Cycles

Appearance

← Blog

· Albert Mavashev · 9 min read

engineeringobservabilitydebuggingruntime-authorityproductionoperations
Share Share

W3C Trace Context for AI Agent Debugging

It's 2 AM. Your agent stack just tripped a spend alert. The monthly bill on one tenant is climbing at 4× the usual rate, and the incident channel wants to know which agent, which workflow, and which tool call is responsible — in time to intervene before the budget actually runs out.

You have four log sources to stitch together. The admin plane recorded the budget reservations. The runtime plane authorized the calls. The events service fanned webhooks to your on-call hooks. Your audit store captured the approvals. Each one has timestamps and tenant IDs, and each one captured its own request ID. None of them agree on which rows belong to the same operation.

Thirty minutes of jq later, you have a theory. Forty-five minutes in, you have a second theory. By then, the budget has leaked another $400.

This post is about what that debugging loop looks like when every plane shares a W3C Trace Context identifier, and what it takes to get there. The short version: Cycles treats trace_id as a first-class correlation key on every response header, every emitted event, every webhook delivery, and every audit row. A single 32-character hex string is enough to pull the whole causal picture out of a running stack — without a new agent, a new SDK, or a bespoke schema.

Observability alone hits a wall on multi-plane systems

Most LLM observability tools — Langfuse, LangSmith, Helicone, and their cousins — live in one slice of the stack: they proxy the LLM call, capture prompt and response, and surface cost and latency. That's real value for a single-agent workload. It falls short the moment your system has more than one plane of decision-making.

An agent budget system has at least four:

PlaneWhat it decidesExample operation
AdminWhether a budget/policy exists and what it allowsPOST /v1/admin/budgets
RuntimeWhether a specific call is authorized right nowPOST /v1/reservations, POST /v1/reservations/{id}/commit
EventsWhich downstream consumers hear about a decisionWebhook delivery to PagerDuty, Slack, Datadog
AuditWhat the operator-facing record of the decision looks likeGET /v1/admin/audit/logs

Each HTTP request gets its own request_id. The LLM observability layer sees only the leaf call, not the reserve-commit pair around it. And every plane has its own clock and its own log pipeline, so time-range filters collide with any decision taken inside a single-digit-millisecond reservation flow.

You can build correlation after the fact — cross-joining on tenant + scope + timestamp is a 2-hour analytics exercise. You can't run that cross-join in real time, which is exactly what an incident needs.

W3C Trace Context solves this by making the correlation identifier travel with the request, across every hop, in a header shape that every modern distributed-tracing system already understands.

What Cycles carries end-to-end

As of Cycles protocol revision 2026-04-18, every plane in the stack participates in one trace_id. When a request arrives, Cycles takes this identifier from one of three sources, in strict order:

  1. traceparent header — adopted when present and well-formed. The current format is identified by a version field of 00, per the W3C Trace Context Recommendation (23 Nov 2021).
  2. X-Cycles-Trace-Id header — a 32-character lowercase hex string, used when no valid traceparent is present.
  3. Server-generated — 16 random bytes, 32 lowercase hex, all-zero trace IDs are rejected and re-rolled per the W3C §3.2.2.3 trace-id format rules.

A malformed correlation header never causes Cycles to reject the request. The server silently falls through to the next rule. If both headers are present, valid, and disagree, traceparent wins — an upstream W3C-aware gateway is the authoritative source of truth.

From there, the same trace_id lands on every downstream artifact:

  • Every HTTP response carries X-Cycles-Trace-Id: <32-hex>, whether the response was 2xx, 4xx, or 5xx.
  • Every ErrorResponse body populates a trace_id field (optional in the schema, populated by cycles-server v0.1.25.14+ and cycles-server-admin v0.1.25.31+).
  • Every emitted event on the event stream — reservation created, committed, released, expired, overdraft, etc. — carries the trace_id of the originating request.
  • Every AuditLogEntry persists the trace_id of the HTTP request that triggered it.
  • Every webhook delivery POSTs an outbound traceparent: 00-<trace_id>-<16-hex-span>-<trace-flags> header plus an X-Cycles-Trace-Id mirror. The span-id is freshly generated per delivery; the trace-flags byte preserves the inbound W3C sampling decision when traceparent_inbound_valid was true, and defaults to 01 (sampled) otherwise.

That one identifier is the end-to-end thread through admin → runtime → events → webhook consumer. And because the webhook outbound headers follow the current traceparent format, your consumer's tracing infrastructure — Datadog APM, Honeycomb, Jaeger, Tempo, OpenTelemetry Collector — picks up the span automatically, without a custom adapter.

Three identifiers, three different questions

Experienced operators sometimes ask why Cycles doesn't just collapse everything into one ID. The answer is that three different questions show up at different stages of an incident, and collapsing them loses fidelity:

IdentifierScopeLifetimeGenerated byAnswers
request_idOne HTTP requestMillisecondsCycles server"Which log line does this one response belong to?"
trace_idOne logical operationSeconds to minutesUpstream or Cycles"Which reserve-commit pair + downstream events belong to this agent call?"
correlation_idOperator-defined clusterArbitraryOperator"Which budget decisions all belong to this overnight batch run?"

A reserve-commit lifecycle — for example, reserving budget before an LLM call, committing on success, releasing on error — spans multiple HTTP requests. Each request has its own request_id; all three share one trace_id. correlation_id is the layer above that: the operator groups a whole multi-hour batch by stamping it, and the trace IDs within that batch can still be used to drill into any individual decision.

This mirrors the OpenTelemetry semantic conventions for distributed systems, where trace is the causal axis and correlation is the grouping axis. Nothing novel — just applied consistently through an agent budget stack.

