334d3b8c6af28966c37fe9d237263e7bdc4b89af8cb15b487901a78d2a1b3714"}
• auction_service_prod
  • {"PCR0":"b08220e75d49bed8fbeb7e32784df48c6e8ae06258d546b063381a58498f91144586b77ab89c87da3940b29425f9ba03"}
• bidding_service_non_prod
  • {"PCR0":"0304e925a68aa4d52ddddd5855c57b7cc368c32bd8563dfbadd8866369850ba751d3d2bb69ca1415c2e0646809d7164e"}
• bidding_service_prod
  • {"PCR0":"c9d8d69f5ad2001535a60838c7217a14aef3b675128d081804cbd62c277f85919a74db55ba26e0c5c3cb9234507e8af0"}
• buyer_frontend_service_non_prod
  • {"PCR0":"bc0e0ad653cba92e1dc247470e2c17e27efb501ce0ed2132cf657504a5332adb95b183a92a1eecc4cd8cc4f8b8da3f8f"}
• buyer_frontend_service_prod
  • {"PCR0":"503584fd5ecee12c23db5f90f22ef12a91826ff5c0a4b1a706de695ec1755a6903fadd679e5d84dd36fbbf3f255b0bfc"}
• seller_frontend_service_non_prod
  • {"PCR0":"06a46ba2ece2053eb7fe27daa9db91546bf00faf402c59c8691527adede74acef3bcbe517c67e7727e1d972755a95b86"}
• seller_frontend_service_prod
  • {"PCR0":"7fe3f141ef9771bf2a3488b1f691d05ca0e073dccc58da36b7f985300839f5a37086ac00a6175851760f5f874a3d7dbf"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:49a0ce04a4535be533fcdfd06fda9f9b14b99006822b78c602ed40901744559c
• auction_service_prod
  • sha256:047b90366dbbc88919df3d7270302573519f1b860b96ff6291f7ccc1e88c6cdb
• bidding_service_non_prod
  • sha256:9495a78122b9afbbd1dce10a3ae693d6c85ffa9011ba9ab2ba43a5c0f5142d06
• bidding_service_prod
  • sha256:0ea2dcfc22b9b7ec2557ce0093263a030814d14f77c035f0eb4f85ed58a4e27f
• buyer_frontend_service_non_prod
  • sha256:afa07ff07f89e4ef80e858b5771a62f944c9053d53dfc2e22710e25a7a99801d
• buyer_frontend_service_prod
  • sha256:01fdaaf1058ae938fb3bc89cea7d28a7da87f0a4edcd095aa795050e6bc7ab1c
• seller_frontend_service_non_prod
  • sha256:61428b853f89cf32a9b0ea4479ac9ffa1edf57ad340ced2c78008026fe12389e
• seller_frontend_service_prod
  • sha256:4cf6928e235c29c40b57a74c9acc980e0eb3f4f6f7047fb76647b07a5c56f9ce

Release 4.6.1

Note

Known Bug: Misconfiguration of Cross-Cloud Buyers Causes Crash
Details: If multiple buyers from different cloud environments are configured in BUYER_SERVER_HOSTS but not in SFE_PUBLIC_KEYS_ENDPOINTS, the SFE service will crash.

Bug Fixes

• Fix common repo curl fetching multi chunks
• Remove common patch causing bidding server hash instability

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"b6fa86813bb7982de297f11ac6ef2e6303edb3a24dbbbf73fcb9bda787be846dce968e9d6eb8b6a7d7908003b47683e5"}
• auction_service_prod
  • {"PCR0":"ebc577da088aa88bca6b074916a5a694d878ba826fc7cbc55ff7a768af12f1fbbcf6528232456c2556dc59e30b2b1bb1"}
• bidding_service_non_prod
  • {"PCR0":"fb561d29010370b678d2dadb2f0ebde1bd511b0d752011d4a0ab5e4b6caff63e9aa06e636806a3b997a86b82466a6dcf"}
• bidding_service_prod
  • {"PCR0":"df35407ae543f1367a4a6afa813d926819499a1c9c9cc1a8f68737a2338ab800e3ea48045ce16e5a89ea0650fd30e56b"}
• buyer_frontend_service_non_prod
  • {"PCR0":"f1fbd873f0551b22fc5e459cec1c265607ef8cb6fba133550537c1517c754d41f5f73f323d8997deb772f52a0a26c52d"}
• buyer_frontend_service_prod
  • {"PCR0":"6884458bb1978a377379365792fcc564a00d753bb20f7a843ed7a21e615421f21542c84f94a43308442f5d677bead03f"}
• seller_frontend_service_non_prod
  • {"PCR0":"8e5935237c964ada8fbfdf7c9ffcefa075bc9e5316f2bb81a226e61561b4928cbcf33cc57ca36ae38f945830dc9aa7b4"}
• seller_frontend_service_prod
  • {"PCR0":"f3c21f50a655c11175275ac85e0daccaedf6d1e8c13cc46987657d9a6bb4e9ff3452076890731a6778a0c2fe79f8d78b"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:439eb5f436aa4d4948a0b0ecb9c1331d000cf4833fe7825c97bac787a4fb6467
• auction_service_prod
  • sha256:52e2f1a262f85885183d60b81177cceed4c191ed7b3596fcce3ccd7157385cdd
• bidding_service_non_prod
  • sha256:ce4ebeb3ac4b0b953b1efba0fe49ffc7c2b3f06625b82187aecb9777c2f8cda1
• bidding_service_prod
  • sha256:d9809eac1f99e8884270688c99bb737f043bffbadeb8a5a3ef5611ea92532a6f
• buyer_frontend_service_non_prod
  • sha256:8f606150876b0570193548bd305158e2342fd7a6a8bd175adfa9ee9574fd6d18
• buyer_frontend_service_prod
  • sha256:73a6cf2939653aae07a35019eeb98c4f48c8607797a81309916497c85a417724
• seller_frontend_service_non_prod
  • sha256:a3706ae033f5d310be6e2ad12cd5b1cea72cb3187434678244811b033d89b2a2
• seller_frontend_service_prod
  • sha256:6fdbdced233a461ab00559ceb8106de5403ffe473bb8c550265b5a8939638746

