OpenAI injects single_advertiser_ad_unit objects into ChatGPT’s SSE stream and closes the attribution loop via the OAIQ merchant SDK and Fernet-encrypted click tokens.
Key Takeaways
Ad units arrive as typed SSE events on chatgpt.com/backend-api/f/conversation, structurally separate from model output, carrying advertiser_brand, carousel_cards, and four Fernet tokens per unit.
Attribution uses four encrypted blobs: ads_spam_integrity_payload (server-side anti-fraud), oppref (forward attribution, 30-day cookie), olref (impression logging), and ad_data_token (SSE-to-click reconciliation).
The merchant-side SDK oaiq.min.js (v0.1.3) loads from bzrcdn.openai.com, reads ?oppref= from the landing URL, writes __oppref and __oaiq_domain_probe cookies, and POSTs conversion events to bzr.openai.com/v1/sdk/events.
Targeting is contextual per conversation: six topics across one test account yielded six different advertisers including Grubhub, GetYourGuide, Axel, Gametime, Aritzia, and Canva.
Fernet’s first nine bytes expose the token mint timestamp without OpenAI’s key; a captured Home Depot click showed 95 seconds between token minting and browser fetch.
Hacker News Comment Review
Consensus view: because ad units arrive as distinct SSE event types rather than embedded in model text, they are trivially blockable today – commenters flagged bzrcdn.openai.com and bzr.openai.com as the two domains to filter.
The deeper concern raised is not the current display-ad format but the future risk of adversarial content shaping model outputs through training data or fine-tuning, which this architecture does not protect against.
Sam Altman’s 2024 statement calling ads a “last resort” surfaced repeatedly; commenters read the launch as a signal of cash pressure rather than a planned product evolution.
Notable Comments
@mvvl: “Ads don’t influence responses” – arrives in the same payload, four attribution layers, “politely pretend to be coincidences.”
@torben-friis: Flags adversarial content injection into model weights as the unsolved version of this problem – SEO spam is the analogue.
@Aurornis: Clarifies ads are scoped to the free tier and the $8/month Go plan, not paid subscriptions – a detail the article does not specify.
