hirn-engine 0.1.0

Engine for the hirn cognitive memory database
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

//! Rate Limiter — sliding window rate limiting per agent.
//!
//! Prevents any single agent from flooding memory with writes.

use std::collections::HashMap;
use std::time::Instant;

use hirn_core::HirnResult;
use hirn_core::types::AgentId;
use tokio::sync::Mutex;

use crate::admission::{AdmissionController, AdmissionDecision, MemoryCandidate};

/// Sliding-window rate limiter per agent.
pub struct RateLimiter {
    /// Maximum writes per window.
    max_writes: u64,
    /// Window duration in seconds.
    window_secs: u64,
    /// Per-agent write timestamps within the current window.
    state: Mutex<HashMap<AgentId, Vec<Instant>>>,
}

impl RateLimiter {
    /// Create a new rate limiter.
    ///
    /// - `max_writes`: number of writes allowed within the window.
    /// - `window_secs`: sliding window size in seconds.
    pub fn new(max_writes: u64, window_secs: u64) -> Self {
        Self {
            max_writes,
            window_secs,
            state: Mutex::new(HashMap::new()),
        }
    }

    /// Default: 100 writes per 60 seconds.
    pub fn with_defaults() -> Self {
        Self::new(100, 60)
    }

    /// Prune timestamps older than the window for a given agent.
    fn prune(timestamps: &mut Vec<Instant>, now: Instant, window: std::time::Duration) {
        timestamps.retain(|ts| now.duration_since(*ts) < window);
    }
}

#[async_trait::async_trait]
impl AdmissionController for RateLimiter {
    fn name(&self) -> &str {
        "rate_limiter"
    }

    async fn evaluate(&self, candidate: &MemoryCandidate) -> HirnResult<AdmissionDecision> {
        let now = Instant::now();
        let window = std::time::Duration::from_secs(self.window_secs);

        let mut state = self.state.lock().await;
        let timestamps = state.entry(candidate.agent_id.clone()).or_default();

        Self::prune(timestamps, now, window);

        let current_count = timestamps.len() as u64;

        if current_count >= self.max_writes {
            Ok(AdmissionDecision::Reject {
                reason: format!(
                    "rate limit exceeded: {current_count}/{max} writes/{window}s for agent '{agent}'",
                    max = self.max_writes,
                    window = self.window_secs,
                    agent = candidate.agent_id.as_str(),
                ),
            })
        } else {
            timestamps.push(now);
            Ok(AdmissionDecision::Accept {
                importance_override: None,
            })
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use hirn_core::id::MemoryId;
    use hirn_core::metadata::Metadata;
    use hirn_core::types::{AgentId, Namespace};

    fn candidate(agent: &str) -> MemoryCandidate {
        MemoryCandidate {
            id: MemoryId::new(),
            content: "test".into(),
            entities: vec![],
            embedding: None,
            agent_id: AgentId::new(agent).unwrap(),
            namespace: Namespace::shared(),
            importance: 0.5,
            surprise: 0.5,
            metadata: Metadata::default(),
        }
    }

    #[tokio::test]
    async fn within_limit_accepted() {
        let limiter = RateLimiter::new(5, 60);
        for _ in 0..5 {
            let result = limiter.evaluate(&candidate("agent-a")).await.unwrap();
            assert!(result.is_accept());
        }
    }

    #[tokio::test]
    async fn exceeds_limit_rejected() {
        let limiter = RateLimiter::new(3, 60);
        for _ in 0..3 {
            let result = limiter.evaluate(&candidate("agent-a")).await.unwrap();
            assert!(result.is_accept());
        }
        // 4th request should be rejected.
        let result = limiter.evaluate(&candidate("agent-a")).await.unwrap();
        assert!(result.is_reject());
    }

    #[tokio::test]
    async fn two_agents_independent() {
        let limiter = RateLimiter::new(2, 60);

        // Fill agent-a's quota.
        for _ in 0..2 {
            limiter.evaluate(&candidate("agent-a")).await.unwrap();
        }
        let result_a = limiter.evaluate(&candidate("agent-a")).await.unwrap();
        assert!(result_a.is_reject());

        // Agent-b should still be fine.
        let result_b = limiter.evaluate(&candidate("agent-b")).await.unwrap();
        assert!(result_b.is_accept());
    }

    #[tokio::test]
    async fn window_slides() {
        // Use a tiny window so we can test sliding without sleep.
        let limiter = RateLimiter::new(2, 0); // 0-second window

        // With 0-second window everything expires immediately.
        for _ in 0..10 {
            let result = limiter.evaluate(&candidate("agent-a")).await.unwrap();
            // All should accept since the window is 0 and old writes expire.
            assert!(result.is_accept());
        }
    }

    #[tokio::test]
    async fn default_limiter() {
        let limiter = RateLimiter::with_defaults();
        // 100 writes should all be accepted.
        for _ in 0..100 {
            let result = limiter.evaluate(&candidate("agent-a")).await.unwrap();
            assert!(result.is_accept());
        }
        // 101st should be rejected.
        let result = limiter.evaluate(&candidate("agent-a")).await.unwrap();
        assert!(result.is_reject());
    }
}