crtx-llm 0.1.1

Claude, Ollama, and replay adapters behind a shared trait.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357

//! `LlmAdapter` trait and the request / response / error types it exchanges.
//!
//! This module is the single shape that every LLM backend in Cortex implements
//! — Claude, Ollama, and the deterministic [`crate::replay::ReplayAdapter`]
//! used in CI. The contract is the one frozen in
//! [BUILD_SPEC §12](../../docs/BUILD_SPEC.md): a single async `complete`
//! entry point, a request struct that fully describes the call, and a
//! response struct that returns text, optionally-parsed JSON, the model name
//! that actually answered, token usage, and a stable byte-hash of the raw
//! response (`raw_hash`).
//!
//! `LlmAdapter` is `Send + Sync` so it can live behind an
//! `Arc<dyn LlmAdapter>` shared across the agent runtime.
//!
//! ## Example
//!
//! Implementations live in adapter-specific modules; here is the trait and
//! the request / response surface in their canonical form:
//!
//! ```rust
//! use async_trait::async_trait;
//! use cortex_llm::adapter::{LlmAdapter, LlmError, LlmRequest, LlmResponse};
//!
//! struct EchoAdapter;
//!
//! #[async_trait]
//! impl LlmAdapter for EchoAdapter {
//!     fn adapter_id(&self) -> &'static str {
//!         "echo"
//!     }
//!
//!     async fn complete(&self, req: LlmRequest) -> Result<LlmResponse, LlmError> {
//!         let text = req.messages.last().map(|m| m.content.clone()).unwrap_or_default();
//!         Ok(LlmResponse {
//!             text: text.clone(),
//!             parsed_json: None,
//!             model: req.model,
//!             usage: None,
//!             raw_hash: cortex_llm::adapter::blake3_hex(text.as_bytes()),
//!         })
//!     }
//! }
//! ```

use std::pin::Pin;

use async_trait::async_trait;
use futures::Stream;
use serde::{Deserialize, Serialize};
use thiserror::Error;

/// Role of a chat message in an [`LlmRequest`].
///
/// Mirrors the OpenAI / Anthropic role taxonomy so adapters can pass values
/// through to upstream APIs without translation.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
pub enum LlmRole {
    /// Plain user prompt.
    User,
    /// Model reply (used to seed multi-turn replay fixtures).
    Assistant,
    /// Tool / function call result fed back to the model.
    Tool,
}

/// One message in the request's conversation history.
#[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize)]
pub struct LlmMessage {
    /// Speaker role.
    pub role: LlmRole,
    /// UTF-8 text body. The adapter MAY reject non-UTF-8 upstream payloads
    /// before they reach this surface.
    pub content: String,
}

/// Optional token usage echoed back from the provider.
#[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize)]
pub struct TokenUsage {
    /// Tokens consumed by the prompt (system + messages).
    pub prompt_tokens: u32,
    /// Tokens emitted in the completion text.
    pub completion_tokens: u32,
}

/// A single LLM call.
///
/// Field shape is frozen by BUILD_SPEC §12. Adapters MUST NOT reorder, rename,
/// or hide fields without bumping
/// [`cortex_core::SCHEMA_VERSION`] — the request
/// is part of the audit envelope downstream.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct LlmRequest {
    /// Provider-specific model identifier, e.g. `claude-3-5-sonnet-20240620`.
    pub model: String,
    /// System prompt; may be empty.
    pub system: String,
    /// Conversation history in chronological order.
    pub messages: Vec<LlmMessage>,
    /// Sampling temperature; passed through verbatim.
    pub temperature: f32,
    /// Hard cap on completion length.
    pub max_tokens: u32,
    /// Optional JSON Schema constraint applied to the response (provider may
    /// enforce or just inject as guidance).
    pub json_schema: Option<serde_json::Value>,
    /// Wallclock budget in milliseconds.
    pub timeout_ms: u64,
}

impl LlmRequest {
    /// Stable BLAKE3 hash over the canonical fields used for fixture matching:
    /// `(system, messages, temperature, max_tokens, json_schema)`.
    ///
    /// **Excludes `model` and `timeout_ms`** so the same prompt can be
    /// replayed against multiple models (matching is by `(model, prompt_hash)`
    /// pair) and so transient budget tweaks do not invalidate fixtures.
    ///
    /// The hash is over the serialized JSON of a tagged struct so that
    /// `serde_json` field ordering is the deterministic input.
    pub fn prompt_hash(&self) -> String {
        let canonical = CanonicalPrompt {
            system: &self.system,
            messages: &self.messages,
            temperature: self.temperature,
            max_tokens: self.max_tokens,
            json_schema: self.json_schema.as_ref(),
        };
        // serde_json writes object fields in struct-declaration order, which
        // is what we want — no `BTreeMap` shuffling.
        let bytes = serde_json::to_vec(&canonical).expect("CanonicalPrompt is always serializable");
        blake3_hex(&bytes)
    }
}