Release 4.6.0

Note

Known Issue : The GCP enclave Image Digest for bidding service generated for your build might be different from the one listed below. We're working on fixing the issue and will release a patch for this release soon.

Features

• Cost estimation tool
• [Private Aggregation] Add a helper function to parse contributions for winning ig
• [Private Aggregation] Add helper function to group PrivateAggregateContributions by AdTech
• [Private Aggregation] Append Private Aggregation wrapper to reportWin wrapper when enabled
• [Private Aggregation] Cbor serialize igContributions
• [Private Aggregation] Cbor serialize paggEventContribtions
• [Private Aggregation] cbor serialize paggResponse
• [Private Aggregation] Integrate Private Aggregation Manager to ScoreAdsReactor
• [Private Aggregation] Integrate utils to cbor encode paggResponse with web_utils
• [Private Aggregation] Modify reportResult js wrapper to use a global ps_response object
• [Private Aggregation] Parse PAgg contributions from reportResult execution response
• [Private Aggregation] Parse PAgg contributions from reportWin execution response
• [Private Aggregation] Populate buyer PAgg contributions in AuctionResult
• [Private Aggregation] Populate ig_idx in PrivateAggregateContributions for Seller
• [Private Aggregation] Populate PAgg contributions from reportResult in ScoreAdsResponse
• [Private Aggregation] Populate PAgg contributions from reportWin in ScoreAdsResponse
• [Private Aggregation] Serialize list of PrivateAggregateContributions
• Add Data Version Header Checking to an SUT
• Add DebugReports proto and adtech_origin_debug_urls_map to SFE response
• Add flag to skip call to buyer KV entirely
• Add internal versions of customer supplied protos
• add metrics for all periodic bucket fetches
• Add per buyer signals
• add seller flag to pass headers from sfe request to bfe request
• add thread count metric for inference sidecar (AWS)
• add thread count metric for inference sidecar (GCP)
• add thread count metric for inference sidecar (GCP)
• Clear seller debug urls in AdScore for single-seller auctions
• Control whether bidding signals are required for generating bids via a flag
• Demo multi region terraform example
• Disable debug reporting on Android
• Disallow inference model fetch period less than 1 min
• Disallow TensorFlow stateful ops
• Divert traffic at frontend load balancer with http header
• Enable k-anon feature
• Example multiregion terraform for AWS
• Flag to skip call to seller KV entirely
• Publish metrics when UDF returns allowComponentAuction=false
• Refactor AWS Terraform in prep for multi-region
• SFE response includes nonce passed in auction config
• Skip buyer debug pings & populate debugReports for component winning IG
• Skip KV or make signals optional via BIDDING/SCORING_SIGNALS_FETCH_MODE flags
• Skip seller debug pings & return debug urls in AdScore for component winning IG
• Support Egress IPv6 in AWS

Bug Fixes

• Ad metadata string is properly escaped for scoreAd JS
• allow periodically fetched bucket blobs to be nested in directories
• BYOB - reserve memory for expected num bids in response.
• Do not override enable_debug_reporting in secure_invoke
• Don't accumulate inference reset count with bad input
• DV Response Header should now be Parsed
• if PAS is not enabled, dont check egress schema fetch configs
• Modify Copybara Config to Include Cost Deps
• Populate bid currency values in Debug Reporting
• Prevent inclusion of empty ad metadata in chrome response
• Randomize chaff request candidates
• Request parsing - prevent batch failure on single request error
• Set model fetcher metrics early to handle early return
• sfe sends blob_versions to bfe
• use latest al2023 image to build enclave parent

Documentation

• Adds nonce field to select ad for mixed mode
• component_seller will be returned from top level auction
• Update comment on modified bid field in AdScore

