Fimeg/letta-server
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
bce1749408e3ab45230ae7259bab0009d80d7479
letta-server/letta/helpers
History
Kian Jones bce1749408 fix: run PBKDF2 in thread pool to prevent event loop freeze (#6763) 
* fix: run PBKDF2 in thread pool to prevent event loop freeze

Problem: Event loop freezes for 100-500ms during secret decryption, blocking
all HTTP requests and async operations. The diagnostic monitor detected the
main thread stuck in PBKDF2 HMAC SHA256 computation at:
  apps/core/letta/helpers/crypto_utils.py:51 (_derive_key)
  apps/core/letta/schemas/secret.py:161 (get_plaintext)

Root cause: PBKDF2 with 100k iterations is intentionally CPU-intensive for
security, but running it synchronously on the main thread blocks the event loop.

Stack trace showed:
  Thread 1 (Main): PBKDF2HMAC -> SHA256_Final -> sha256_block_data_order_avx2
  Event loop watchdog: Detected freeze at 01:11:44 (request started 01:12:03)

Solution:
1. Run PBKDF2 in ThreadPoolExecutor to avoid blocking event loop
2. Add async versions of encrypt/decrypt methods
3. Add LRU cache for derived keys (deterministic results)
4. Add async get_plaintext_async() method to Secret class

Changes:
- apps/core/letta/helpers/crypto_utils.py:
  - Added ThreadPoolExecutor for crypto operations
  - Added @lru_cache(maxsize=256) to _derive_key_cached()
  - Added _derive_key_async() using loop.run_in_executor()
  - Added encrypt_async() and decrypt_async() methods
  - Added warnings to sync methods about blocking behavior

- apps/core/letta/schemas/secret.py:
  - Added get_plaintext_async() method
  - Added warnings to get_plaintext() about blocking behavior

Benefits:
- Event loop no longer freezes during secret decryption
- HTTP requests continue processing while crypto runs in background
- Derived keys are cached, reducing CPU usage for repeated operations
- Backward compatible - sync methods still work for non-async code

Performance impact:
- Before: 100-500ms event loop block per decryption
- After: 100-500ms in thread pool (non-blocking) + LRU cache hits ~0.1ms

Next steps (follow-up PRs):
- Migrate all async callsites to use get_plaintext_async()
- Add metrics to track sync vs async usage
- Consider reducing PBKDF2 iterations if security allows

* update

* test

---------

Co-authored-by: Letta Bot <jinjpeng@gmail.com>
2025-12-15 12:03:09 -08:00
..
__init__.py
merge this (#4759)
2025-09-17 15:47:40 -07:00
composio_helpers.py
chore: rm composio (#5151)
2025-10-07 17:50:49 -07:00
converters.py
feat: add compaction_settings to agents (#6625)
2025-12-15 12:02:34 -08:00
crypto_utils.py
fix: run PBKDF2 in thread pool to prevent event loop freeze (#6763)
2025-12-15 12:03:09 -08:00
datetime_helpers.py
merge this (#4759)
2025-09-17 15:47:40 -07:00
decorators.py
merge this (#4759)
2025-09-17 15:47:40 -07:00
json_helpers.py
merge this (#4759)
2025-09-17 15:47:40 -07:00
message_helper.py
feat: pass in user-agent to prevent 403 forbidden http error [LET-6305] (#6348)
2025-11-24 19:10:27 -08:00
pinecone_utils.py
feat: remove multiple pinecone client inits from startup (#6128)
2025-11-13 15:36:56 -08:00
reasoning_helper.py
merge this (#4759)
2025-09-17 15:47:40 -07:00
singleton.py
merge this (#4759)
2025-09-17 15:47:40 -07:00
tool_execution_helper.py
merge this (#4759)
2025-09-17 15:47:40 -07:00
tool_helpers.py
feat: modal tool execution - NO FEATURE FLAGS USES MODAL [LET-4357] (#5120)
2025-11-13 15:36:56 -08:00
tool_rule_solver.py
feat: Implement child tool rules args override [LET-4570] (#5060)
2025-10-07 17:50:48 -07:00
tpuf_client.py
chore: fallback to timestamp retrieval for message search [LET-6429] (#6510)
2025-12-15 12:02:33 -08:00