/// Internal helper: the subset of [`LlmRequest`] that participates in
/// `prompt_hash()`. Borrowed-references-only so we never copy the payload.
#[derive(Serialize)]
struct CanonicalPrompt<'a> {
    system: &'a str,
    messages: &'a [LlmMessage],
    temperature: f32,
    max_tokens: u32,
    #[serde(skip_serializing_if = "Option::is_none")]
    json_schema: Option<&'a serde_json::Value>,
}

/// Result of a successful LLM call.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct LlmResponse {
    /// Free-form text reply; equals `parsed_json.to_string()` for JSON-only
    /// adapters that do not echo a separate stringified form.
    pub text: String,
    /// Parsed JSON, when the request supplied a `json_schema` and the
    /// provider returned a parseable body.
    pub parsed_json: Option<serde_json::Value>,
    /// Model that actually produced the response (may differ from
    /// `LlmRequest::model` when the provider transparently routes).
    pub model: String,
    /// Token accounting from the provider, if reported.
    pub usage: Option<TokenUsage>,
    /// Lowercase hex BLAKE3 of the raw provider bytes (or the
    /// fixture's response payload, in the replay case). Fed straight into
    /// the audit envelope downstream.
    pub raw_hash: String,
}

/// Errors returned by any [`LlmAdapter`] implementation.
#[derive(Debug, Error)]
pub enum LlmError {
    /// Network or transport error talking to the provider.
    #[error("transport: {0}")]
    Transport(String),

    /// Upstream provider returned a non-success status with the given message.
    #[error("upstream: {0}")]
    Upstream(String),

    /// Request violated provider or local validation (bad shape, banned
    /// content, schema mismatch).
    #[error("invalid request: {0}")]
    InvalidRequest(String),

    /// The request exceeded its `timeout_ms` budget.
    #[error("timeout after {timeout_ms} ms")]
    Timeout {
        /// The original budget the caller supplied.
        timeout_ms: u64,
    },

    /// The response could not be parsed as the requested JSON schema.
    #[error("response parse: {0}")]
    Parse(String),

    /// Replay adapter could not find a fixture matching `(model, prompt_hash)`.
    #[error("no replay fixture for model={model} prompt_hash={prompt_hash}")]
    NoFixture {
        /// Model the request asked for.
        model: String,
        /// `LlmRequest::prompt_hash` value the lookup used.
        prompt_hash: String,
    },

    /// Replay adapter found a fixture but its on-disk bytes did not match the
    /// hash recorded in `INDEX.toml`. Maps to the CLI's
    /// `Exit::QuarantinedInput(5)` exit code in lane 1.C.
    ///
    /// See `THREATS.md` row T-RM-1 for the threat model rationale.
    #[error("fixture integrity failed: {0}")]
    FixtureIntegrityFailed(String),

    /// I/O failure reading fixtures, INDEX.toml, or any other adapter-local
    /// resource.
    #[error("io: {0}")]
    Io(String),
}

/// A single token delta emitted by a streaming LLM call.
#[derive(Debug, Clone)]
pub struct StreamChunk {
    /// Token delta — may be empty on the final chunk.
    pub delta: String,
    /// Set on the terminal chunk: `"stop"`, `"max_tokens"`, etc.
    pub finish_reason: Option<String>,
}

/// Object-safe boxed stream of [`StreamChunk`] items.
pub type BoxStream<'a> = Pin<Box<dyn Stream<Item = Result<StreamChunk, LlmError>> + Send + 'a>>;