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"113316ab2ba14601fdfb6941548fd40ea6bfb5152e419990df611f943da1b35b602713c8f0de757cf1ebbce670e8f92e"}
• auction_service_prod
  • {"PCR0":"df6c5af7704111cbdec882c6e3b5a491fc8425cd53f5ee4b2306c982e469f2a24e9d0661b3c02c4e460f106e34d221d1"}
• bidding_service_non_prod
  • {"PCR0":"ad13a2cfd87b8bff041191fd1df9df80d91dacfd7d47db6bf6e1ebfb2aaf8026d912de09d74afa976f35be7a3672fbb0"}
• bidding_service_prod
  • {"PCR0":"8d3327fb37ba5f6b93a1a3bea373003bdff49d43756ff4da3972b37d1facd558396133dadfe6fe5cbe085492d94b70e6"}
• buyer_frontend_service_non_prod
  • {"PCR0":"92340a3e0cb2a16a29907ad57dd4850fb7342fad5ad6313147de5f394bcc0e95fee1709f6e60679d421c054e5758a9ad"}
• buyer_frontend_service_prod
  • {"PCR0":"da8d26d8f89e8b026a3cb6842663cd7e44d204d6bfc148522f4c3dff89f04f24193cf986549de01338c23bac87871f23"}
• seller_frontend_service_non_prod
  • {"PCR0":"720192bde54f7ff1801ec8c09849d0cc7d88834646989bc21da710c441bed1bcc531e2cf07ceeb9a15e3ad0fd9c22ad2"}
• seller_frontend_service_prod
  • {"PCR0":"5b762af06b2a12be0f11602ee5fbe22d33ec982b338f776b3c4072e3c515c2c8742d9bc2092d69c5b5f6c42498f01544"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:0414cef98ffca67bbeb57881df2b62839586c43796eb98e60d95ec4ddac2cdcf
• auction_service_prod
  • sha256:06efee3959878ee86533679331cb1c90b9e1b8f475ba3128b27d83d7cb05ef62
• bidding_service_non_prod
  • sha256:36e9d6c9addd516bd7583dbbd693731b12c0ab49562fc5609ceeadcb980ff72d
• bidding_service_prod
  • sha256:55a0069be019c0d15b734ec221429f44a976823f3e81ad78d1b36267f937976b
• buyer_frontend_service_non_prod
  • sha256:ea1bfe7411bf550330697dc5cab4ab258817e0e939a714918443bde70ecdc655
• buyer_frontend_service_prod
  • sha256:e25cf2ff5c57c39ebc77c4f06dafed5dbe3b9970880bc8340aed4a8f3713fc0d
• seller_frontend_service_non_prod
  • sha256:316bfd430aa34e71ad1857168f7ffec96b02b5e327e0b1aa5f68ac6fc58c8c82
• seller_frontend_service_prod
  • sha256:0bdfab030da54829b9c396fc292ae12755bd835b32496ae1276d6a066f406948

Release 4.5.1

Features

• Publish the cost tool externally

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"97a001192cbed1471bc119455f4ace45ef4b6262e6d783d31ad92f3a19a9bf92f1f39a4198ea925d1512c35aae22b0a5"}
• auction_service_prod
  • {"PCR0":"52caf93be97b1a37b1832a8714a06e0e3d53a61d45432a399c8b01a2774a9573b8b1b6d644d11a0b57e731c4b2ed12b7"}
• bidding_service_non_prod
  • {"PCR0":"c243e1fe495acebec8f88104e8fed990ddc5bd3a61537438ce1d1f98ec393d7b889e7ebb03b5f4004c6b867be2353148"}
• bidding_service_prod
  • {"PCR0":"eac5645c0df0b9e41c989f2530de936320dc2b8ac7870ec0f56ea1f12d6a585ac4e566906c8218d30b91853270880bea"}
• buyer_frontend_service_non_prod
  • {"PCR0":"9fac05f1967ab966bec3b6ae869241ba2a9eb0523d3c2c85af04c67a469622e8eed3f24756317d86b05d3dcd54a35bc6"}
• buyer_frontend_service_prod
  • {"PCR0":"91af02c152f3222d712c2e92d2a3c0901150bc534c037276666689a0506bed7bdb006d04ea7d00e940842b7666d48007"}
• seller_frontend_service_non_prod
  • {"PCR0":"61964f39fefb07b41109b090ea997c3affcaf3d97b5451b043420f4ccba4f257acecabffebb63202d5760d991316e142"}
• seller_frontend_service_prod
  • {"PCR0":"69f112bd90fb68b45e03f61b5e77de5ec52fe90e165157d9d4926667f6b64ca969b0a7a68be3eadf82f85db6fba0e1a6"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:0f6f5b8caffd67ca937ffe46b768630184078ffe46d21bcbdf3d92fffacffb09
• auction_service_prod
  • sha256:151155d90bc1426c8fa5671b64691946232e802f9bc0102c19db6ce9762a1db3
• bidding_service_non_prod
  • sha256:5ca6e476779f77876558a344d10d6f75e2775c63c026849e1417131b1766999e
• bidding_service_prod
  • sha256:1d96840c34e52fe1104eddcec60a5cd6a273625b02236e8b1606ad6486c19f53
• buyer_frontend_service_non_prod
  • sha256:53feea1178930bfe0a6987c7fab933305741aa8441bc385dc8f9f607bbacd1c9
• buyer_frontend_service_prod
  • sha256:bb6d2b7442c09a443d1cc4fe848a7747764e4662694a2e9a9885c0cae0dd819f
• seller_frontend_service_non_prod
  • sha256:3bdbb7482e978ce95784d85e2a969533d03988276559e0bdae29bbdaca802142
• seller_frontend_service_prod
  • sha256:b2ce9cf7736046ae77e2943bb22ebc941faa2e4294c0f0f58266ea0fdbdb8167

Release 4.5.0

AWS Image Build Issue Workaround (Jan 13, 2025)

Due to an issue with how we specified base images for building AMIs, please apply the following patch if you are attempting to build B&A for AWS and seeing an error similar to No AMI was found matching filters:

diff --git a/production/packaging/aws/common/ami/image.pkr.hcl b/production/packaging/aws/common/ami/image.pkr.hcl
index 99fe29f..7b3ae14 100644
--- a/production/packaging/aws/common/ami/image.pkr.hcl
+++ b/production/packaging/aws/common/ami/image.pkr.hcl
@@ -90,7 +90,7 @@ source "amazon-ebs" "dataserver" {
   ami_regions   = var.regions
   source_ami_filter {
     filters = {
-      name                = "al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64"
+      name                = "al2023-ami-20*-kernel-*-x86_64"
       root-device-type    = "ebs"
       virtualization-type = "hvm"
     }

Features

• [Private Aggregation] Make ig index available to populate interest_group_index in PrivateAggrgeteContribution
• [Private Aggregation] Populate id_idx for PrivateAggregateContribution
• Add allow_compressed_auction_config flag to Terraform
• Add bidding.business_logic.debug_url_count metric
• Add bidding.business_logic.debug_urls_size_bytes metric
• Add bidding.business_logic.failed_to_bid_percent metric
• Add compressed auction config field to API
• Add dimension for GenerateBids timed out errors to bidding.errors_count
• Add TCMalloc config for B&A inference
• Allow model eviction grace period
• Control whether scoring signals are required for scoring via flag
• Enable TCMalloc for the TensorFlow sidecar
• Read compressed AuctionConfig in SFE
• remove metric noise for sampled debug request
• Report model eviction via metrics
• With Flag Allow Just Component Signals

Bug Fixes

• Allocate compression output buffer on heap
• Missing inference metric label in AWS dashboard
• Set default value for PRESUBMIT_PERF to 0
• Standardize business logic metrics for generateBids PA and PAS
• Update tag to correctly pass roma_timeout_ms value to Roma

Documentation

• [BYOB] Add guide and sample request for generateBid SDK

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"7c278cd99367fb78762030ba895b1a66d82211eef759c25f21f46dc276f333c3ca9813763cef7478e380d0e2673cb181"}
• auction_service_prod
  • {"PCR0":"000c370071d694492b418f73a32984b0056aee044d168d5ae9aff0191e24184658d6d77e343eb94d445933f137782c75"}
• bidding_service_non_prod
  • {"PCR0":"567d99d726a8fb81d6c7195f8a4a7c2d7947ec7dad9dd20f181959e16adcf09ae410972afe1f83af929ca01b2cc4ab5a"}
• bidding_service_prod
  • {"PCR0":"ccaeed27fe8e77a266b7d8edf57ae3220541c6491685763ed57eef44a6938c6dba578442d91151e9e07d8c1246baaba8"}
• buyer_frontend_service_non_prod
  • {"PCR0":"a75c909484ca1a90433e9e52178defc8b3d90dec8648d90a78fc3805ccdc6dd38bd55d5264646937882f3a368e60fa7e"}
• buyer_frontend_service_prod
  • {"PCR0":"bed9cceeba13967a6ec8a6816b8f4378f46e6d7e7de5bc66b3084bdd9cf80a80e5bca1747865a07d1d1810074001033b"}
• seller_frontend_service_non_prod
  • {"PCR0":"ebc6b7450e34f370ed0870d54926dd7156034d0f86f2dc4e048f7fbb6d0aa6c4275d780570880126c1193d4fe08c97e7"}
• seller_frontend_service_prod
  • {"PCR0":"d6d723ca6000d1b9994898ab6480035a5cebdbd15ff78b994061bebffcbafcaa2c29c3c8bc89a74d13db8586b88932f5"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:6939e482fa16e11fe82c8dbfa662fac4431eef63c9ac56d29e0547b412e7f692
• auction_service_prod
  • sha256:7535671769357d2ef1cbb503f3fbcd7e221c177569c6e3b8e94d3462bd5a2bc6
• bidding_service_non_prod
  • sha256:25feda1243d954403b52e8a83444bd943858166aaff28e7e9019c1f09f786c16
• bidding_service_prod
  • sha256:c84820506a4005caadffc7dc9d1fceb847ba4c2dcf146f4b2bfc7ea8479ce388
• buyer_frontend_service_non_prod
  • sha256:e72b760e772c7bd78e7784484ec99f6e324cf8b718b5ffbf9c92055e91e15a42
• buyer_frontend_service_prod
  • sha256:fb708214c69523155abc6467937bcd6afe8f01e6b009e9974f4e0b2224a45552
• seller_frontend_service_non_prod
  • sha256:42e7c8e72d78583b56bce5935fdb3a41abbb70e50d9723543e0c6a395f2c3caf
• seller_frontend_service_prod
  • sha256:01b98f411b6e6c9ead00f4ab43edc2a6d09bbe0b919dd4cd98f6e7736bf4ca8f

