zeph-core 0.20.2

Core agent loop, configuration, context builder, metrics, and vault for Zeph
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379

// SPDX-FileCopyrightText: 2026 Andrei G <bug-ops>
// SPDX-License-Identifier: MIT OR Apache-2.0

//! `MemCoT` [`SemanticStateAccumulator`]: rolling semantic state buffer for graph recall enrichment.
//!
//! The accumulator distills each LLM turn's assistant response into a short semantic state
//! string. This state is then prepended (as `[state] <buf>`) to graph recall queries in the
//! context assembler, improving retrieval relevance over long multi-turn sessions.
//!
//! # Cost bounds
//!
//! - Distillation is skipped when `min_distill_interval_secs` has not elapsed since last distill.
//! - Distillation is skipped after `max_distills_per_session` spawns in the current session.
//! - Both counters are reset by [`SemanticStateAccumulator::reset_session_counters`] on `/new`.
//! - A hard timeout of `distill_timeout_secs` is applied to every LLM call.
//!
//! # Thread safety
//!
//! All hot-path accesses use lock-free atomics. The state buffer is protected by a `RwLock`
//! and only written to inside the background distill task — never on the agent turn thread.

use std::sync::Arc;
use std::sync::atomic::{AtomicI64, AtomicU64, Ordering};
use std::time::{Duration, SystemTime, UNIX_EPOCH};

use tokio::sync::RwLock;
use zeph_config::MemCotConfig;
use zeph_llm::provider::LlmProvider as _;

use super::metrics;

/// Internal semantic state buffer updated by each distillation run.
#[derive(Default)]
pub(crate) struct SemanticState {
    /// Full-overwrite distillation buffer. The LLM is responsible for retaining important
    /// content from the prior state. Post-truncated to `MemCotConfig::max_state_chars` at a
    /// UTF-8 char boundary if the LLM exceeded the cap.
    pub(crate) buffer: String,
    /// Number of successful distillations since the accumulator was created.
    pub(crate) turn_count: u64,
    /// Unix seconds of last successful distillation.
    pub(crate) updated_at_secs: i64,
}

/// Manages the rolling semantic state buffer for `MemCoT`.
///
/// One instance lives on the agent for the lifetime of the process (created at startup when
/// `memory.memcot.enabled = true`; otherwise `None`).
///
/// # Examples
///
/// ```ignore
/// # use std::sync::Arc;
/// # use zeph_config::MemCotConfig;
/// let cfg = MemCotConfig::default(); // enabled = false
/// let acc = SemanticStateAccumulator::new(Arc::new(cfg));
/// assert!(acc.current_state().await.is_none());
/// ```
pub struct SemanticStateAccumulator {
    cfg: Arc<MemCotConfig>,
    state: Arc<RwLock<SemanticState>>,
    /// Unix seconds of the last distillation spawn (written BEFORE spawn to avoid races).
    pub(crate) last_distill_at_secs: Arc<AtomicI64>,
    /// Number of distillation spawns in the current session.
    pub(crate) distill_count_session: Arc<AtomicU64>,
}

impl SemanticStateAccumulator {
    /// Create a new accumulator.
    ///
    /// The accumulator is always created (even when `cfg.enabled = false`) so that the field
    /// on `MemoryExtractionState` can be `Option<SemanticStateAccumulator>` where `None`
    /// means "not configured" and `Some` means "created but possibly no-op".
    ///
    /// In practice callers wrap in `Option`: the extraction state creates it only when `enabled`.
    #[must_use]
    pub fn new(cfg: Arc<MemCotConfig>) -> Self {
        Self {
            cfg,
            state: Arc::new(RwLock::new(SemanticState::default())),
            last_distill_at_secs: Arc::new(AtomicI64::new(0)),
            distill_count_session: Arc::new(AtomicU64::new(0)),
        }
    }

    /// Return the current semantic state buffer, or `None` if empty.
    pub async fn current_state(&self) -> Option<String> {
        let guard = self.state.read().await;
        if guard.buffer.is_empty() {
            None
        } else {
            Some(guard.buffer.clone())
        }
    }

    /// Reset per-session distillation counters and clear the semantic state buffer.
    ///
    /// Called by the `/new` handler when the user starts a new conversation.
    /// `distill_count_session` and `last_distill_at_secs` are reset to 0.
    /// The state buffer is cleared so stale semantic state from a prior session
    /// does not contaminate graph recall queries in the new session.
    pub async fn reset_session_counters(&self) {
        self.distill_count_session.store(0, Ordering::Relaxed);
        self.last_distill_at_secs.store(0, Ordering::Relaxed);
        self.state.write().await.buffer.clear();
    }

