What happened?
The OpenAI-Codex cached WebSocket is keyed only by Pi session ID. If request credentials change from account A to B within the same Pi session, Pi can reuse A's authenticated socket and A's previous_response_id instead of opening a B handshake. This can route the nominal B request through A.
The behavior is present in 0.80.6 and current main (4c1861033b63a04563547ccdb5ed2bf31d4fdcd3). It reproduces without extensions and without contacting OpenAI.
Steps to reproduce
- Stub
WebSocket with an in-process fake that records only a synthetic account claim from handshake headers and emits synthetic response IDs.
- Send a cached-WebSocket request with one synthetic Pi session ID and synthetic account A.
- Extend the context and send a second request with the same session ID and synthetic account B.
- Observe one handshake owned by A and A's response ID in the second request's
previous_response_id.
A permanent regression can assert that A to B creates a new handshake and sends full context without A's prior response ID. Same-account requests and same-account token refresh should continue reusing the socket.
Expected behavior
Cached Codex WebSockets should be reused only when the normalized endpoint and account claim match the connection handshake owner. A real owner change should retire the old connection and continuation before opening a fresh handshake.
Version
0.80.6 (v0.80.6, 2b3fda9921b5590f285165287bd442a25817f17b) and current main (4c1861033b63a04563547ccdb5ed2bf31d4fdcd3).
What happened?
The OpenAI-Codex cached WebSocket is keyed only by Pi session ID. If request credentials change from account A to B within the same Pi session, Pi can reuse A's authenticated socket and A's
previous_response_idinstead of opening a B handshake. This can route the nominal B request through A.The behavior is present in 0.80.6 and current
main(4c1861033b63a04563547ccdb5ed2bf31d4fdcd3). It reproduces without extensions and without contacting OpenAI.Steps to reproduce
WebSocketwith an in-process fake that records only a synthetic account claim from handshake headers and emits synthetic response IDs.previous_response_id.A permanent regression can assert that A to B creates a new handshake and sends full context without A's prior response ID. Same-account requests and same-account token refresh should continue reusing the socket.
Expected behavior
Cached Codex WebSockets should be reused only when the normalized endpoint and account claim match the connection handshake owner. A real owner change should retire the old connection and continuation before opening a fresh handshake.
Version
0.80.6 (
v0.80.6,2b3fda9921b5590f285165287bd442a25817f17b) and currentmain(4c1861033b63a04563547ccdb5ed2bf31d4fdcd3).