Release 4.4.1

Bug Fixes

• Allocate compression output buffer on heap

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"a540f102d12ef8ef3bdbf8f76d22052613e494989391c5b2b5f7ddf3c41eb1027674799c551a4279e7ba8af5bf2201ee"}
• auction_service_prod
  • {"PCR0":"7191da777c8207337eec94bbd2ffa6a098668875a66a1f01cc5bdb678e87c5dacbe2ab2e79e6b15db053f38c933ff304"}
• bidding_service_non_prod
  • {"PCR0":"09cbacbe1da51b9169383c8953de9264bd58cd2077b8c6bcfe18dd2db11f6f8167e1baa22086b4b325ed86818432c5f3"}
• bidding_service_prod
  • {"PCR0":"e20a7da08ce7c4335fd45e09e11ffe8257332b1e095753e644ba1a0fe81bd8b01240f8632ead15a389a7b67557a40e78"}
• buyer_frontend_service_non_prod
  • {"PCR0":"f9f059fcc36be4e9beebaee2b3e0d3423235840a9cb82c35320cf1aaba5608f15f986d8300f1535632565ee60952a148"}
• buyer_frontend_service_prod
  • {"PCR0":"de6851eb9b2b05ae122a1543e263cf63344bd9fb65a93db60ae36548576668bc95192ee856b61b51ea2ac0fd5d1b4d19"}
• seller_frontend_service_non_prod
  • {"PCR0":"31eb99a423a2aa07f42775bfa26576c8af4e9930326456da9e6d57b354281452e31f1ef05aa2a772871fdeca07a98941"}
• seller_frontend_service_prod
  • {"PCR0":"3c756cffa5a7f9effcbdc4dc4471ec4a92643a704657af6ed580191a9bb45a17d56477b24f3f91756b52e6dfa5b6a4b1"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:f291f84d60c5e98725a633e04a28b5768327efd5ee18111587f429c34c8590d0
• auction_service_prod
  • sha256:e7166d3f9d099a9c169f167ad2fec1965e492a4025579957160a0a54998b8c31
• bidding_service_non_prod
  • sha256:b66e2ef3ac1e9f7c5c94e9614ddfb666ec4bfdf41b9e2e2e1ff3ec6db4bc24da
• bidding_service_prod
  • sha256:fea739036764a12f241edaab850170865defb04cd47924a508c1852fbef9ac12
• buyer_frontend_service_non_prod
  • sha256:645ba32c2abce4e605455750d7f253f85e530304eb739728b8488f5dee44bb80
• buyer_frontend_service_prod
  • sha256:cf4f4ca3408b5f91d111724bc8433e5fb888a3d4162ac9b21026773b1a1fadea
• seller_frontend_service_non_prod
  • sha256:fbb3c29c4932b73a34efd20ba1930fcb8e9c34a3292afb9b449b644b100768b9
• seller_frontend_service_prod
  • sha256:444cde9b30c7bd7adec6af3728dad84853967902d18040d611977f0c26b6f1a4

Release 4.4.0

Features

• Add consented debug logs to seller KV V2
• Add Data Version for buyer to generateBid() browser signals
• add egress schema bucket fetcher
• add egress schema fetch manager
• add flag https_fetch_skips_tls_verification for local testing
• Add priority fields to B&A API
• Add PV support on BFE
• Add PV support on SFE
• Add Seller Data Version to ReportResult
• Add Seller DV to Bid Metadata for ScoreAd()
• Add support for DNS routing by regional LB latency in AWS
• Add support for DNS routing by regional LB latency in AWS
• add top level seller debugging data
• Data Version in BuyerReporting
• enable seller debugging for eligible request
• Implement delete model rpc for inference sidecar
• Implement KV V2 Adapter for Scoring Signals
• Implement KV V2 flag for seller
• Implement v2 bidding support - config flags propagation
• improve SFE response debug logging
• Launch the B&A inference for both PA and PAS
• Pass Data Version to AuctionService
• Pass DV Hdr to Auction Service
• Runtime flag to make all non-prod requests as always consented
• Set Data Version on AdWithBid
• Support Data Version for Seller BYOS KV
• Support inference model deletion in the model fetcher
• [WIP] support per-request spec of egress schema
• [WIP] support per-request specification of seller and buyer udf versions using bucket blobs
• update proto definition for multi blob support
• Use separate tf parameter/endpoint for buyer TKV
• Use separate tf parameter/endpoint for seller TKV
• Validate DV Hdr val size based on clientType
• Validate DV Header values for size based on client type

Bug Fixes

• Check for key in perBuyerSignal before looking up buyer_signals for reporting
• Fix failing e2e test
• Fix Terraform apply when extra args are empty
• Load reportWin code when fetch_mode is local
• load the wrapper with code isolation for local fetch mode
• Log inference model registration failure reason
• Replace prefix-based matching with exact matching for model paths
• Revert saving and deleting Tensorflow models in place to fix memory leak
• Set the correct version_string for reportResult when udf loaded from bucket
• Support a wildcar SSL certificate in e2e benchmark
• update GCP cloudbuild with correct git tag name
• Use correct timeout for Kv V2 bidding signals call

