_run_compression persists extracted substrings into ledger and sigil
files on disk. Previously it ran on raw messages, so credentials
matching decision/blocker patterns would be written to ~/.ra2/ in
plaintext. Now redact.redact_messages() is applied first, ensuring
only sanitised text reaches any disk-persisting path.
The redundant redact.redact(prompt) on the final assembled prompt is
removed since all inputs are already clean. The shrink loop correctly
re-estimates tokens after each reassembly.
https://claude.ai/code/session_01K7BWJY2gUoJi6dq91Yc7nx
Replace plain-text σN format with structured JSON per stream:
- EVENT layer: decision causality log with operator→constraint→decision
triples and ISO8601 timestamps. Max 15 entries, FIFO trim, dedup.
- STATE layer: authoritative snapshot with arch, risk, mode sections.
Overwritten (not appended) on each update cycle.
- Fields capped at 64 chars, file size capped at 8KB (configurable).
- Atomic writes via tmp+rename.
- Corrupt/partial JSON gracefully falls back to empty template.
Sigil is internal-only by default:
- Not included in model prompts unless DEBUG_SIGIL=true
- When debug enabled, injected as === INTERNAL SIGIL SNAPSHOT ===
- Never exposed to Discord users unless debug flag active
context_engine.py updated:
- Compression pass emits (operator, constraint, decision) triples
- Sigil section gated behind DEBUG_SIGIL flag
85 tests passing (up from 64).
https://claude.ai/code/session_01K7BWJY2gUoJi6dq91Yc7nx
Add deterministic context control layer that intercepts prompt
construction without modifying existing architecture:
- context_engine.py: single choke point (build_context) that assembles
structured prompts from ledger + sigil + live window, with token
budget enforcement and automatic window shrinking
- ledger.py: bounded per-stream JSON state (orientation, blockers,
open questions, delta) with hard field/list limits
- sigil.py: FIFO shorthand memory (max 15 entries) with deterministic
rule-based generation from message patterns
- token_gate.py: fast token estimation (~4 chars/token) and hard cap
enforcement with configurable MAX_TOKENS/LIVE_WINDOW
- redact.py: secret pattern detection (Discord, OpenAI, Anthropic,
AWS, Slack, GitHub, Telegram, Bearer, generic key=value) replaced
with [REDACTED_SECRET] before any output path
All 64 tests passing. No modifications to existing agent spawning,
model routing, tool system, or Discord relay architecture.
https://claude.ai/code/session_01K7BWJY2gUoJi6dq91Yc7nx
