ScottLogic · pmarsh-scottlogic · Feb 21, 2024 · Feb 1, 2024 · Feb 1, 2024 · Feb 1, 2024
diff --git a/backend/src/controller/chatController.ts b/backend/src/controller/chatController.ts
@@ -10,7 +10,7 @@ import { OpenAiChatRequest } from '@src/models/api/OpenAiChatRequest';
 import { OpenAiClearRequest } from '@src/models/api/OpenAiClearRequest';
 import { OpenAiGetHistoryRequest } from '@src/models/api/OpenAiGetHistoryRequest';
 import {
-	ChatDefenceReport,
+	DefenceReport,
 	ChatHttpResponse,
 	ChatModel,
 	LevelHandlerResponse,
@@ -20,7 +20,7 @@ import {
 import {
 	ChatMessage,
 	ChatInfoMessage,
-	chatInfoMessageType,
+	chatInfoMessageTypes,
 } from '@src/models/chatMessage';
 import { Defence } from '@src/models/defence';
 import { EmailInfo } from '@src/models/email';
@@ -33,9 +33,7 @@ import {
 
 import { handleChatError } from './handleError';
 
-function combineChatDefenceReports(
-	reports: ChatDefenceReport[]
-): ChatDefenceReport {
+function combineDefenceReports(reports: DefenceReport[]): DefenceReport {
 	return {
 		blockedReason: reports
 			.filter((report) => report.blockedReason !== null)
@@ -173,7 +171,7 @@ async function handleChatWithDefenceDetection(
 	const defenceReports = outputDefenceReport
 		? [inputDefenceReport, outputDefenceReport]
 		: [inputDefenceReport];
-	const combinedDefenceReport = combineChatDefenceReports(defenceReports);
+	const combinedDefenceReport = combineDefenceReports(defenceReports);
 
 	// if blocked, restore original chat history and add user message to chat history without completion
 	const updatedChatHistory = combinedDefenceReport.isBlocked
@@ -379,7 +377,7 @@ function handleAddInfoToChatHistory(
 	if (
 		infoMessage &&
 		chatMessageType &&
-		chatInfoMessageType.includes(chatMessageType) &&
+		chatInfoMessageTypes.includes(chatMessageType) &&
 		level !== undefined &&
 		level >= LEVEL_NAMES.LEVEL_1
 	) {

diff --git a/backend/src/defence.ts b/backend/src/defence.ts
@@ -1,7 +1,7 @@
 import { defaultDefences } from './defaultDefences';
 import { evaluatePrompt } from './langchain';
 import {
-	ChatDefenceReport,
+	DefenceReport,
 	MessageTransformation,
 	SingleDefenceReport,
 	TransformedChatMessage,
@@ -20,14 +20,12 @@ import {
 } from './promptTemplates';
 
 function activateDefence(id: DEFENCE_ID, defences: Defence[]) {
-	// return the updated list of defences
 	return defences.map((defence) =>
 		defence.id === id ? { ...defence, isActive: true } : defence
 	);
 }
 
 function deactivateDefence(id: DEFENCE_ID, defences: Defence[]) {
-	// return the updated list of defences
 	return defences.map((defence) =>
 		defence.id === id ? { ...defence, isActive: false } : defence
 	);
@@ -38,7 +36,6 @@ function configureDefence(
 	defences: Defence[],
 	config: DefenceConfigItem[]
 ): Defence[] {
-	// return the updated list of defences
 	return defences.map((defence) =>
 		defence.id === id ? { ...defence, config } : defence
 	);
@@ -95,7 +92,6 @@ function getFilterList(defences: Defence[], type: DEFENCE_ID) {
 }
 function getSystemRole(
 	defences: Defence[],
-	// by default, use sandbox
 	currentLevel: LEVEL_NAMES = LEVEL_NAMES.SANDBOX
 ) {
 	switch (currentLevel) {
@@ -183,14 +179,12 @@ function escapeXml(unsafe: string) {
 	});
 }
 
-// function to detect any XML tags in user input
 function containsXMLTags(input: string) {
 	const tagRegex = /<\/?[a-zA-Z][\w-]*(?:\b[^>]*\/\s*|[^>]*>|[?]>)/g;
 	const foundTags: string[] = input.match(tagRegex) ?? [];
 	return foundTags.length > 0;
 }
 