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"3e21246e19d85c46626b87325cc6d41f05ab6928fc3b96f1cc844b75b061302262cfd32add988654cb415414b201b416"}
• auction_service_prod
  • {"PCR0":"a06c8ceec7d4cea8ea8dc12ad576dde4440480256c4c6edf67d8db7d61c11fcce93368d1b3952dc107d9737f55b3f82d"}
• bidding_service_non_prod
  • {"PCR0":"93a39959e326a974ba059d4bd86519a851795817a44e2c3810a15e89932d4cf581b501f0ff27b9b630f2b5413a91802b"}
• bidding_service_prod
  • {"PCR0":"51dd21b5e019dfd1441703c384df8f6d8d0d924be2da29a166ac209c0290d9fb825b87499d5aed2ecf7bc4d9d76cfce0"}
• buyer_frontend_service_non_prod
  • {"PCR0":"212ddddc17006516a4dd35bfcdf752941e7a0654aa62fcf6d228ea76f425234ca96315236a6bbb6422e08f4c665316ac"}
• buyer_frontend_service_prod
  • {"PCR0":"a0095eed3d75745d2b8a6257604eea7e8b06343e29dff396fe314d527f6faba26738b0af08e80e97608b0e28feb51887"}
• seller_frontend_service_non_prod
  • {"PCR0":"135759119fdd12e3b70fccb354606e83178985ce6d1c53fdeac5a9307891f4ece06eceaab3dda25e4b4ae8ea4e8e67e2"}
• seller_frontend_service_prod
  • {"PCR0":"c1e30bb748ba84a3ec166a813ced385b62bda22af95ab18109ed15641417fcc88849676304482d88a3901d91278d80fd"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:f63e14a90e6b307dfb178e3d75bc3e2966f88afba30c1fb322a402aff3a665ce
• auction_service_prod
  • sha256:9f24b1174dfdaf2bbc6634c3558f0b3d353f6055f54d94c5256d15b01283a21f
• bidding_service_non_prod
  • sha256:919a274708bfa320ab855fa16ee24c4e748410239913ae0639aa0e3ba137e4a1
• bidding_service_prod
  • sha256:dc687497e4cf25edcf73aaa90f1d4e86cfd60491c97d197a57d60d24dd974b60
• buyer_frontend_service_non_prod
  • sha256:7a4c6f52344facdd6aa3d6ed5351eef7c942465a8be87fb4ed327dadbbf4fee2
• buyer_frontend_service_prod
  • sha256:99e4008153be9d03843691d98b5734c29407f20a8b55b0ba9ad1f8de2244f443
• seller_frontend_service_non_prod
  • sha256:62d9dcd305a63870ffb2fc24891611b3a7415bd1d910fe6674d1df69f85162e0
• seller_frontend_service_prod
  • sha256:05a4051186320496810cc467a0b71b7986aa08f5244f1ad6db3191e5a71ad475

Release 4.3.0

Known bug

• When seller_blob_fetch_mode and buyer_blob_fetch_mode are set to 1 to fetch from cloud blob, auction server will run into error at reportWin. This will be fixed in Release 4.4.0

Features

• Add priority fields to B&A API
• Add support for DNS routing by regional LB latency in AWS
• Data Version in BuyerReporting
• Implement delete model rpc for inference sidecar
• Implement v2 bidding support - config flags propagation
• Launch the B&A inference for both PA and PAS
• Pass Data Version to AuctionService
• Set Data Version on AdWithBid
• Validate DV Header values for size based on client type

Bug Fixes

• Log inference model registration failure reason
• update GCP cloudbuild with correct git tag name

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"6c09942c99d8e335e4bc09c4a06c4cc83095093346aa4bb3f428bae9f49e0a060d241ed0c6f17b1dd399a448fc6b096c"}
• auction_service_prod
  • {"PCR0":"13ecbcae9dfd1297fc4d43a7af2cdf7775f5831438e42c721284c179cbf4ece4923b6ec7b36d0e98544f4b05be48310e"}
• bidding_service_non_prod
  • {"PCR0":"cce926e513f6b327285299c856925f4eccb6570417408978855bf1b67e59d0198ea623c9c12c780834f78cac5943bf96"}
• bidding_service_prod
  • {"PCR0":"36351486f07e9f6401c443e6841f80694c5b4417c5fb807c95add447e5ec4b8f6e0aa4a737c8feed0306eafa43d2aa8c"}
• buyer_frontend_service_non_prod
  • {"PCR0":"61ab573017c3326b3419bc30a7b4be421d18b4fa4e76f010097e966b9aa7271e3ba3019660a675910b7cb9b0d81b1d3e"}
• buyer_frontend_service_prod
  • {"PCR0":"98bbf8bc3cd4d44694afccf7643c06ff1a7ac6adf6575f66e7744cda002b6bb99d3a0feac3c0dcef1a9e525cb9357bd3"}
• seller_frontend_service_non_prod
  • {"PCR0":"dc6f6f27e770b3a03664fa822d729178ef69eac86165f720f498e01942ce8b0fd8a95ef28ed79e93f7dfb819aca827ae"}
• seller_frontend_service_prod
  • {"PCR0":"0e8a7e0c9b36ea822138b16b34ce8dabc263f193659d26cf3a3a4ba5df479a57ce4e898a616b0ff7294001f28975db9e"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:db812c6d157099f89145f4e169089ef0cbc49277ea7d8bff4d369e588514b19c
• auction_service_prod
  • sha256:bcfdb9c63fedcf5bdc48fb5e10d996d30a128daa24fb46b845dc1bc77fed0445
• bidding_service_non_prod
  • sha256:65874576749859cfeb53f527eead58b63d290a235ac9f6db5a3af08c11a8c1da
• bidding_service_prod
  • sha256:017c6a89c05ad7b632fc1a83cf794bde0fd7ccd885d9f2ca5dc801d48d4441d5
• buyer_frontend_service_non_prod
  • sha256:f617965e205c6b02011d931bf7a6538f57b0ae2aa26f6c8bfdcecaf1be140465
• buyer_frontend_service_prod
  • sha256:191f26d5d8884863d1d6e272b5b6d335f26bafa458f467da63123f1d98ea81b7
• seller_frontend_service_non_prod
  • sha256:7be3676d3449e1fc0d056c8b8f5e329ab67d15ee4d210a9f0595bc2ce5ab568a
• seller_frontend_service_prod
  • sha256:3496d3cf1eefc2d989db666c2eeb24e666c1bb610fbf7ab768848bfa82c644c8