    /// Check all cost gates and, if they pass, spawn a background distillation task.
    ///
    /// Gates checked (in order):
    /// 1. `cfg.enabled` — early exit if `MemCoT` is disabled.
    /// 2. `min_assistant_chars` — skip trivial replies.
    /// 3. `min_distill_interval_secs` — skip if too soon since last distill.
    /// 4. `max_distills_per_session` — skip after session cap.
    ///
    /// When all gates pass, counters are incremented **before** the spawn to avoid
    /// double-spawn races when distill latency is shorter than the next turn.
    pub(crate) fn maybe_enqueue_distill(
        &self,
        assistant_content: &str,
        provider: zeph_llm::any::AnyProvider,
        supervisor_spawn: impl FnOnce(
            &'static str,
            std::pin::Pin<Box<dyn std::future::Future<Output = ()> + Send>>,
        ),
    ) {
        if !self.cfg.enabled {
            return;
        }

        let content_chars = assistant_content.chars().count();
        if content_chars < self.cfg.min_assistant_chars {
            return;
        }

        let now = unix_now_secs();
        let elapsed = now.saturating_sub(self.last_distill_at_secs.load(Ordering::Relaxed));
        if elapsed < i64::try_from(self.cfg.min_distill_interval_secs).unwrap_or(i64::MAX) {
            metrics::distill_skipped("interval");
            return;
        }
        if self.distill_count_session.load(Ordering::Relaxed) >= self.cfg.max_distills_per_session {
            metrics::distill_skipped("session_cap");
            return;
        }

        // Reserve before spawn to avoid race.
        self.last_distill_at_secs.store(now, Ordering::Relaxed);
        self.distill_count_session.fetch_add(1, Ordering::Relaxed);
        metrics::distill_total();

        let state_arc = Arc::clone(&self.state);
        let cfg = Arc::clone(&self.cfg);
        let content = assistant_content.to_owned();

        let fut = Box::pin(async move {
            let span = tracing::info_span!("core.memcot.distill", result = tracing::field::Empty);
            let _guard = span.enter();

            let prompt = build_distill_prompt(&content, &state_arc).await;
            let msgs = vec![zeph_llm::provider::Message::from_legacy(
                zeph_llm::provider::Role::User,
                prompt,
            )];

            let timeout = Duration::from_secs(cfg.distill_timeout_secs);
            let result = tokio::time::timeout(timeout, provider.chat(&msgs)).await;

            match result {
                Ok(Ok(response)) => {
                    tracing::Span::current().record("result", "ok");
                    let raw = response.trim().to_owned();
                    let cap = cfg.max_state_chars;
                    let new_buf = if raw.chars().count() > cap {
                        let cut = raw.floor_char_boundary(
                            raw.char_indices().nth(cap).map_or(raw.len(), |(i, _)| i),
                        );
                        raw[..cut].to_owned()
                    } else {
                        raw
                    };

                    let mut state = state_arc.write().await;
                    state.buffer = new_buf;
                    state.turn_count = state.turn_count.saturating_add(1);
                    state.updated_at_secs = unix_now_secs();
                    tracing::debug!(
                        turn = state.turn_count,
                        buf_chars = state.buffer.chars().count(),
                        "memcot: distill complete"
                    );
                }
                Ok(Err(e)) => {
                    tracing::Span::current().record("result", "error");
                    metrics::distill_error();
                    tracing::warn!(error = %e, "memcot: distill failed");
                }
                Err(_) => {
                    tracing::Span::current().record("result", "timeout");
                    metrics::distill_timeout();
                    tracing::warn!(
                        timeout_secs = cfg.distill_timeout_secs,
                        "memcot: distill timed out"
                    );
                }
            }
        });

        supervisor_spawn("memcot_distill", fut);
    }
}

/// Scrub characters that could escape delimiters or confuse the LLM parser.
fn scrub_content(s: &str) -> String {
    s.replace(['\n', '\r', '<', '>'], " ")
}

/// Build the distillation prompt from the current assistant turn and prior state.
///
/// Content is wrapped in `<turn>…</turn>` delimiters and scrubbed of `\n\r<>` to prevent
/// prompt injection from raw assistant output.
async fn build_distill_prompt(assistant_content: &str, state: &RwLock<SemanticState>) -> String {
    let prior = {
        let guard = state.read().await;
        guard.buffer.clone()
    };

    let safe_content = scrub_content(assistant_content);

    if prior.is_empty() {
        format!(
            "Summarize the key concepts and entities from the following assistant response \
             in 1-3 short sentences. Focus on what changed or was decided.\n\n\
             <turn>{safe_content}</turn>"
        )
    } else {
        let safe_prior = scrub_content(&prior);
        format!(
            "Update the semantic state by integrating the new assistant response. \
             Keep the most important concepts from the prior state and add new ones. \
             Reply with 1-3 short sentences total.\n\n\
             Prior state: {safe_prior}\n\n\
             <turn>{safe_content}</turn>"
        )
    }
}

fn unix_now_secs() -> i64 {
    SystemTime::now()
        .duration_since(UNIX_EPOCH)
        .unwrap_or_default()
        .as_secs()
        .try_into()
        .unwrap_or(i64::MAX)
}

