feat(POP-3811): support World ID bedrock user agents

[Guardiola31337]

Description

• Follow-up to https://github.com/worldcoin/oxide/pull/1050 and [POP-3811] support World ID walletkit user agents walletkit#416.
• Add Bedrock User-Agent helpers so World App clients keep WorldApp headers while World ID clients can send WorldID headers.

Changes

• Add UniFFI-exported UserAgent and UserAgentBuilder primitives.
• Map android-id / ios-id client names to WorldID; keep all other client names on WorldApp.
• Add helpers for app, Bedrock, and client suffix segments.
• Re-export the new primitives from bedrock.

Testing Instructions

• cargo fmt --check
• cargo test -p bedrock user_agent --lib
• cargo clippy --all-targets --all-features -- -D warnings
• ./kotlin/build_kotlin.sh
• ./build_android_local.sh 0.2.14-SNAPSHOT
• Attempted cargo test -p bedrock --lib; the ERC4626 tests require local anvil, which is not installed in this environment. Non-anvil tests passed before that blocker.

---

Note

Low Risk
New optional HTTP metadata helpers with no auth or wallet logic changes; deny.toml only suppresses a transitive unmaintained-crate advisory.

Overview
Adds UniFFI-exported UserAgent and UserAgentBuilder primitives so Bedrock consumers can build consistent HTTP User-Agent headers. The builder supports arbitrary name/version segments plus helpers for app version, bedrock/{crate version}, and client/OS suffixes.

World ID vs World App: with_app_segment_for_client uses WorldID/{version} when client_name is android-id or ios-id, and WorldApp/{version} for all other clients (e.g. android, ios). UserAgent::header_value() exposes the final string for FFI.

The new types are wired through primitives::user_agent and re-exported at the crate root alongside the HTTP client types. Unit tests cover empty builds, segment ordering, and each client/product combination.

Also adds a cargo-deny advisory ignore for RUSTSEC-2026-0173 (proc-macro-error2 via alloy), with no dependency upgrade in this PR.

^{Reviewed by Cursor Bugbot for commit cc3138d. Bugbot is set up for automated code reviews on this repo. Configure here.}

[Dzejkop]

there's no difference to just calling with_segment?

[agentotto]

Good catch — you're right, with_client_segment was a pure passthrough to with_segment(client_name, os_version) with no transformation. Removed it and updated the test helper to call with_segment directly (0998b19).

[Guardiola31337]

/otto can you please address the comments? 🙏 Feel free to use gpt-5.5 as model

[agentotto]

I've spawned a GPT-5.5 subagent to address Dzejkop's review comment. It will:

1. Clone the repo and check out the bugfix/POP-3811-world-id-bedrock-user-agent branch
2. Inspect line 80 of bedrock/src/primitives/user_agent.rs to assess whether the method there is truly redundant with with_segment
3. Make the appropriate fix (remove/simplify if redundant, or add a doc comment if there's a real distinction)
4. Run cargo fmt, cargo clippy, and cargo test to verify
5. Push the changes and reply to Dzejkop's review comment

I'll update you once it's done! 🙏

[agentotto]

Respawned with Claude Opus 4.7 — GPT-5.5 hit a quota limit. The new agent is picking up where we left off. I'll update you once it completes! 🙏

[agentotto]

The review comment has been addressed! ✅ Here's what was done:

• Finding: Dzejkop was correct — with_client_segment was a pure passthrough to with_segment(client_name, os_version) with no added logic or transformation, unlike the other helpers (with_app_segment_for_client which resolves the product name, and with_bedrock_segment which injects the crate version).
• Fix: Removed with_client_segment from bedrock/src/primitives/user_agent.rs and updated the test helper to call with_segment directly.
• Verification: cargo fmt, cargo clippy --all-targets --all-features -- -D warnings, and cargo test -p bedrock user_agent --lib (7 tests passed) all clean.
• Pushed as commit 0998b19 and replied to Dzejkop's review comment.

[Guardiola31337]

/otto looks like CI / Cargo deny (advisories) failed

error[unmaintained]: proc-macro-error2 is unmaintained
    ┌─ /github/workspace/Cargo.lock:242:1
    │
242 │ proc-macro-error2 2.0.1 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unmaintained advisory detected
    │
    ├ ID: RUSTSEC-2026-0173
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0173
    ├ The author of `proc-macro-error2` has [confirmed](https://github.com/GnomedDev/proc-macro-error-2/issues/17#issuecomment-4643215473) that the crate is no longer maintained and recommends that users migrate away from it.
      
      `proc-macro-error2` was originally created as a maintained fork of [`proc-macro-error`](https://crates.io/crates/proc-macro-error) (see [RUSTSEC-2024-0370](https://rustsec.org/advisories/RUSTSEC-2024-0370)). Both the original crate and this fork are now unmaintained.
      