Release 4.2.0

Features

• Updated BYOB development kit (SDK)
• [BYOB] Add udf_execution metrics for generateBid
• add proto field to enable buyer debugging for eligible request
• adding aws inference dashboard
• Enable B&A experiments in GCP by splitting traffic
• enable buyer debugging for eligible request
• Implement Data Version Header for KV Server Clients
• Implement v2 bidding support - add branch selection
• Implement v2 bidding support - add kv_buyer_signals_adapter
• Implement v2 bidding support - update kv dependency
• output packer logs to stderr on AMI creation failure
• Pass data version to GenerateBidsRawRequest
• Support model deletion in model store
• Update Kv client to match the latest contract

Bug Fixes

• Accumulate js_execution.errors_count metric
• Copy common signals instead of move in BuildProtectedAudienceBidRequest
• Fix changelog generation
• GCP demo terraform outputs url
• Prevent a potential read-after-delete bug in the inference benchmark
• start_bidding runs inference default js file
• typo in bidding_service_integration_test and buyer_code_wrapper

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"fae5e812d3fcdfac97d62d82c698babf89556878bcffbb9ffb4c833743351b8255822e9a44a17e623b140f6e0f585575"}
• auction_service_prod
  • {"PCR0":"fa908d156fd7cd31333194c24404ddd50a30611e839190f6972c2535a735ad2e57a3d70f3f2c66a7cd63bc727dd484ee"}
• bidding_service_non_prod
  • {"PCR0":"8fc3fefee69ca9804692857aaa7fcf783aeb13d23d033f8dce6f97b33311c9f146366343e63323cb02680ffc4780883a"}
• bidding_service_prod
  • {"PCR0":"bcfa7983d3c4390f72382a1347ebdefcf176a646df2f90ccf895bc31978733764c1dfc20064198461d164394cc46a38f"}
• buyer_frontend_service_non_prod
  • {"PCR0":"e119dde7262e341270fbfef6893bea014a0338c4cb1f96c530cd98f51d7a8fd0ae755c4b44a29e301a8f7c1252e4124e"}
• buyer_frontend_service_prod
  • {"PCR0":"787df27562fb039e5efdc0ecca9ca11b2ed02e85e91de3f7cb3f4b3ae9e071d719a25a4e484225ad1089644c971f2416"}
• seller_frontend_service_non_prod
  • {"PCR0":"57d14e84871500714e78e3770a018c28bf990e6b8b3f171a9beeb519a944347519ba08b67ceed5af384b9857edc0acd9"}
• seller_frontend_service_prod
  • {"PCR0":"c0a3510cb6dc85c03c954eb79cac79c918b745c71cdb3511bf65405e4c3bb88046be174f2c02bc2fd72fc3da8b2f194d"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:79633fe260908d6cb06e92f582d1113135f34ab8ad66f87ecc122be3404401b1
• auction_service_prod
  • sha256:70b14e237ad76fdec33256fd70d95cb51d00a90a653983774e5fa9c72488b35c
• bidding_service_non_prod
  • sha256:a07c77ccb13c6777bbd90cd5b014bafc4fd5918e1009a4db53b8b05b402b519d
• bidding_service_prod
  • sha256:4ed1e913b28e62777b9a1ed739b15edd56b993cc96001730853ea1c350aa178a
• buyer_frontend_service_non_prod
  • sha256:9624de3b76e5aa41a7e72904f066a00d85d2deb3946e944566182c31ceff245f
• buyer_frontend_service_prod
  • sha256:558d4d70e5d7ba50a78fccfc6b029946e184c97169c11fee2abce9b67d139520
• seller_frontend_service_non_prod
  • sha256:44eea6fcd5bb29ee22fe879dd9f8a4eddfda2e1ada59071e2c1a32e2a242d150
• seller_frontend_service_prod
  • sha256:e3dda64c2c85dc712623347c83dd520b7463d479a4236b7f2a05e6e2c3f41fb3

Release 4.1.0 [MINIMUM-SUPPORTED-VERSION]

⚠ Note

This will be the minimum supported version of B&A services due to the breakage with v4.0.0.

• Buyside Adtechs must update to this version by 31st October 2024 since all previous versions of Bidding service and BuyerFrontEnd service will not be supported after that and any older versions in production will not pass coordinator attestation.
• Sellside Adtechs must update to this version by 14th November 2024 since all previous versions will not be supported after that and any older versions in production will not pass coordinator attestation.

⚠ BREAKING CHANGES

• All sellers and buyers must update the js_num_workers parameter to udf_num_workers in terraform
• Sellers must wait for all the integrated buyers to update to 4.1.0 before updating to accomodate serialization changes in the GetBidsRequest.