-// apply XML tagging defence to input message
 function transformXmlTagging(
 	message: string,
 	defences: Defence[]
@@ -213,7 +207,6 @@ function generateRandomString(length: number) {
 	).join('');
 }
 
-// apply random sequence enclosure defence to input message
 function transformRandomSequenceEnclosure(
 	message: string,
 	defences: Defence[]
@@ -250,7 +243,6 @@ function combineTransformedMessage(transformedMessage: TransformedChatMessage) {
 	);
 }
 
-//apply defence string transformations to original message
 function transformMessage(
 	message: string,
 	defences: Defence[]
@@ -284,7 +276,6 @@ function transformMessage(
 	};
 }
 
-// detects triggered defences in original message and blocks the message if necessary
 async function detectTriggeredInputDefences(
 	message: string,
 	defences: Defence[]
@@ -299,15 +290,14 @@ async function detectTriggeredInputDefences(
 	return combineDefenceReports(singleDefenceReports);
 }
 
-// detects triggered defences in bot output and blocks the message if necessary
 function detectTriggeredOutputDefences(message: string, defences: Defence[]) {
 	const singleDefenceReports = [detectFilterBotOutput(message, defences)];
 	return combineDefenceReports(singleDefenceReports);
 }
 
 function combineDefenceReports(
 	defenceReports: SingleDefenceReport[]
-): ChatDefenceReport {
+): DefenceReport {
 	const isBlocked = defenceReports.some((report) => report.blockedReason);
 	const blockedReason = isBlocked
 		? defenceReports
@@ -451,6 +441,7 @@ async function detectEvaluationLLM(
 ): Promise<SingleDefenceReport> {
 	const defence = DEFENCE_ID.PROMPT_EVALUATION_LLM;
 	// to save money and processing time, and to reduce risk of rate limiting, we only run if defence is active
+	// this means that, contrary to the other defences, the user won't get alerts when the defence is not active, i.e. "your last prompt would have been blocked by the prompt evaluation LLM"
 	if (isDefenceActive(DEFENCE_ID.PROMPT_EVALUATION_LLM, defences)) {
 		const promptEvalLLMPrompt = getPromptEvalPromptFromConfig(defences);
 

diff --git a/backend/src/models/chat.ts b/backend/src/models/chat.ts
@@ -36,7 +36,7 @@ interface ChatModelConfiguration {
 	presencePenalty: number;
 }
 
-interface ChatDefenceReport {
+interface DefenceReport {
 	blockedReason: string | null;
 	isBlocked: boolean;
 	alertedDefences: DEFENCE_ID[];
@@ -93,7 +93,7 @@ interface MessageTransformation {
 
 interface ChatHttpResponse {
 	reply: string;
-	defenceReport: ChatDefenceReport;
+	defenceReport: DefenceReport;
 	transformedMessage?: TransformedChatMessage;
 	wonLevel: boolean;
 	isError: boolean;
@@ -118,7 +118,7 @@ const defaultChatModel: ChatModel = {
 };
 
 export type {
-	ChatDefenceReport,
+	DefenceReport,
 	ChatGptReply,
 	ChatMalicious,
 	ChatModel,

diff --git a/backend/src/models/chatMessage.ts b/backend/src/models/chatMessage.ts
@@ -67,4 +67,4 @@ export type {
 	CHAT_INFO_MESSAGE_TYPES,
 };
 
-export { chatInfoMessageTypes as chatInfoMessageType };
+export { chatInfoMessageTypes };
diff --git a/backend/src/openai.ts b/backend/src/openai.ts
@@ -152,7 +152,10 @@ async function handleAskQuestionFunction(
 			: '';
 		return await queryDocuments(params.question, configQAPrompt, currentLevel);
 	} else {
-		console.error('No arguments provided to askQuestion function');
+		console.error(
+			'Incorrect arguments provided to askQuestion function:',
+			functionCallArgs
+		);
 		return "Reply with 'I don't know what to ask'";
 	}
 }
@@ -237,7 +240,8 @@ async function chatGptCallFunction(
 
 async function chatGptChatCompletion(
 	chatHistory: ChatMessage[],
-	chatModel: ChatModel
+	chatModel: ChatModel,
+	openAI: OpenAI
 ) {
 	const updatedChatHistory = [...chatHistory];
 