A 2 AM debug, with trace_id

Here's the incident loop when correlation is wired in. An alert fires on elevated reservation-release rate:

bash
# On-call engineer grabs the trace_id off the failing response
curl -i -H "X-Cycles-API-Key: $CYCLES_API_KEY" \
  "http://localhost:7878/v1/reservations/res-abc/commit"
# → HTTP 409 Conflict
# → X-Cycles-Trace-Id: 4bf92f3577b34da6a3ce929d0e0e4736
# → { "error": "BUDGET_EXCEEDED", "trace_id": "4bf92f3577b34da6a3ce929d0e0e4736", ... }

One pivot against the admin audit stream reveals the full decision:

bash
# Pull every audit row tied to this trace
curl -s -H "X-Admin-API-Key: $ADMIN_KEY" \
  "http://localhost:7979/v1/admin/audit/logs?trace_id=4bf92f3577b34da6a3ce929d0e0e4736&limit=50" | jq
bash
# Pull every emitted event tied to this trace
curl -s -H "X-Admin-API-Key: $ADMIN_KEY" \
  "http://localhost:7979/v1/admin/events?trace_id=4bf92f3577b34da6a3ce929d0e0e4736" | jq

Two queries — executed in parallel — give you the full causal picture: the reservation that consumed the budget, the commit that tipped over the cap, the events emitted to downstream webhooks, and the audit rows stamped with actor + scope + trace_id. No time-range guessing. No tenant-by-tenant cross-join. A thirty-minute debug session compresses into a couple of API calls.

Cycles' Where Did My Tokens Go? post walks a similar debug using correlation_id and scope path. trace_id is the layer below that: for a single operation, it pinpoints the exact reservation + commit + event chain; correlation_id scales that up to a whole batch run.

Webhook consumers inherit the trace for free

A subtle but important payoff: because Cycles' outbound webhook headers are W3C v00, your consumer's tracing just extends the span.

A Python handler that wants to produce an OpenTelemetry child span looks like this:

python
from fastapi import FastAPI, Request
from opentelemetry import trace
from opentelemetry.propagate import extract

app = FastAPI()
tracer = trace.get_tracer(__name__)

@app.post("/cycles/webhook")
async def handle_webhook(request: Request):
    # Extract W3C trace context from Cycles' outbound traceparent header
    ctx = extract(dict(request.headers))
    with tracer.start_as_current_span("cycles.webhook.process", context=ctx) as span:
        event = await request.json()
        span.set_attribute("cycles.event.type", event.get("event_type"))
        span.set_attribute("cycles.tenant", event["tenant_id"])
        # ...route to PagerDuty / Slack / Datadog per your runbook

The span this handler produces is a child of the span that originated in the agent request that triggered the budget event. That means in your tracing UI of choice, you can click from "webhook delivery to PagerDuty" back up through the reservation commit that caused it, back up through the original agent HTTP request — without a single custom correlation field, and without a Cycles SDK.

For signature verification, idempotency, and delivery retries, see Operational Runbook: Using Cycles Runtime Events.

Phased rollout and version pins

Not every plane shipped trace_id at the same time. When you're upgrading in a staged environment, the minimum versions matter. These are current as of publication; confirm against each service's release notes before planning your upgrade:

PlaneMinimum version to populate trace_id
cycles-server (runtime)v0.1.25.14 — ErrorResponse, emitted events
cycles-server-eventsv0.1.25.7 — outbound webhook traceparent + X-Cycles-Trace-Id headers
cycles-server-adminv0.1.25.31 — persisted on WebhookDelivery records, queryable via trace_id filter
cycles-dashboardv0.1.25.39 — dashboard surfaces trace_id filter on admin endpoints

Pre-v0.1.25.14 rows will not have trace_id populated. During a phased rollout, queries should also fall back to request_id for backward compatibility on older audit and event rows. Every version listed is available as a published image on ghcr.io/runcycles/...; the Full Stack Deployment Guide pins an aligned combination if you're bringing the whole stack up at once.

Where this fits against observability-only tools

The LLM observability market is crowded, and it's easy to confuse "tracing" with "observability." They solve different problems.

Observability-only (Langfuse, LangSmith, Helicone)Runtime authority + trace context (Cycles)
Timing of decisionPost-execution (logs what happened)Pre-execution (decides what's allowed)
Scope of visibilityLLM call + immediate proxyAdmin policy → runtime reserve/commit → events → audit → webhook consumers
Correlation surfaceTrace within the proxy's capturesW3C Trace Context across every Cycles plane + into your downstream tracing stack
What it preventsNothing — visibility onlyOverspend, unauthorized actions, uncontrolled delegation
What it explainsPrompt, response, latency, cost of one callThe full causal chain: which policy, which reservation, which commit, which events, which webhook consumers

The complement matters. Observability tells you what did happen; runtime authority decides what will happen; trace context is the thread that stitches the two views together — so the post-execution capture you already trust can reach into the pre-execution decisions an authorization layer makes. See Runtime Authority vs. Guardrails vs. Observability for the broader pattern.

The operational takeaway

Distributed tracing isn't a new idea. What's new is applying it rigorously to the decisions an AI agent stack makes about an LLM call, not just the LLM call itself. A 32-character hex string — handed to you by your load balancer, your API gateway, or Cycles itself — is enough to collapse four planes of logs into one causal picture, turn a 30-minute incident into a 30-second query, and hand every downstream webhook consumer a span they can parent their own work under.

If you're already emitting traceparent from an upstream W3C-aware gateway, Cycles will pick it up. If you aren't, Cycles will mint one and stamp it on everything it touches. Either way, the correlation surface is the same.

Last updated:

Released under the Apache 2.0 License.

Copyright 2025-present RunCycles.io