#[cfg(test)]
mod tests {
    use super::*;

    fn null_provider() -> zeph_llm::any::AnyProvider {
        zeph_llm::any::AnyProvider::Mock(zeph_llm::mock::MockProvider::default())
    }

    #[tokio::test]
    async fn accumulator_initial_state_empty() {
        let cfg = Arc::new(MemCotConfig::default());
        let acc = SemanticStateAccumulator::new(cfg);
        assert!(acc.current_state().await.is_none());
    }

    #[tokio::test]
    #[allow(clippy::large_futures)]
    async fn reset_session_counters_clears_state() {
        let cfg = MemCotConfig {
            enabled: true,
            ..MemCotConfig::default()
        };
        let acc = SemanticStateAccumulator::new(Arc::new(cfg));
        acc.distill_count_session.store(42, Ordering::Relaxed);
        acc.last_distill_at_secs.store(9999, Ordering::Relaxed);
        // Pre-populate the state buffer to verify it is cleared on reset.
        acc.state.write().await.buffer = "prior semantic state".to_owned();
        acc.reset_session_counters().await;
        assert_eq!(acc.distill_count_session.load(Ordering::Relaxed), 0);
        assert_eq!(acc.last_distill_at_secs.load(Ordering::Relaxed), 0);
        assert!(
            acc.current_state().await.is_none(),
            "buffer must be cleared on reset"
        );
    }

    #[tokio::test]
    async fn distill_skipped_when_disabled() {
        let cfg = Arc::new(MemCotConfig {
            enabled: false,
            ..MemCotConfig::default()
        });
        let acc = SemanticStateAccumulator::new(cfg);
        let mut spawn_called = false;
        acc.maybe_enqueue_distill("hello", null_provider(), |_name, _fut| {
            spawn_called = true;
        });
        assert!(!spawn_called, "disabled accumulator must never spawn");
    }

    #[tokio::test]
    async fn distill_skipped_when_content_too_short() {
        let cfg = Arc::new(MemCotConfig {
            enabled: true,
            min_assistant_chars: 100,
            min_distill_interval_secs: 0,
            max_distills_per_session: 50,
            ..MemCotConfig::default()
        });
        let acc = SemanticStateAccumulator::new(cfg);
        let mut spawn_called = false;
        acc.maybe_enqueue_distill("hi", null_provider(), |_name, _fut| {
            spawn_called = true;
        });
        assert!(!spawn_called, "should not spawn for short content");
    }

    #[tokio::test]
    async fn distill_skipped_when_session_cap_reached() {
        let cfg = Arc::new(MemCotConfig {
            enabled: true,
            max_distills_per_session: 2,
            min_distill_interval_secs: 0,
            min_assistant_chars: 1,
            ..MemCotConfig::default()
        });
        let acc = SemanticStateAccumulator::new(cfg);
        acc.distill_count_session.store(2, Ordering::Relaxed);
        let mut spawn_called = false;
        acc.maybe_enqueue_distill("hello world!", null_provider(), |_name, _fut| {
            spawn_called = true;
        });
        assert!(!spawn_called, "should not spawn when session cap reached");
    }

    #[tokio::test]
    async fn distill_skipped_when_interval_not_elapsed() {
        let cfg = Arc::new(MemCotConfig {
            enabled: true,
            max_distills_per_session: 50,
            min_distill_interval_secs: 9999,
            min_assistant_chars: 1,
            ..MemCotConfig::default()
        });
        let acc = SemanticStateAccumulator::new(cfg);
        // Simulate a recent distill.
        acc.last_distill_at_secs
            .store(unix_now_secs(), Ordering::Relaxed);
        let mut spawn_called = false;
        acc.maybe_enqueue_distill("hello world!", null_provider(), |_name, _fut| {
            spawn_called = true;
        });
        assert!(!spawn_called, "should not spawn before interval elapses");
    }

    #[tokio::test]
    async fn distill_spawned_when_all_gates_pass() {
        let cfg = Arc::new(MemCotConfig {
            enabled: true,
            max_distills_per_session: 50,
            min_distill_interval_secs: 0,
            min_assistant_chars: 1,
            ..MemCotConfig::default()
        });
        let acc = SemanticStateAccumulator::new(cfg);
        let mut spawn_called = false;
        acc.maybe_enqueue_distill("hello world!", null_provider(), |_name, _fut| {
            spawn_called = true;
        });
        assert!(spawn_called, "should spawn when all gates pass");
        assert_eq!(acc.distill_count_session.load(Ordering::Relaxed), 1);
    }
}