@@ -247,13 +251,13 @@ async function chatGptChatCompletion(
 	console.debug('Calling OpenAI chat completion...');
 
 	try {
-		const chat_completion = await getOpenAI().chat.completions.create({
+		const chat_completion = await openAI.chat.completions.create({
 			model: chatModel.id,
 			temperature: chatModel.configuration.temperature,
 			top_p: chatModel.configuration.topP,
 			frequency_penalty: chatModel.configuration.frequencyPenalty,
 			presence_penalty: chatModel.configuration.presencePenalty,
-			messages: getChatCompletionsInLimitedContextWindow(
+			messages: getChatCompletionsInContextWindow(
 				updatedChatHistory,
 				chatModel.id
 			),
@@ -287,19 +291,17 @@ async function chatGptChatCompletion(
 	}
 }
 
-function getChatCompletionsInLimitedContextWindow(
+function getChatCompletionsInContextWindow(
 	chatHistory: ChatMessage[],
 	gptModel: CHAT_MODELS
 ): ChatCompletionMessageParam[] {
-	const completions = chatHistory.reduce<ChatCompletionMessageParam[]>(
-		(result, chatMessage) => {
-			if ('completion' in chatMessage && chatMessage.completion) {
-				result.push(chatMessage.completion);
-			}
-			return result;
-		},
-		[]
-	);
+	const completions = chatHistory
+		.map((chatMessage) =>
+			'completion' in chatMessage ? chatMessage.completion : null
+		)
+		.filter(
+			(completion) => completion !== null
+		) as ChatCompletionMessageParam[];
 
 	console.debug(
 		'Number of tokens in total chat history. prompt_tokens=',
@@ -365,9 +367,13 @@ async function getFinalReplyAfterAllToolCalls(
 	let wonLevel = false;
 
 	let gptReply: ChatGptReply | null = null;
-
+	const openAI = getOpenAI();
 	do {
-		gptReply = await chatGptChatCompletion(updatedChatHistory, chatModel);
+		gptReply = await chatGptChatCompletion(
+			updatedChatHistory,
+			chatModel,
+			openAI
+		);
 		updatedChatHistory = gptReply.chatHistory;
 
 		if (gptReply.completion?.tool_calls) {

diff --git a/backend/src/utils/token.ts b/backend/src/utils/token.ts
@@ -7,6 +7,7 @@ import { promptTokensEstimate, stringTokens } from 'openai-chat-tokens';
 import { CHAT_MODELS } from '@src/models/chat';
 import { chatGptTools } from '@src/openai';
 
+// The size of each model's context window in muber of tokens. https://platform.openai.com/docs/models
 const chatModelMaxTokens = {
 	[CHAT_MODELS.GPT_4_TURBO]: 128000,
 	[CHAT_MODELS.GPT_4]: 8192,

diff --git a/backend/test/unit/controller/chatController.test.ts b/backend/test/unit/controller/chatController.test.ts
@@ -13,7 +13,7 @@ import { OpenAiChatRequest } from '@src/models/api/OpenAiChatRequest';
 import { OpenAiClearRequest } from '@src/models/api/OpenAiClearRequest';
 import { OpenAiGetHistoryRequest } from '@src/models/api/OpenAiGetHistoryRequest';
 import {
-	ChatDefenceReport,
+	DefenceReport,
 	ChatModel,
 	ChatResponse,
 	MessageTransformation,
@@ -232,15 +232,15 @@ describe('handleChatToGPT unit tests', () => {
 		function triggeredDefencesMockReturn(
 			blockedReason: string,
 			triggeredDefence: DEFENCE_ID
-		): Promise<ChatDefenceReport> {
+		): Promise<DefenceReport> {
 			return new Promise((resolve, reject) => {
 				try {
 					resolve({
 						blockedReason,
 						isBlocked: true,
 						alertedDefences: [],
 						triggeredDefences: [triggeredDefence],
-					} as ChatDefenceReport);
+					} as DefenceReport);
 				} catch (err) {
 					reject(err);
 				}
@@ -601,7 +601,7 @@ describe('handleChatToGPT unit tests', () => {
 				isBlocked: false,
 				alertedDefences: [],
 				triggeredDefences: [],
-			} as ChatDefenceReport);
+			} as DefenceReport);
 
 			await handleChatToGPT(req, res);
 
