-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Seeking feedback on propagating contextual signals to TEE KV server #72
Comments
I'm trying to understand the core problem/challenge this proposed feature addresses, and I'm not sure I can capture it.
I would guess this part is the most relevant for this?
Is this a problem? |
Good point @davidae . I updated the doc. Please see the introduction section |
I'd be interested in knowing whether it would be possible to create within the TEE KV system a separate "contextual" processor that generates This seems like it could be a huge cost saver for smaller DSPs focusing on retargeting, which have interest groups on only a small fraction of browsers, so that they don't need to handle contextual requests for vastly more auctions than they actually participate in. In essence this would enable "pre-targeting" since they'd only have to handle auctions for browsers where they have an interest group. |
It's currently actually the other way around - the signals for the win report (that is, a report sent from reportWin()) can't have too much information from the site that joined the interest groups (contextual signals from joining page / signals from within the IG itself). It's allowed to have full information from the page that ran the auction. There are any number of ways to pass information about the page that ran the auction to reportWin(). reportResult() gets auctionSignals, perBuyerSignals, directFromSellerSignals, and sellerSignals, all of which can contain full context about the page running the auction. Hopefully this constraint can be relaxed once we remove event-level reporting, in favor of aggregated reporting, but that won't be happening any time soon, I believe. |
Matt IIUC I don't think the question breaks the constraint you mentioned though as it does suggest to "not to use first-party input". |
The suggestion was for the field to be included in the win report. I assume this was talking about an event-level win report, which is also able to include contextual data. |
I am talking about the event-level win report, but an not talking about first-party data. The proposal that this issue relates to involves sending contextual data to the KV store. My ask was that there be a way to provide precisely that contextual data (without any first-party data, but with DSP-specific manipulation of that data, e.g. to apply some machine learning model to that contextual data and log the output) to the event report. We can (and do) already do this, but it requires that we participate in a contextual auction, which is an expensive waste of resources when most contextual auctions are for browsers where we have no interest group. If we could stop participating in contextual auctions our costs would be proportional to the number of auctions that we participate in, which would be a huge savings. To summarize the summary: the idea is that if the KV store were to allow us to separate the "digest the contextual data and turn it into input to our bidder" process from the "look at all available data and bid" then the output of the former (non-first-party) code would be safe to log in the win report, which would be very beneficial for smaller DSPs focusing on retargeting. |
Ah, so by "is known not to use first-party input" you mean first-party data relative to the origin the IG was joined on (Or data stored in the IG about the user derived from that context), rather than information from the origin running the auction. That sounds reasonable. |
Thanks for envisaging this feature which would unlock some interesting use cases like being able to filter more information based on the full publisher url or doing some supply side optimization based on the sellers that are active for the current auction. We think that this feature would be mostly useful for on-device auctions and inject more signals to the server side computing part inside the KV server. For server side auctions (B&A) it seems like the generateBid layer already gives access to the IG and to perBuyerSignals and therefore provides enough information to get access to those signals server side. Not sure it is necessary in this case to send more signals to the trusted KV Server. For on-device auctions it seems important not to break the parallelization feature because it would slow down the auction flow too much. So it looks like perBuyerSignals should probably be one promise for each buyer instead of one promise for all buyers in order not to slow down buyers that don’t want to wait for the contextual call to resolve Today the KV service call looks like an expensive call already. One down side might be that injecting contextual signals might break the fact that the KV service calls is shared across supply side channels because each seller might setup different signals. It could potentially behave similar to the feature to split up KV calls maxTrustedBiddingSignalsURLLength, like grouping all seller information inside one single KV call instead of sending multiple calls. As it is not straightforward to know if multiple calls or 1 call are needed, probably better to provide some configurability here and maybe also let the DSP control what they want to receive. With those new signals it also looks very important to be able to execute the inference layer in the KV service also (protected-auction-services-docs/inference_overview.md at main · privacysandbox/protected-auction-services-docs ) because one key feature that could be executed by the KV service would be ML inference. Did you consider sending more user data to the KVS like the information from prevWins ? |
We have published an explainer on how |
@lx3-g As explained before most of the value of this feature seems to come from on device auctions. Will it be available also for on-device auctions ? |
