Skip to content

Home

Jump to bottom
Peter Marsh edited this page Feb 20, 2024 · 53 revisions

Spy Logic is a learning game that teaches users about prompt injection attacks and defences through a series of increasingly difficult challenges.

This wiki is intended to be very high level and act more as a signposting system to specific parts of code. Read the code alongside the wiki to get the fullest understanding, or just read the docs to get a broad-strokes overview of how things work.

The best way to get acquainted with the project is to run and play the game. Failing that you can have a read of intro to Spy Logic.

Terminology

In these docs we will use the term LLM to describe a generic Large Language Model, usually one created and hosted by OpenAI. In contrast, we will use bot to describe ScottBrewBot which is our fictional chatbot. It describes the system as a whole which includes an LLM at its core, but also includes the mechanisms we've placed around it (defences, error handling, etc).

How we Use LLMs

LLMs lie at the core of the game. We use models that are hosted on OpenAI's servers, via the OpenAI API. We use these LLMs to:

  • Respond to user messages.
  • Query documents.
  • Evaluate whether a prompt is malicious.

There are two libraries which we use to make it easier to interface with LLMs and the OpenAI API: Langchain and OpenAI. They both act as wrappers for calling the OpenAI API, and provide useful abstractions and extra functionality. See OpenAI to understand how we get responses to messages. See Langchain to see how we query documents and evaluate prompts.

Session and Memory

Data is persisted in-memory by the backend express session and by the browser's localStorage. This means data is not kept for very long but we assume users will play the game over a short length of time.

The backend express session stores most of the crucial data for the running of the game:

  • The chatModel currently in use.
  • The levelState which includes, for each level, the chatHistory, sentEmails configuration of the defences.

Frontend localStorage stores:

  • The currentLevel (see Levels and Game Flow).
  • The numCompletedLevels which determines which levels are unlocked for the user to play.
  • isNewUser which determines whether we should show the user the welcome screen.

View the blog

ScottLogic logo

Clone this wiki locally