@@ -701,7 +701,7 @@ describe('handleChatToGPT unit tests', () => {
 				isBlocked: false,
 				alertedDefences: [],
 				triggeredDefences: [],
-			} as ChatDefenceReport);
+			} as DefenceReport);
 
 			await handleChatToGPT(req, res);
 

diff --git a/frontend/src/components/ChatBox/ChatBox.tsx b/frontend/src/components/ChatBox/ChatBox.tsx
@@ -98,9 +98,7 @@ function ChatBox({
 				message: response.reply,
 				type: 'ERROR_MSG',
 			});
-		}
-		// add it to the list of messages
-		else if (response.defenceReport.isBlocked) {
+		} else if (response.defenceReport.isBlocked) {
 			addChatMessage({
 				type: 'BOT_BLOCKED',
 				message: response.defenceReport.blockedReason,
@@ -111,7 +109,6 @@ function ChatBox({
 				message: response.reply,
 			});
 		}
-		// add altered defences to the chat
 		response.defenceReport.alertedDefences.forEach((triggeredDefence) => {
 			// get user-friendly defence name
 			const defenceName = ALL_DEFENCES.find((defence) => {

diff --git a/frontend/src/components/HandbookOverlay/Pages/HandbookAttacks.test.tsx b/frontend/src/components/HandbookOverlay/Pages/HandbookAttacks.test.tsx
@@ -1,13 +1,9 @@
 import { render, screen } from '@testing-library/react';
 import { describe, expect, test } from 'vitest';
 
-import {
-	ATTACKS_LEVEL_2,
-	ATTACKS_LEVEL_3,
-	ATTACKS_ALL,
-} from '@src/components/HandbookOverlay/Pages/Attacks';
 import { LEVEL_NAMES } from '@src/models/level';
 
+import { ATTACKS_LEVEL_2, ATTACKS_LEVEL_3, ATTACKS_ALL } from './Attacks';
 import HandbookAttacks from './HandbookAttacks';
 
 describe('HandbookAttacks component tests', () => {

diff --git a/frontend/src/components/HandbookOverlay/Pages/HandbookAttacks.tsx b/frontend/src/components/HandbookOverlay/Pages/HandbookAttacks.tsx
@@ -1,11 +1,8 @@
-import {
-	ATTACKS_ALL,
-	ATTACKS_LEVEL_2,
-	ATTACKS_LEVEL_3,
-} from '@src/components/HandbookOverlay/Pages/Attacks';
 import { AttackInfo } from '@src/models/attack';
 import { LEVEL_NAMES } from '@src/models/level';
 
+import { ATTACKS_ALL, ATTACKS_LEVEL_2, ATTACKS_LEVEL_3 } from './Attacks';
+
 import './HandbookPage.css';
 
 function HandbookAttacks({ currentLevel }: { currentLevel: LEVEL_NAMES }) {

diff --git a/frontend/src/components/HandbookOverlay/Pages/HandbookGlossary.test.tsx b/frontend/src/components/HandbookOverlay/Pages/HandbookGlossary.test.tsx
@@ -1,9 +1,9 @@
 import { render, screen } from '@testing-library/react';
 import { describe, expect, test } from 'vitest';
 
-import { GLOSSARY } from '@src/components/HandbookOverlay/Pages/Glossary';
 import { LEVEL_NAMES } from '@src/models/level';
 
+import { GLOSSARY } from './Glossary';
 import HandbookGlossary from './HandbookGlossary';
 
 describe('HandbookGlossary component tests', () => {

diff --git a/frontend/src/components/HandbookOverlay/Pages/HandbookGlossary.tsx b/frontend/src/components/HandbookOverlay/Pages/HandbookGlossary.tsx
@@ -1,6 +1,7 @@
-import { GLOSSARY } from '@src/components/HandbookOverlay/Pages/Glossary';
 import { LEVEL_NAMES } from '@src/models/level';
 
+import { GLOSSARY } from './Glossary';
+
 import './HandbookPage.css';
 
 function HandbookGlossary({ currentLevel }: { currentLevel: LEVEL_NAMES }) {