Skip to content

Use collision-resistant request IDs in responses and logs #3404

New issue
New issue
Open
Open
Use collision-resistant request IDs in responses and logs#3404
@davidahmann

Description

@davidahmann
davidahmann
opened on Feb 25, 2026

Problem

Request/response correlation IDs in server responses/logging can collide under concurrent traffic, weakening traceability and operational debugging.

Why now

Reference MCP servers are used as examples for production-like integrations and should model robust correlation-ID behavior.

Evidence Packet

  • Version/commit under test: origin/main at 04cce79b4c2b
  • Runtime environment: macOS 26.3 (arm64), Node 22.19.0, Python 3.14.0
  • Minimal repro:
    1. Send high-concurrency request bursts across server tools.
    2. Inspect response/request correlation IDs and logs.
    3. Detect ambiguous or reused identifiers.
  • Expected behavior: collision-resistant IDs per request/operation.
  • Actual behavior: correlation identifiers are not consistently collision-resistant across server surfaces.

Why code change (not docs)

Correlation ID generation and propagation are runtime/logging contracts.

Scope / Codepaths

  • src/*/src
  • src/*/server

Acceptance Criteria

  • Request IDs include collision-resistant component.
  • IDs propagate consistently into responses and logs.
  • Concurrency tests confirm uniqueness.

Validation Plan

  • Add high-concurrency ID uniqueness tests.
  • Validate response/log correlation contract stability.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions