Skip to main content

TrajectoryRiskAccumulator

zeph_memory::shadow

Struct TrajectoryRiskAccumulator 

Source 
pub struct TrajectoryRiskAccumulator { /* private fields */ }
Expand description

Per-session trajectory risk accumulator (MAGE spec 004-16).

Maintains a rolling trajectory_risk score in [0.0, 1.0] that accumulates safety signals with exponential temporal decay. Designed to detect multi-turn attacks that evade per-turn controls.

When constructed via new_noop or when config.enabled = false, all methods are zero-cost no-ops — no allocations and current_risk() always returns 0.0.

Implementations§

Source§

impl TrajectoryRiskAccumulator

Source

pub fn new_noop() -> Self

Construct an accumulator that operates as a zero-cost noop.

Use when shadow memory is disabled or during testing scenarios that do not need risk tracking. No heap allocation is performed.

Source

pub fn new(config: TrajectoryRiskAccumulatorConfig) -> Self

Construct an accumulator from configuration.

When config.enabled = false, delegates to new_noop — no allocation. When enabled, pre-allocates the signal history ring buffer.

Source

pub fn advance_turn(&mut self)

Advance the turn counter and apply exponential decay to the accumulated risk.

Must be called once per turn, before ingest is called for that turn. Decay formula: risk *= exp(-ln(2) / halflife_turns).

No-op when disabled.

Source

pub fn ingest(&mut self, signal_type: AuditSignalType, severity: Severity)

Ingest a safety signal and add its weighted contribution to trajectory_risk.

The raw score is base_weight(signal_type) × severity_multiplier(severity). After addition, trajectory_risk is clamped to [0.0, 1.0]. The event is appended to the signal history ring buffer; the oldest entry is evicted when the buffer is full.

Emits shadow_memory_signals_total{type, severity} counter (NFR-007).

No-op when disabled.

Source

pub fn record_block(&self)

Increment shadow_memory_blocks_total counter (NFR-007).

Call this once when a tool execution is actually blocked due to trajectory risk. Do not call on every is_blocked() query — only when a block action fires.

Source

pub fn record_escalation(&self)

Increment shadow_memory_escalations_total counter (NFR-007).

Call this once when an escalation-to-human-confirmation is triggered.

Source

pub fn current_risk(&self) -> f64

Returns the current accumulated risk score in [0.0, 1.0].

Always returns 0.0 when disabled.

Source

pub fn is_blocked(&self) -> bool

Returns true when trajectory_risk >= risk_threshold and shadow memory is enabled.

Always returns false when disabled.

Source

pub fn should_escalate(&self) -> bool

Returns true when risk is in [escalation_threshold, risk_threshold).

Always returns false when disabled.

Source

pub fn top_signals(&self, n: usize) -> Vec<&SignalEvent>

Returns the top n signals by raw_score descending from recent history.

Source

pub fn reset(&mut self)

Resets trajectory_risk to zero and clears signal history.

Called on context compaction when reset_on_compaction = true. No-op when disabled.

Source

pub fn is_enabled(&self) -> bool

Returns true when shadow memory is enabled (i.e., not in noop mode).

Source

pub fn turn_count(&self) -> u32

Returns the current turn count.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
where ST: ?Sized, DT: ?Sized,

Source§

impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
where ST: ?Sized, DT: ?Sized,

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> IntoRequest<T> for T

Source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Read<Exclusive, BecauseExclusive> for T
where T: ?Sized,

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more