Features

• Bring-Your-Own-Binary (BYOB) - Bidding service is adding support for a new interface for the Protected Audience generateBid user defined function(UDF), which will enable the execution of a standalone generateBid binary for each Protected Auction interest group instead of the JS/WASM code. These modes are mutually exclusive - i.e. bidding server supports loading either the generateBid binary or the generateBid JS code at a given time, and this cannot be switched per request. The binary can be loaded into the bidding server using a runtime flag from a URL or cloud bucket. A development kit (SDK), including documentation and the proto file is attached to this release to aid generateBid binary developers.

Note: generateBid BYOB support is only available for functional testing and we do not recommend enabling this in production. Scaled support will be available in a release in November 2024.

• [BYOB] Add buyer code fetcher for executables
• [BYOB] Add dispatch client for generateBid
• [BYOB] Add GCP build setup for Bidding service
• [BYOB] Add gRPC reactor for generateBid binary
• [BYOB] Add info about runtime flags to demo/README.md
• [BYOB] Add interface for clients that load code
• [BYOB] Add to Bidding service critical path
• Add a generic model validator interface for Tensorflow and PyTorch
• Add PrivateAggregation protos to generateBid spec
• add project setup scripts
• add proto support for updateIfOlderThanMs
• BFE parses perInterestGroupData, returns updateIfOlderThanMs data to SFE
• Compress SFE <> BFE comms
• Create new inference dashboard for GCP
• Enable chaffing on SFE prod mode builds
• Enable connecting to TKV via an External LB
• Enable dynamic partition for inference metrics
• Enable model validation for PyTorch
• Enable TCMalloc for B&A inference
• Export all available models as metric
• Freeze a TensorFlow model
• Implement a PyTorch model validator
• Implement a TensorFlow model validator
• Rename JS_NUM_WORKERS to UDF_NUM_WORKERS
• SFE sends updateIfOlderThanMs data to client
• update start_bidding with minimal defaults and local file flag

Bug Fixes

• BYOB generateBid should only parse first bid from binary response
• Ensure gRPC calls don't hang on error
• Fix js_execution.error.count metric
• Fix memory leak in BFE client
• Fix readonly declarations in shell script
• Fix version bump in release script
• Load request files in the init function
• Reduce absl::GetFlag() call in GetBidsReactor
• Renames prev_wins_ms to prev_wins
• Set inference sidecar GRPC keepalive timeout
• update tls cert commands for GCP setup
• Use std::hash instead of absl::hash

AWS enclave PCR0

• auction_service_non_prod
  • {"PCR0":"6b71c60f08033d5546c32e3e6fc198bfa2bdf169020bfb38ea9f10b07b3e15249e5a2198afc6ca3b8293e6b3b4507f33"}
• auction_service_prod
  • {"PCR0":"3edc3ebeb0892d5585771e0c441e26ba5fc70e255a9e7b6fa3c6158237975a83fadd66c1db2f9425f13b48462481690f"}
• bidding_service_non_prod
  • {"PCR0":"8be9d0e07539933a6a2be67202b80da85e0e9dd83ff92beb3c441ac31c9db1b39cbd00546e7fc347bfe23983c4dd8834"}
• bidding_service_prod
  • {"PCR0":"d5bfd889453cdcfa51305a1b153b95b2d889e142d48ec037114929706c6a0b9614ca075ace90cdc232529f6bf47162cb"}
• buyer_frontend_service_non_prod
  • {"PCR0":"5f2ad634d6f69c98206609fbd3798e1f329e0088e759889742ebd81ca7bae12d26a1cd4d01a7d91fa29a4c6fa611e925"}
• buyer_frontend_service_prod
  • {"PCR0":"fd66e86c0d644dcc23bb8eb9745dfd814bd84e2ef17d646630b99ae135bc27ece7499036656a5bb5ec4288a18bf95da8"}
• seller_frontend_service_non_prod
  • {"PCR0":"7de48814fed336d8357e8e635bad25e06bfee4f113d64b2a1987c454d14a069648598929337b1be203a418a81e82ad2f"}
• seller_frontend_service_prod
  • {"PCR0":"9cfc55a1e03b60ab156c0a407ceee5c3235ed145603f6816c922b605b6a27858ef8b0a209915000e4f004ceed8112fe2"}

GCP enclave Image Digest

• auction_service_non_prod
  • sha256:c48b26428a3370ccbe2d0a752203cb750f8207e47e1464e7ccaf78bfea87b303
• auction_service_prod
  • sha256:66f44438d9dd7f2066f403c54217db67e265b7c88ad59eeb0cc959c6d799403e
• bidding_service_non_prod
  • sha256:f3a47a512057d9577a992b78405a88acec9977e691af7334a36ae9c462514fbc
• bidding_service_prod
  • sha256:6df9f1bb64e74fdd563bcf8a17941a7af7a027118c0b5b026aec56f126509573
• buyer_frontend_service_non_prod
  • sha256:6499845420b6486fee5d648374313b66f41d8fd641549b390e4eb289ce83226a
• buyer_frontend_service_prod
  • sha256:6b538697382da1b2d7ca93551e64bf53715726f43b5250ae368f153d0342eb6a
• seller_frontend_service_non_prod
  • sha256:e7187da29560d4def57c60a8c1134ade76427833a934185812268b57b654d432
• seller_frontend_service_prod
  • sha256:95d4372f421c5a5516546c6fd4a1a17ba43efcabcef01cc14a7b04357926d8e1