      ## Possible Alternative(s)
      
      - [manyhow](https://crates.io/crates/manyhow)
      - [proc-macro2-diagnostics](https://github.com/SergioBenitez/proc-macro2-diagnostics)
    ├ Announcement: https://github.com/GnomedDev/proc-macro-error-2/issues/17
    ├ Solution: No safe upgrade is available!
    ├ proc-macro-error2 v2.0.1
      ├── alloy-sol-macro v1.4.1
      │   └── alloy-sol-types v1.4.1
      │       ├── alloy-contract v2.0.4
      │       │   └── alloy v2.0.4
      │       │       └── bedrock v0.2.14
      │       │           └── (dev) bedrock v0.2.14 (*)
      │       ├── alloy-core v1.4.1
      │       │   └── alloy v2.0.4 (*)
      │       ├── alloy-dyn-abi v1.4.1
      │       │   ├── alloy-contract v2.0.4 (*)
      │       │   ├── alloy-core v1.4.1 (*)
      │       │   └── alloy-signer v2.0.4
      │       │       ├── alloy v2.0.4 (*)
      │       │       ├── alloy-network v2.0.4
      │       │       │   ├── alloy v2.0.4 (*)
      │       │       │   ├── alloy-contract v2.0.4 (*)
      │       │       │   ├── alloy-node-bindings v2.0.4
      │       │       │   │   ├── alloy v2.0.4 (*)
      │       │       │   │   └── alloy-provider v2.0.4
      │       │       │   │       ├── alloy v2.0.4 (*)
      │       │       │   │       └── alloy-contract v2.0.4 (*)
      │       │       │   ├── alloy-provider v2.0.4 (*)
      │       │       │   └── alloy-signer-local v2.0.4
      │       │       │       ├── alloy v2.0.4 (*)
      │       │       │       └── alloy-node-bindings v2.0.4 (*)
      │       │       ├── alloy-node-bindings v2.0.4 (*)
      │       │       ├── alloy-provider v2.0.4 (*)
      │       │       └── alloy-signer-local v2.0.4 (*)
      │       ├── alloy-json-rpc v2.0.4
      │       │   ├── alloy-network v2.0.4 (*)
      │       │   ├── alloy-provider v2.0.4 (*)
      │       │   ├── alloy-rpc-client v2.0.4
      │       │   │   ├── alloy v2.0.4 (*)
      │       │   │   └── alloy-provider v2.0.4 (*)
      │       │   ├── alloy-transport v2.0.4
      │       │   │   ├── alloy v2.0.4 (*)
      │       │   │   ├── alloy-contract v2.0.4 (*)
      │       │   │   ├── alloy-provider v2.0.4 (*)
      │       │   │   ├── alloy-rpc-client v2.0.4 (*)
      │       │   │   └── alloy-transport-http v2.0.4
      │       │   │       ├── alloy v2.0.4 (*)
      │       │   │       ├── alloy-provider v2.0.4 (*)
      │       │   │       └── alloy-rpc-client v2.0.4 (*)
      │       │   └── alloy-transport-http v2.0.4 (*)
      │       ├── alloy-network v2.0.4 (*)
      │       ├── alloy-provider v2.0.4 (*)
      │       ├── alloy-rpc-types-eth v2.0.4
      │       │   ├── alloy-contract v2.0.4 (*)
      │       │   ├── alloy-network v2.0.4 (*)
      │       │   ├── alloy-provider v2.0.4 (*)
      │       │   ├── alloy-rpc-types-anvil v2.0.4
      │       │   │   └── alloy-provider v2.0.4 (*)
      │       │   └── alloy-rpc-types-any v2.0.4
      │       │       └── alloy-network v2.0.4 (*)
      │       └── alloy-signer v2.0.4 (*)
      └── alloy-sol-macro-expander v1.4.1
          └── alloy-sol-macro v1.4.1 (*)

advisories FAILED

[agentotto]

On it — spawning an agent to add an ignore entry for RUSTSEC-2026-0173 in deny.toml. Since there's no safe upgrade (it's a deep transitive dep through alloy-sol-macro), suppressing the advisory is the right call. I'll update you once it's pushed.

[agentotto]

Fixed the cargo deny CI failure by suppressing advisory RUSTSEC-2026-0173 (proc-macro-error2 is unmaintained) in deny.toml.

proc-macro-error2 is a transitive dependency pulled in via alloy → alloy-sol-types → alloy-sol-macro. There is no safe upgrade available upstream, so the advisory has been added to the ignore list in the [advisories] section — consistent with how we handle other unmaintained transitive deps (e.g. paste, serde_cbor).

Verified locally with cargo deny check advisories ✅

[agentotto]

All fixed! ✅ Here's what was done:

• Added "RUSTSEC-2026-0173" to the ignore list in deny.toml with a comment noting it's a transitive dep via alloy → alloy-sol-types → alloy-sol-macro → proc-macro-error2, with no safe upgrade available
• Verified locally: cargo deny check advisories → advisories ok ✅
• Pushed as commit cc3138d to the branch

CI should be green on the next run.