/// The shared LLM surface.
///
/// **Send + Sync is required** so the runtime can hold an
/// `Arc<dyn LlmAdapter>` and dispatch from any async task.
///
/// Streaming support is provided through two entry points:
///
/// - [`LlmAdapter::stream`] — ergonomic `impl Stream` variant; only callable on
///   a concrete type (`where Self: Sized`), not through `dyn LlmAdapter`.
/// - [`LlmAdapter::stream_boxed`] — object-safe `Pin<Box<dyn Stream>>` variant,
///   callable on `&dyn LlmAdapter`. Default implementation delegates to
///   [`LlmAdapter::complete`] and yields the full response as a single chunk;
///   adapters override it for true line-by-line streaming.
#[async_trait]
pub trait LlmAdapter: Send + Sync {
    /// Stable, lowercase identifier used in audit envelopes (e.g. `"claude"`,
    /// `"ollama"`, `"replay"`). Constants — implementations MUST NOT vary
    /// this per call.
    fn adapter_id(&self) -> &'static str;

    /// Issue a completion call. The adapter is responsible for honouring
    /// `req.timeout_ms` and returning [`LlmError::Timeout`] when exceeded.
    async fn complete(&self, req: LlmRequest) -> Result<LlmResponse, LlmError>;

    /// Stream tokens incrementally. Default implementation calls [`complete`]
    /// and yields the full response as a single chunk — adapters override this
    /// for true streaming.
    ///
    /// Bound to `where Self: Sized` so this method is not required to be
    /// object-safe. Use [`stream_boxed`] when dispatching through
    /// `&dyn LlmAdapter`.
    ///
    /// [`complete`]: LlmAdapter::complete
    /// [`stream_boxed`]: LlmAdapter::stream_boxed
    fn stream(&self, req: LlmRequest) -> impl Stream<Item = Result<StreamChunk, LlmError>> + Send
    where
        Self: Sized,
    {
        self.stream_boxed(req)
    }

    /// Object-safe streaming entry point. Returns a heap-allocated
    /// `Pin<Box<dyn Stream>>` so callers with only a `&dyn LlmAdapter`
    /// reference can drive streaming without knowing the concrete adapter type.
    ///
    /// Default: calls [`complete`] and emits the full response as a single
    /// [`StreamChunk`] with `finish_reason = Some("stop".into())`.
    ///
    /// [`complete`]: LlmAdapter::complete
    fn stream_boxed(&self, req: LlmRequest) -> BoxStream<'_> {
        // Default implementation: wrap complete() result as one chunk.
        // Adapters that can stream natively override this method.
        let fut = self.complete(req);
        Box::pin(async_stream::stream! {
            match fut.await {
                Ok(resp) => {
                    yield Ok(StreamChunk {
                        delta: resp.text,
                        finish_reason: Some("stop".into()),
                    });
                }
                Err(e) => yield Err(e),
            }
        })
    }
}

/// Lowercase hex BLAKE3 of the given bytes.
///
/// Re-exported so adapters and tests can derive `raw_hash` consistently.
#[must_use]
pub fn blake3_hex(bytes: &[u8]) -> String {
    blake3::hash(bytes).to_hex().to_string()
}

#[cfg(test)]
mod tests {
    use super::*;

    fn req_for(messages: &[(LlmRole, &str)]) -> LlmRequest {
        LlmRequest {
            model: "test-model".into(),
            system: "be precise".into(),
            messages: messages
                .iter()
                .map(|(r, c)| LlmMessage {
                    role: *r,
                    content: (*c).to_string(),
                })
                .collect(),
            temperature: 0.0,
            max_tokens: 256,
            json_schema: None,
            timeout_ms: 30_000,
        }
    }

    #[test]
    fn prompt_hash_is_stable_across_calls() {
        let r = req_for(&[(LlmRole::User, "hello")]);
        assert_eq!(r.prompt_hash(), r.prompt_hash());
    }

    #[test]
    fn prompt_hash_ignores_model_and_timeout() {
        let mut a = req_for(&[(LlmRole::User, "hello")]);
        let mut b = a.clone();
        b.model = "other-model".into();
        b.timeout_ms = 1;
        assert_eq!(a.prompt_hash(), b.prompt_hash());

        // Sanity: changing a participating field DOES change the hash.
        a.temperature = 0.5;
        assert_ne!(a.prompt_hash(), b.prompt_hash());
    }

    #[test]
    fn prompt_hash_changes_with_message_content() {
        let a = req_for(&[(LlmRole::User, "hello")]);
        let b = req_for(&[(LlmRole::User, "world")]);
        assert_ne!(a.prompt_hash(), b.prompt_hash());
    }

    #[test]
    fn blake3_hex_is_64_chars() {
        assert_eq!(blake3_hex(b"abc").len(), 64);
    }
}