Architecture Overview
Architecture Overview
The AI Red vs Blue Arena is built on a modular architecture with clear separation of concerns.
System Components
┌─────────────────────────────────────────────────────────────┐│ Frontend (Next.js) ││ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ││ │ Dashboard│ │ Agents │ │ Matches │ │ Settings │ ││ └────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘ │└───────┼─────────────┼─────────────┼─────────────┼──────────┘ │ │ │ │ └─────────────┴─────────────┴─────────────┘ │ HTTP/WS ┌────────────────┴────────────────┐ │ Backend (Express.js) │ │ ┌──────────────────────────┐ │ │ │ API Routes │ │ │ │ - Agents │ │ │ │ - Matches │ │ │ │ - Events │ │ │ │ - Config │ │ │ └──────────┬───────────────┘ │ │ │ │ │ ┌──────────▼───────────────┐ │ │ │ Match Runner │ │ │ │ - Orchestrates rounds │ │ │ │ - Manages state │ │ │ └──────────┬───────────────┘ │ │ │ │ │ ┌──────────▼───────────────┐ │ │ │ Agent Executor │ │ │ │ - LLM provider management│ │ │ │ - Response generation │ │ │ └──────────┬───────────────┘ │ │ │ │ │ ┌──────────▼───────────────┐ │ │ │ Cline Integration │ │ │ │ - Tool execution │ │ │ │ - Sandboxing │ │ │ └──────────┬───────────────┘ │ │ │ │ │ ┌──────────▼───────────────┐ │ │ │ WebSocket Server │ │ │ │ - Real-time updates │ │ │ └──────────────────────────┘ │ └────────────┬────────────────────┘ │ ┌────────────▼────────────┐ │ Database (lowdb) │ │ - Agents │ │ - Matches │ │ - Events │ │ - Rounds │ └─────────────────────────┘Data Flow
Match Execution Flow
- User creates match via Frontend/API
- Match Runner loads agents from database
- For each round:
- Red Agent generates attack via Agent Executor
- Target Agent processes attack
- Blue Agent generates defense
- Scoring system evaluates round
- Events stored in database
- WebSocket broadcasts updates
- Match completes with final scores
Tool Execution Flow
- Agent generates response with tool calls
- Cline checks permissions
- Tools executed in sandbox
- Results returned to agent
- Agent response enhanced with tool results
- Execution logged for audit
Component Responsibilities
Frontend
- User interface and visualization
- Real-time event display
- Agent and match management
- Settings configuration
Backend API
- RESTful API endpoints
- Request validation
- Business logic orchestration
- Database operations
Match Runner
- Round orchestration
- Agent coordination
- State management
- Event generation
Agent Executor
- LLM provider management
- Response generation
- Model fallback handling
- API key management
Cline Integration
- Tool execution
- Permission checking
- Sandboxing
- Audit logging
Database
- Data persistence
- Query operations
- Schema management
WebSocket Server
- Real-time event broadcasting
- Client subscription management
- Match updates
Integration Points
Kestra
- Workflow orchestration
- Scheduled matches
- Batch processing
- Dataset generation
Oumi
- Training dataset export
- Fine-tuning job submission
- Model improvement pipeline
LLM Providers
- Groq (primary)
- OpenAI
- Anthropic
- Mock (fallback)
Security Architecture
- Sandboxed execution for all tool calls
- Permission-based access control
- Input validation at all layers
- Audit logging for all operations
- CORS protection for API
- Rate limiting via model fallback
Scalability Considerations
- Stateless API design
- File-based database (can be migrated to SQL)
- WebSocket for real-time updates
- Modular architecture for easy extension
Next Steps
- System Design - Detailed design decisions
- Data Flow - Complete data flow diagrams