Hi Fabian Höring, Whether the value of this feature comes from on device auctions or B&A depends on specific use cases. As the explainer states, the support for on-device auctions will be available. We will update this thread once it is. |
@lx3-g Can you go into more details on what exact use cases you have in mind for B&A and injecting more signals to the KV server ? I didn't find this anywhere but maybe I missed something and I think it would be interesting to share/document this. It would allow a better understanding on the direction forward in general. |
Sure, I think this issue above covers it with “Some logic impossible to run in generateBid() or scoreAd() can actually run in the TKV. Reasons include that it may rely on a large amount of data.” One scenario can be that some data that is looked up in TKV depends on Note that for B&A AdTechs don't need to worry about parallelization and can get the full set of buyer signals whereas for on-device there is a trade off between the full set of signals and parallelization. More about it in the “Parallelization compatibility” above. |
For the B&A use case I think it should be further discussed. In this case the frontier between a compute optimized bidding later and a storage optimized KV layer seems to become very bury. It somehow questions the whole architecture. In this case, from my point of view, it doesn't make sense to have an additional load balancer, BFE and bidding server at all and just skip them, simplify the whole architecture and do everything with one container. Why would one still need all those other layers as they seem to provide only additional latency ? |
I will add this topic to the agenda of one of next WICG discussions. |
Note: This issue describes possible new functionality for Protected Audience. It is not necessarily a feature that will ship in the near future, but we are considering it as an optional backwards-compatible potential API improvement. We are interested in hearing feedback with this post.
Context
This post seeks feedback for the concept of propagating contextual signals as part of the TKV (Trusted Key Value server) request.
This post will mostly explain in the context of on-device auctions but we also consider the same capabilities for the Bidding & Auction services.
Introduction
Today the SSP can provide contextual information to PA auctions by specifying perBuyerSignals and sellerSignals in the Auction Config. The content of the signals can come from various sources including the contextual auction responses and information on the page. But these signal fields are only available to generateBid() or scoreAd(), not the key value service. There is only very limited contextual information sent in the TKV request, such as hostname and ad slot size.
This poses some challenges to the design for certain use cases:
The list is not exhaustive.
The flow
Diagram: example flow related to the DSP KV server
In this post we envision 2 new fields in AuctionConfig:
This allows the SSP to specify additional contextual information to the TKV server.
This information is only available in the request to the TEE-based implementation of the KV server. BYOS KV servers do not have access to this information.
Parallelization compatibility
Parallelization is an important performance optimization today where the contextual ad auction happens in parallel to other PA auction actions, particularly the TKV trusted bidding signal request.
Including perBuyerTKVSignals to TKV request can impact the parallelization: If the signals depend on the contextual auction response, the TKV request will need to wait for the contextual auction to finish, forgoing the parallelization feature. On the other hand, if perBuyerTKVSignals contains just information available on the page, such as the full page URL, the parallelization can still be effective.
The SSPs and DSPs need to make a tradeoff between having more signals and keeping parallelization effective.
There are a few potential mechanisms to isolate the tradeoff to be under each DSP’s own control without impacting other buyers or the auction overall. Ideas include that the SSP creates two component auctions. One auction would include DSPs who prioritize parallelization and rely solely on on-device contextual signals. The other would be for DSPs willing to await the contextual auction results before sending their TKV requests. Feedback on this approach is crucial. Further discussions will help refine this strategy and explore different configuration ideas, such as consolidating the two auctions into a single, unified one.
Server side processing
The signals can be available to the UDF running inside TKV, similar to hostname and ad slot size as metadata. The rest of the flow is the same as today.
The new signals could enable more capabilities to happen within the TKV. A notable example is brand safety where the DSP TKV can perform some verification on the full publisher site URL to provide extra decision making input. We will describe more about this example in another feedback-seeking post.
Since this information is only available to TEE KV server, today an adtech cannot make use of this unless they migrate from BYOS to TEE KV server. We are also interested in getting feedback about an intermediate setup before TEE KV enforcement. The setup is considered a “Hybrid mode” where an adtech can deploy both a BYOS system and a TEE KV system that collaborate to complete a request. So some logic can stay in the BYOS stack and other logic can be migrated to the TEE KV system first. More details will be provided in a separate issue.
Bidding & Auction service flow
The device can also pass these fields to the Bidding & Auction services. In addition, for DSPs, the Bidding & Auction service can pass the perBuyerSignals to the TKV. There are no parallelization concerns as the contextual ad auction completes before the Bidding & Auction flow starts.
The text was updated successfully, but these errors were encountered: