Upload 3 files

app.py

@@ -0,0 +1,1035 @@
+"""
+DLP Paste-Proxy — "Pastebin with a conscience"
+================================================
+
+A sleek paste-to-share service. The author pastes PII-rich text and gets
+a shareable URL. Recipients at that URL see the OPF-redacted version by
+default; a separate "reveal" link guarded by an unguessable token shows
+the original.
+
+Why gr.Server?  We need three HTTP surfaces that don't map cleanly onto
+gr.Blocks event wiring:
+  * POST /api/paste              - accept paste, run OPF, mint IDs
+  * GET  /view/{id}              - public redacted view page
+  * GET  /view/{id}?token=...    - author's reveal page
+plus a programmable API endpoint (@server.api) for gradio-client SDK
+users and a background sweeper for auto-expiry.
+
+Storage is an in-process dict. That is fine for a public demo — the
+point is to illustrate the request-composition model; it is NOT a
+durable pastebin. Restarting the Space clears all pastes.
+"""
+
+from __future__ import annotations
+
+import html
+import json
+import os
+import secrets
+import threading
+import time
+from dataclasses import dataclass
+from typing import Optional
+
+import gradio as gr
+from fastapi import Request
+from fastapi.responses import HTMLResponse, JSONResponse
+
+# spaces is only available on Hugging Face Spaces; degrade gracefully
+# when running locally so `python app.py` still works off-GPU.
+try:
+    import spaces
+    _HAS_SPACES = True
+except ImportError:
+    _HAS_SPACES = False
+
+from opf import predict_text
+
+# ── configuration ─────────────────────────────────────────────────
+
+MAX_PASTE_CHARS = int(os.getenv("MAX_PASTE_CHARS", "50000"))
+SWEEP_INTERVAL_SEC = int(os.getenv("SWEEP_INTERVAL_SEC", "30"))
+
+TTL_CHOICES: dict[str, Optional[int]] = {
+    "never": None,
+    "1h":    60 * 60,
+    "24h":   60 * 60 * 24,
+    "7d":    60 * 60 * 24 * 7,
+}
+
+CATEGORIES_META = {
+    "private_person":  {"color": "#E24B4A", "label": "Person"},
+    "private_date":    {"color": "#1E7DD1", "label": "Date"},
+    "private_address": {"color": "#1D9E75", "label": "Address"},
+    "private_email":   {"color": "#0EA5A1", "label": "Email"},
+    "account_number":  {"color": "#BA7517", "label": "Account"},
+    "private_url":     {"color": "#D85A30", "label": "URL"},
+    "secret":          {"color": "#52525b", "label": "Secret"},
+    "private_phone":   {"color": "#639922", "label": "Phone"},
+}
+
+# ── paste store ───────────────────────────────────────────────────
+
+@dataclass
+class Paste:
+    id: str
+    reveal_token: str
+    original: str
+    redacted: str
+    spans: list[dict]
+    stats: dict
+    created_at: float
+    expires_at: Optional[float]
+    views: int = 0
+    reveals: int = 0
+
+
+PASTES: dict[str, Paste] = {}
+LOCK = threading.RLock()
+
+
+def _store_put(paste: Paste) -> None:
+    with LOCK:
+        PASTES[paste.id] = paste
+
+
+def _store_get(pid: str) -> Optional[Paste]:
+    with LOCK:
+        p = PASTES.get(pid)
+        if p is None:
+            return None
+        if p.expires_at is not None and p.expires_at <= time.time():
+            PASTES.pop(pid, None)
+            return None
+        return p
+
+
+def _sweep_loop() -> None:
+    while True:
+        time.sleep(SWEEP_INTERVAL_SEC)
+        now = time.time()
+        with LOCK:
+            expired = [pid for pid, p in PASTES.items()
+                       if p.expires_at is not None and p.expires_at <= now]
+            for pid in expired:
+                PASTES.pop(pid, None)
+
+
+threading.Thread(target=_sweep_loop, daemon=True, name="paste-sweeper").start()
+
+
+# ── redaction ─────────────────────────────────────────────────────
+
+def redact(text: str, spans: list[dict]) -> str:
+    """Replace each detected span with <CATEGORY> right-to-left.
+
+    Right-to-left preserves indices for earlier spans while we rewrite
+    later ones (the v6 model output is non-overlapping, but we still
+    sort defensively and drop any that would nest)."""
+    out = text
+    last_start: Optional[int] = None
+    for sp in sorted(spans, key=lambda s: s["start"], reverse=True):
+        s, e = sp["start"], sp["end"]
+        if last_start is not None and e > last_start:
+            continue  # overlaps a later (earlier-in-text) span; skip
+        placeholder = f"<{sp['label'].upper()}>"
+        out = out[:s] + placeholder + out[e:]
+        last_start = s
+    return out
+
+
+def compute_stats(text: str, spans: list[dict]) -> dict:
+    total = len(text)
+    pii_chars = sum(s["end"] - s["start"] for s in spans)
+    by_cat: dict[str, dict[str, int]] = {}
+    for s in spans:
+        c = s["label"]
+        by_cat.setdefault(c, {"count": 0, "chars": 0})
+        by_cat[c]["count"] += 1
+        by_cat[c]["chars"] += s["end"] - s["start"]
+    return {
+        "total_chars": total,
+        "pii_chars": pii_chars,
+        "pii_percentage": round(pii_chars / total * 100, 1) if total else 0.0,
+        "total_spans": len(spans),
+        "categories": by_cat,
+    }
+
+
+# ── OPF call (GPU-gated on HF Spaces) ─────────────────────────────
+
+if _HAS_SPACES:
+    @spaces.GPU
+    def analyze(text: str):
+        return predict_text(text)
+else:
+    def analyze(text: str):
+        return predict_text(text)
+
+
+# ── gr.Server wiring ──────────────────────────────────────────────
+
+server = gr.Server()
+
+
+@server.get("/", response_class=HTMLResponse)
+async def home():
+    return HTMLResponse(_COMPOSE_HTML)
+
+
+@server.post("/api/paste")
+async def create_paste(req: Request):
+    try:
+        body = await req.json()
+    except Exception:
+        return JSONResponse({"error": "Expected JSON body"}, status_code=400)
+
+    text = (body.get("text") or "").strip()
+    ttl_key = body.get("ttl", "never")
+    if not text:
+        return JSONResponse({"error": "Paste is empty"}, status_code=400)
+    if len(text) > MAX_PASTE_CHARS:
+        return JSONResponse(
+            {"error": f"Paste exceeds {MAX_PASTE_CHARS:,} characters"},
+            status_code=413,
+        )
+    if ttl_key not in TTL_CHOICES:
+        return JSONResponse({"error": f"Unknown ttl {ttl_key!r}"}, status_code=400)
+
+    try:
+        source_text, spans = analyze(text)
+    except Exception as exc:  # model failure is the only realistic path here
+        return JSONResponse({"error": f"OPF inference failed: {exc}"},
+                            status_code=500)
+
+    redacted = redact(source_text, spans)
+    stats = compute_stats(source_text, spans)
+
+    pid = secrets.token_urlsafe(6)
+    reveal_token = secrets.token_urlsafe(22)
+    ttl_sec = TTL_CHOICES[ttl_key]
+    now = time.time()
+    expires_at = (now + ttl_sec) if ttl_sec is not None else None
+
+    _store_put(Paste(
+        id=pid, reveal_token=reveal_token,
+        original=source_text, redacted=redacted,
+        spans=spans, stats=stats,
+        created_at=now, expires_at=expires_at,
+    ))
+
+    return JSONResponse({
+        "id": pid,
+        "reveal_token": reveal_token,
+        "view_path": f"/view/{pid}",
+        "reveal_path": f"/view/{pid}?token={reveal_token}",
+        "expires_at": expires_at,
+        "stats": stats,
+        "categories_meta": CATEGORIES_META,
+    })
+
+
+@server.get("/view/{pid}", response_class=HTMLResponse)
+async def view_paste(pid: str, token: Optional[str] = None):
+    p = _store_get(pid)
+    if p is None:
+        return HTMLResponse(_not_found_html(pid), status_code=404)
+
+    revealed = bool(token) and secrets.compare_digest(token, p.reveal_token)
+
+    with LOCK:
+        if revealed:
+            p.reveals += 1
+        else:
+            p.views += 1
+
+    return HTMLResponse(_render_view(p, revealed))
+
+
+@server.get("/api/paste/{pid}")
+async def api_get_paste(pid: str, token: Optional[str] = None):
+    p = _store_get(pid)
+    if p is None:
+        return JSONResponse({"error": "not found or expired"}, status_code=404)
+    revealed = bool(token) and secrets.compare_digest(token, p.reveal_token)
+    payload = {
+        "id": p.id,
+        "created_at": p.created_at,
+        "expires_at": p.expires_at,
+        "stats": p.stats,
+        "views": p.views,
+        "reveals": p.reveals,
+        "redacted": p.redacted,
+    }
+    if revealed:
+        payload["original"] = p.original
+        payload["spans"] = p.spans
+    return JSONResponse(payload)
+
+
+@server.api(name="analyze_paste")
+def analyze_paste_api(text: str, ttl: str = "never") -> str:
+    """Programmatic endpoint for gradio-client SDK.
+
+    Creates a paste and returns the paste id, reveal token, and stats as
+    a JSON string. Callers must combine the paths with the Space's base
+    URL to form shareable links."""
+    if ttl not in TTL_CHOICES:
+        return json.dumps({"error": f"Unknown ttl {ttl!r}"})
+    source_text, spans = analyze(text)
+    redacted = redact(source_text, spans)
+    stats = compute_stats(source_text, spans)
+    pid = secrets.token_urlsafe(6)
+    reveal_token = secrets.token_urlsafe(22)
+    ttl_sec = TTL_CHOICES[ttl]
+    now = time.time()
+    expires_at = (now + ttl_sec) if ttl_sec is not None else None
+    _store_put(Paste(
+        id=pid, reveal_token=reveal_token,
+        original=source_text, redacted=redacted,
+        spans=spans, stats=stats,
+        created_at=now, expires_at=expires_at,
+    ))
+    return json.dumps({
+        "id": pid,
+        "reveal_token": reveal_token,
+        "view_path": f"/view/{pid}",
+        "reveal_path": f"/view/{pid}?token={reveal_token}",
+        "expires_at": expires_at,
+        "stats": stats,
+    })
+
+
+# ── HTML rendering ───────────────────────────────────��────────────
+
+def _escape(text: str) -> str:
+    return html.escape(text, quote=False)
+
+
+def _highlight_html(text: str, spans: list[dict]) -> str:
+    """Return HTML for text with each span wrapped in a colored mark,
+    revealing the original content (used on the reveal page)."""
+    pieces: list[str] = []
+    cursor = 0
+    for sp in sorted(spans, key=lambda s: s["start"]):
+        s, e = sp["start"], sp["end"]
+        if s < cursor or e <= s:
+            continue
+        if s > cursor:
+            pieces.append(_escape(text[cursor:s]))
+        meta = CATEGORIES_META.get(sp["label"])
+        color = meta["color"] if meta else "#333"
+        label = meta["label"] if meta else sp["label"]
+        pieces.append(
+            f'<mark class="pp-hi" data-cat="{_escape(sp["label"])}" '
+            f'style="--cat:{color}" title="{_escape(label)}">'
+            f'{_escape(text[s:e])}'
+            f'<span class="pp-hi-tag">{_escape(label)}</span>'
+            f'</mark>'
+        )
+        cursor = e
+    if cursor < len(text):
+        pieces.append(_escape(text[cursor:]))
+    return "".join(pieces)
+
+
+def _redacted_html(redacted: str) -> str:
+    """Render the redacted version with <CATEGORY> placeholders as
+    colored pills so readers can see what kind of data was stripped."""
+    out: list[str] = []
+    i = 0
+    while i < len(redacted):
+        lt = redacted.find("<", i)
+        if lt == -1:
+            out.append(_escape(redacted[i:]))
+            break
+        out.append(_escape(redacted[i:lt]))
+        gt = redacted.find(">", lt + 1)
+        if gt == -1:
+            out.append(_escape(redacted[lt:]))
+            break
+        tag = redacted[lt + 1:gt]
+        cat_key = tag.lower()
+        meta = CATEGORIES_META.get(cat_key)
+        if meta is None:
+            out.append(_escape(redacted[lt:gt + 1]))
+        else:
+            out.append(
+                f'<span class="pp-red" data-cat="{_escape(cat_key)}" '
+                f'style="--cat:{meta["color"]}">'
+                f'<span class="pp-red-dot"></span>{_escape(meta["label"])}'
+                f'</span>'
+            )
+        i = gt + 1
+    return "".join(out)
+
+
+def _format_expiry(paste: Paste) -> str:
+    if paste.expires_at is None:
+        return "does not expire"
+    remaining = paste.expires_at - time.time()
+    if remaining <= 0:
+        return "expired"
+    if remaining < 3600:
+        return f"expires in {int(remaining // 60)} min"
+    if remaining < 86400:
+        return f"expires in {int(remaining // 3600)} h"
+    return f"expires in {int(remaining // 86400)} d"
+
+
+def _render_view(p: Paste, revealed: bool) -> str:
+    stats = p.stats
+    badges_html = "".join(
+        f'<span class="pp-badge" style="--cat:{CATEGORIES_META.get(cat, {"color": "#333"})["color"]}">'
+        f'<span class="pp-badge-dot"></span>'
+        f'{_escape(CATEGORIES_META.get(cat, {"label": cat})["label"])}'
+        f'<span class="pp-badge-n">{info["count"]}</span>'
+        f'</span>'
+        for cat, info in sorted(stats["categories"].items(),
+                                key=lambda kv: -kv[1]["count"])
+    ) or '<span class="pp-muted">No PII detected in this paste.</span>'
+
+    body_html = (
+        _highlight_html(p.original, p.spans) if revealed
+        else _redacted_html(p.redacted)
+    )
+
+    mode_banner = (
+        '<div class="pp-banner pp-banner-reveal">'
+        '<strong>Private reveal.</strong> This URL contains the reveal token — '
+        'treat it like a password. Anyone with it sees the original text.'
+        '</div>'
+        if revealed else
+        '<div class="pp-banner pp-banner-safe">'
+        '<strong>Redacted view.</strong> Sensitive spans were stripped before '
+        'this page was served. The original is only visible via the author\'s reveal link.'
+        '</div>'
+    )
+
+    view_mode_label = "Original (revealed)" if revealed else "Redacted"
+
+    replacements = {
+        "__PID__":        _escape(p.id),
+        "__MODE__":       _escape(view_mode_label),
+        "__EXPIRY__":     _escape(_format_expiry(p)),
+        "__CREATED__":    _escape(time.strftime(
+            "%Y-%m-%d %H:%M UTC", time.gmtime(p.created_at))),
+        "__VIEWS__":      str(p.views),
+        "__REVEALS__":    str(p.reveals),
+        "__PCT__":        str(stats["pii_percentage"]),
+        "__SPANS_N__":    str(stats["total_spans"]),
+        "__CHARS_N__":    f'{stats["total_chars"]:,}',
+        "__BADGES__":     badges_html,
+        "__BANNER__":     mode_banner,
+        "__BODY__":       body_html,
+        "__BODY_CLASS__": "pp-body-reveal" if revealed else "pp-body-redacted",
+    }
+    out = _VIEW_HTML
+    for k, v in replacements.items():
+        out = out.replace(k, v)
+    return out
+
+
+def _not_found_html(pid: str) -> str:
+    return _NOT_FOUND_HTML.replace("{{PID}}", _escape(pid))
+
+
+# ── compose page (paste editor) ───────────────────────────────────
+
+_CATEGORIES_JSON = json.dumps(CATEGORIES_META)
+
+_SHARED_CSS = r"""
+:root{
+  --bg:            #f7f7f8;
+  --panel:         #ffffff;
+  --panel-2:       #f1f1f3;
+  --ink:           #0a0a0a;
+  --ink-dim:       #3f3f46;
+  --ink-faint:     #70707a;
+  --line:          #e4e4e7;
+  --line-strong:   #d4d4d8;
+  --accent:        #0f8a5f;
+  --accent-ink:    #ffffff;
+  --warn:          #b45309;
+  --primary-bg:    #18181b;
+  --primary-fg:    #ffffff;
+  --radius-lg:     12px;
+  --radius-md:     8px;
+  --radius-sm:     5px;
+  --shadow-xs:     0 1px 1.5px rgba(10,10,10,.04);
+  --shadow-sm:     0 1px 3px rgba(10,10,10,.06), 0 1px 2px rgba(10,10,10,.04);
+  --shadow-md:     0 4px 14px rgba(10,10,10,.07), 0 1px 3px rgba(10,10,10,.04);
+  --font-sans:     'Inter', system-ui, -apple-system, 'Segoe UI', sans-serif;
+  --font-mono:     'JetBrains Mono', ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
+  --font-serif:    'Instrument Serif', 'Source Serif 4', Georgia, serif;
+}
+@media (prefers-color-scheme: dark){
+  :root{
+    --bg:          #0e0e11;
+    --panel:       #18181c;
+    --panel-2:     #1f1f24;
+    --ink:         #e8e8ea;
+    --ink-dim:     #a8a8ae;
+    --ink-faint:   #70707a;
+    --line:        rgba(255,255,255,0.08);
+    --line-strong: rgba(255,255,255,0.18);
+    --accent:      #2bb77e;
+    --accent-ink:  #0e0e11;
+    --warn:        #eab308;
+    --primary-bg:  #f0f0f2;
+    --primary-fg:  #0e0e11;
+    --shadow-xs:   none;
+    --shadow-sm:   none;
+    --shadow-md:   none;
+  }
+}
+*,*::before,*::after{box-sizing:border-box;margin:0;padding:0}
+html,body{height:100%}
+body{
+  font-family:var(--font-sans);
+  background:var(--bg);
+  color:var(--ink);
+  font-size:14px;line-height:1.55;
+  -webkit-font-smoothing:antialiased;
+  font-feature-settings:"cv11","ss01";
+}
+a{color:inherit;text-decoration:underline;text-decoration-color:var(--line-strong);text-underline-offset:3px}
+a:hover{text-decoration-color:var(--ink)}
+button{font:inherit;color:inherit;background:transparent;border:0;cursor:pointer}
+.pp-shell{max-width:1060px;margin:0 auto;padding:36px 20px 56px}
+.pp-brand{display:flex;align-items:center;gap:10px;margin-bottom:22px}
+.pp-brand-mark{
+  width:26px;height:26px;border-radius:7px;
+  background:var(--ink);color:var(--bg);
+  display:grid;place-items:center;
+  font-family:var(--font-mono);font-size:13px;font-weight:600;letter-spacing:-0.02em;
+}
+.pp-brand-name{font-size:13.5px;font-weight:500}
+.pp-brand-name .sub{color:var(--ink-faint);font-weight:400;margin-left:6px}
+.pp-caps{font-size:10.5px;font-weight:600;letter-spacing:0.09em;text-transform:uppercase;color:var(--ink-dim)}
+.pp-hero{margin-bottom:22px}
+.pp-hero h1{font-family:var(--font-serif);font-size:38px;line-height:1.08;letter-spacing:-0.015em;font-weight:500;margin-bottom:8px}
+.pp-hero p{color:var(--ink-dim);max-width:58ch;font-size:14px}
+.pp-banner{padding:10px 14px;border-radius:var(--radius-md);font-size:13px;line-height:1.5;border:0.5px solid var(--line-strong);margin-bottom:16px}
+.pp-banner strong{font-weight:600}
+.pp-banner-safe{background:color-mix(in srgb, var(--accent) 8%, transparent);border-color:color-mix(in srgb, var(--accent) 26%, var(--line-strong))}
+.pp-banner-reveal{background:color-mix(in srgb, var(--warn) 10%, transparent);border-color:color-mix(in srgb, var(--warn) 30%, var(--line-strong))}
+"""
+
+_COMPOSE_HTML = r"""<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width,initial-scale=1">
+<title>DLP Paste-Proxy — Pastebin with a conscience</title>
+<link rel="preconnect" href="https://fonts.googleapis.com">
+<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
+<style>
+""" + _SHARED_CSS + r"""
+
+.pp-card{
+  background:var(--panel);
+  border:0.5px solid var(--line);
+  border-radius:var(--radius-lg);
+  box-shadow:var(--shadow-md);
+  overflow:hidden;
+}
+.pp-card-head{
+  padding:14px 18px;
+  border-bottom:0.5px solid var(--line);
+  display:flex;align-items:center;gap:10px;flex-wrap:wrap;
+}
+.pp-card-head h2{font-size:13.5px;font-weight:500;letter-spacing:-0.005em}
+.pp-spacer{flex:1}
+.pp-grid{
+  display:grid;
+  grid-template-columns:minmax(0,1fr) 280px;
+  gap:0;
+}
+.pp-pane{padding:18px 20px 22px}
+.pp-pane + .pp-pane{border-left:0.5px solid var(--line);background:var(--panel-2)}
+.pp-textarea{
+  width:100%;min-height:320px;
+  font-family:var(--font-mono);font-size:13px;line-height:1.55;
+  color:var(--ink);background:transparent;
+  border:1px solid var(--line);border-radius:var(--radius-md);
+  padding:14px 14px;resize:vertical;
+  transition:border-color .15s,background .15s;
+}
+.pp-textarea::placeholder{color:var(--ink-faint)}
+.pp-textarea:focus{outline:none;border-color:var(--line-strong);background:color-mix(in srgb, var(--ink) 1.5%, transparent)}
+.pp-sub{color:var(--ink-faint);font-size:11.5px;font-family:var(--font-mono);margin-top:8px;display:flex;align-items:center;gap:10px;flex-wrap:wrap}
+.pp-sub .sep{opacity:.4}
+.pp-label{display:block;font-size:11px;font-weight:600;letter-spacing:0.07em;text-transform:uppercase;color:var(--ink-dim);margin:0 0 8px}
+.pp-ttl{display:flex;gap:4px;background:var(--panel);border:0.5px solid var(--line);padding:3px;border-radius:var(--radius-md)}
+.pp-ttl button{
+  flex:1;padding:7px 0;font-size:12px;font-weight:500;color:var(--ink-dim);
+  border-radius:5px;transition:background .12s,color .12s;
+}
+.pp-ttl button[aria-pressed="true"]{background:var(--ink);color:var(--bg)}
+.pp-ttl button:hover:not([aria-pressed="true"]){background:color-mix(in srgb, var(--ink) 4%, transparent);color:var(--ink)}
+.pp-hint{font-size:12px;color:var(--ink-faint);margin-top:8px;line-height:1.45}
+.pp-btn{
+  font-size:13px;font-weight:500;padding:10px 14px;
+  border:0.5px solid var(--line-strong);
+  border-radius:var(--radius-md);
+  background:var(--panel);color:var(--ink);
+  display:inline-flex;align-items:center;justify-content:center;gap:8px;
+  transition:background .12s,border-color .12s;
+}
+.pp-btn:hover:not(:disabled){background:color-mix(in srgb, var(--ink) 4%, var(--panel));border-color:var(--ink-dim)}
+.pp-btn:disabled{opacity:.55;cursor:not-allowed}
+.pp-btn-primary{background:var(--primary-bg);color:var(--primary-fg);border-color:var(--primary-bg);width:100%}
+.pp-btn-primary:hover:not(:disabled){background:color-mix(in srgb, var(--primary-bg) 88%, var(--ink));border-color:var(--primary-bg)}
+.pp-btn-arr{font-family:var(--font-mono);font-size:11px;opacity:.7}
+
+.pp-success{
+  display:none;margin-top:24px;padding:22px 22px 24px;
+  background:var(--panel);border:0.5px solid var(--line);border-radius:var(--radius-lg);box-shadow:var(--shadow-md);
+}
+.pp-success.on{display:block}
+.pp-success h3{font-family:var(--font-serif);font-size:22px;line-height:1.15;font-weight:500;margin-bottom:4px;letter-spacing:-0.01em}
+.pp-success .pp-caps{margin-bottom:14px;display:block}
+.pp-link{
+  display:flex;align-items:stretch;gap:0;margin:8px 0 14px;
+  border:0.5px solid var(--line);border-radius:var(--radius-md);overflow:hidden;background:var(--panel-2);
+}
+.pp-link input{
+  flex:1;border:0;background:transparent;padding:10px 12px;
+  font-family:var(--font-mono);font-size:12px;color:var(--ink);min-width:0;outline:none;
+}
+.pp-link button{
+  border-left:0.5px solid var(--line);background:var(--panel);
+  padding:0 14px;font-size:12px;font-weight:500;color:var(--ink-dim);
+  transition:background .12s,color .12s;
+}
+.pp-link button:hover{background:color-mix(in srgb, var(--ink) 4%, var(--panel));color:var(--ink)}
+.pp-link-label{display:flex;align-items:baseline;gap:8px;font-size:13px;font-weight:500;margin-top:14px}
+.pp-link-label .hint{font-weight:400;color:var(--ink-faint);font-size:12px}
+.pp-link-label:first-of-type{margin-top:0}
+.pp-link-label .priv{
+  font-family:var(--font-mono);font-size:10px;font-weight:600;letter-spacing:.06em;
+  padding:2px 7px;border-radius:4px;
+  background:color-mix(in srgb, var(--warn) 18%, transparent);
+  color:color-mix(in srgb, var(--warn) 70%, var(--ink));
+  text-transform:uppercase;
+}
+.pp-preview-row{display:grid;grid-template-columns:1fr 1fr;gap:12px;margin-top:16px}
+.pp-preview{background:var(--panel-2);border:0.5px solid var(--line);border-radius:var(--radius-md);padding:12px 14px 14px;font-family:var(--font-serif);font-size:14.5px;line-height:1.55;min-height:130px;max-height:260px;overflow:auto}
+.pp-preview .pp-caps{display:block;margin-bottom:8px;font-family:var(--font-sans);font-size:10px;color:var(--ink-faint)}
+.pp-err{display:none;margin-top:12px;padding:10px 12px;border-radius:var(--radius-md);background:color-mix(in srgb, #dc2626 9%, transparent);border:0.5px solid color-mix(in srgb, #dc2626 30%, var(--line-strong));color:#991b1b;font-size:13px}
+.pp-err.on{display:block}
+.pp-err code{font-family:var(--font-mono);font-size:12px}
+.pp-loading{display:none;align-items:center;gap:8px;color:var(--ink-dim);font-size:13px;margin-top:12px}
+.pp-loading.on{display:inline-flex}
+.pp-spin{width:12px;height:12px;border:1.5px solid color-mix(in srgb, var(--ink) 25%, transparent);border-top-color:var(--ink);border-radius:50%;animation:pp-spin 0.8s linear infinite}
+@keyframes pp-spin{to{transform:rotate(360deg)}}
+
+.pp-footer{
+  margin-top:28px;padding-top:22px;border-top:0.5px solid var(--line);
+  display:flex;justify-content:space-between;gap:16px;color:var(--ink-faint);font-size:12px;flex-wrap:wrap;
+}
+.pp-footer a{color:var(--ink-dim)}
+
+/* Pills & highlights used on view page (scoped so compose page can
+   reuse the preview rendering to show what the redacted version
+   looks like before the user commits) */
+.pp-red{
+  display:inline-flex;align-items:center;gap:4px;
+  font-family:var(--font-sans);font-size:12px;font-weight:500;
+  padding:1px 7px 1px 6px;margin:0 1px;border-radius:3px;
+  background:color-mix(in srgb, var(--cat, #666) 14%, transparent);
+  color:color-mix(in srgb, var(--cat, #666) 62%, var(--ink));
+  vertical-align:baseline;letter-spacing:-0.002em;
+  border:0.5px solid color-mix(in srgb, var(--cat, #666) 28%, transparent);
+}
+.pp-red-dot{width:5px;height:5px;border-radius:50%;background:var(--cat,#666);flex:none}
+
+@media (max-width:820px){
+  .pp-grid{grid-template-columns:1fr}
+  .pp-pane + .pp-pane{border-left:0;border-top:0.5px solid var(--line)}
+  .pp-preview-row{grid-template-columns:1fr}
+}
+</style>
+</head>
+<body>
+<div class="pp-shell">
+
+  <div class="pp-brand">
+    <div class="pp-brand-mark">P</div>
+    <div class="pp-brand-name">DLP Paste-Proxy<span class="sub">pastebin with a conscience</span></div>
+  </div>
+
+  <div class="pp-hero">
+    <h1>Paste sensitive text.<br>Share only the redacted view.</h1>
+    <p>OpenAI Privacy Filter scans your paste for names, addresses, emails, phones, URLs, dates, account numbers, and secrets before minting a shareable link. Viewers see placeholders; only your private reveal link shows the original.</p>
+  </div>
+
+  <div class="pp-card">
+    <div class="pp-card-head">
+      <span class="pp-caps">Compose</span>
+      <h2>New paste</h2>
+      <span class="pp-spacer"></span>
+      <span class="pp-sub" id="pp-char-count">0 / """ + f"{MAX_PASTE_CHARS:,}" + r""" chars</span>
+    </div>
+    <div class="pp-grid">
+      <div class="pp-pane">
+        <label class="pp-label" for="pp-text">Paste body</label>
+        <textarea id="pp-text" class="pp-textarea" spellcheck="false"
+          placeholder="Paste anything — a DM thread, a log line, an email, a support ticket. The OPF model labels each character span; placeholders replace the private parts before the URL is minted."></textarea>
+        <div class="pp-sub">
+          <span id="pp-cursor">line 1, col 1</span>
+          <span class="sep">·</span>
+          <span>no data leaves this server except as redacted placeholders</span>
+        </div>
+      </div>
+      <div class="pp-pane">
+        <label class="pp-label">Auto-expiry</label>
+        <div class="pp-ttl" id="pp-ttl" role="tablist" aria-label="Expiration">
+          <button type="button" data-ttl="never" aria-pressed="true">Never</button>
+          <button type="button" data-ttl="1h" aria-pressed="false">1h</button>
+          <button type="button" data-ttl="24h" aria-pressed="false">24h</button>
+          <button type="button" data-ttl="7d" aria-pressed="false">7d</button>
+        </div>
+        <p class="pp-hint">A background sweeper deletes expired pastes on the server. Expired links 404.</p>
+
+        <label class="pp-label" style="margin-top:20px">Create</label>
+        <button type="button" id="pp-create" class="pp-btn pp-btn-primary">
+          <span>Scan & mint link</span>
+          <span class="pp-btn-arr">↵</span>
+        </button>
+        <div class="pp-loading" id="pp-loading">
+          <span class="pp-spin"></span><span>Running OPF on your paste…</span>
+        </div>
+        <div class="pp-err" id="pp-err"></div>
+      </div>
+    </div>
+  </div>
+
+  <section class="pp-success" id="pp-success">
+    <span class="pp-caps">Paste minted</span>
+    <h3>Your paste is ready.</h3>
+
+    <div class="pp-link-label">
+      Shareable view link
+      <span class="hint">redacted — give to recipients</span>
+    </div>
+    <div class="pp-link">
+      <input id="pp-view-url" readonly value="">
+      <button type="button" data-copy="pp-view-url">Copy</button>
+    </div>
+
+    <div class="pp-link-label">
+      Private reveal link
+      <span class="priv">author only</span>
+      <span class="hint">shows original — keep it to yourself</span>
+    </div>
+    <div class="pp-link">
+      <input id="pp-reveal-url" readonly value="">
+      <button type="button" data-copy="pp-reveal-url">Copy</button>
+    </div>
+
+    <div class="pp-preview-row">
+      <div class="pp-preview">
+        <span class="pp-caps">What recipients will see</span>
+        <div id="pp-preview-redacted"></div>
+      </div>
+      <div class="pp-preview" style="font-family:var(--font-sans);font-size:12.5px;line-height:1.5">
+        <span class="pp-caps">Summary</span>
+        <div id="pp-preview-summary"></div>
+      </div>
+    </div>
+  </section>
+
+  <footer class="pp-footer">
+    <div>Powered by <a href="https://huggingface.co/charles-first-org/second-model" target="_blank" rel="noopener">OpenAI Privacy Filter</a> · 1.5B params, 50M active, 128k context</div>
+    <div><a href="#" id="pp-about">How this works →</a></div>
+  </footer>
+</div>
+
+<script>
+const CATS = """ + _CATEGORIES_JSON + r""";
+const MAX = """ + str(MAX_PASTE_CHARS) + r""";
+
+const $text = document.getElementById('pp-text');
+const $cc = document.getElementById('pp-char-count');
+const $cur = document.getElementById('pp-cursor');
+const $ttl = document.getElementById('pp-ttl');
+const $btn = document.getElementById('pp-create');
+const $load = document.getElementById('pp-loading');
+const $err = document.getElementById('pp-err');
+const $ok = document.getElementById('pp-success');
+
+function updateCount(){
+  const n = $text.value.length;
+  $cc.textContent = n.toLocaleString() + ' / ' + MAX.toLocaleString() + ' chars';
+  $cc.style.color = n > MAX ? '#b45309' : '';
+}
+function updateCursor(){
+  const pos = $text.selectionStart;
+  const lines = $text.value.slice(0, pos).split('\n');
+  $cur.textContent = 'line ' + lines.length + ', col ' + (lines[lines.length-1].length + 1);
+}
+$text.addEventListener('input', updateCount);
+['keyup','click','focus','mouseup'].forEach(e => $text.addEventListener(e, updateCursor));
+
+let ttl = 'never';
+$ttl.addEventListener('click', (e) => {
+  const b = e.target.closest('button'); if (!b) return;
+  [...$ttl.querySelectorAll('button')].forEach(x => x.setAttribute('aria-pressed', x === b ? 'true' : 'false'));
+  ttl = b.dataset.ttl;
+});
+
+function renderRedacted(redacted){
+  let html = '';
+  let i = 0;
+  while (i < redacted.length){
+    const lt = redacted.indexOf('<', i);
+    if (lt === -1){ html += escapeHtml(redacted.slice(i)); break; }
+    html += escapeHtml(redacted.slice(i, lt));
+    const gt = redacted.indexOf('>', lt + 1);
+    if (gt === -1){ html += escapeHtml(redacted.slice(lt)); break; }
+    const tag = redacted.slice(lt+1, gt);
+    const key = tag.toLowerCase();
+    const meta = CATS[key];
+    if (!meta){ html += escapeHtml(redacted.slice(lt, gt+1)); }
+    else {
+      html += '<span class="pp-red" data-cat="'+escapeHtml(key)+'" style="--cat:'+meta.color+'">'+
+              '<span class="pp-red-dot"></span>'+escapeHtml(meta.label)+'</span>';
+    }
+    i = gt + 1;
+  }
+  return html;
+}
+function escapeHtml(s){ return s.replace(/[&<>"']/g, c => ({'&':'&amp;','<':'&lt;','>':'&gt;','"':'&quot;',"'":'&#39;'}[c])); }
+
+async function createPaste(){
+  const text = $text.value.trim();
+  $err.classList.remove('on'); $err.textContent = '';
+  if (!text){ $err.classList.add('on'); $err.textContent = 'Paste is empty.'; return; }
+  if (text.length > MAX){ $err.classList.add('on'); $err.textContent = 'Paste exceeds ' + MAX.toLocaleString() + ' characters.'; return; }
+
+  $btn.disabled = true; $load.classList.add('on'); $ok.classList.remove('on');
+  try{
+    const r = await fetch('/api/paste', {
+      method: 'POST',
+      headers: {'Content-Type': 'application/json'},
+      body: JSON.stringify({text, ttl}),
+    });
+    const data = await r.json();
+    if (!r.ok) throw new Error(data.error || ('HTTP ' + r.status));
+
+    const origin = window.location.origin;
+    document.getElementById('pp-view-url').value   = origin + data.view_path;
+    document.getElementById('pp-reveal-url').value = origin + data.reveal_path;
+
+    // Fetch public redacted version to preview
+    const pv = await fetch('/api/paste/' + data.id).then(x => x.json());
+    document.getElementById('pp-preview-redacted').innerHTML = renderRedacted(pv.redacted);
+
+    const s = data.stats;
+    const cats = Object.entries(s.categories).sort((a,b) => b[1].count - a[1].count);
+    const catHtml = cats.length
+      ? cats.map(([k,v]) => {
+          const m = CATS[k] || {label:k, color:'#333'};
+          return '<span class="pp-red" style="--cat:'+m.color+';margin:2px 4px 2px 0"><span class="pp-red-dot"></span>'+escapeHtml(m.label)+' × '+v.count+'</span>';
+        }).join('')
+      : '<em style="color:var(--ink-faint)">No PII found in this paste.</em>';
+    document.getElementById('pp-preview-summary').innerHTML =
+      '<div style="display:flex;gap:18px;margin-bottom:10px;align-items:baseline"><div><div style="font-family:var(--font-serif);font-size:26px;letter-spacing:-0.02em;line-height:1">'+s.pii_percentage+'%</div><div class="pp-caps" style="margin-top:3px">PII density</div></div>'+
+      '<div><div style="font-family:var(--font-serif);font-size:26px;letter-spacing:-0.02em;line-height:1">'+s.total_spans+'</div><div class="pp-caps" style="margin-top:3px">spans</div></div>'+
+      '<div><div style="font-family:var(--font-serif);font-size:26px;letter-spacing:-0.02em;line-height:1">'+s.total_chars.toLocaleString()+'</div><div class="pp-caps" style="margin-top:3px">chars</div></div></div>'+
+      '<div>'+catHtml+'</div>';
+
+    $ok.classList.add('on');
+    $ok.scrollIntoView({behavior:'smooth', block:'start'});
+  } catch (e) {
+    $err.classList.add('on');
+    $err.textContent = e.message || 'Failed to create paste.';
+  } finally {
+    $btn.disabled = false; $load.classList.remove('on');
+  }
+}
+
+$btn.addEventListener('click', createPaste);
+$text.addEventListener('keydown', (e) => {
+  if ((e.metaKey || e.ctrlKey) && e.key === 'Enter'){ e.preventDefault(); createPaste(); }
+});
+
+document.addEventListener('click', (e) => {
+  const b = e.target.closest('[data-copy]'); if (!b) return;
+  const inp = document.getElementById(b.dataset.copy);
+  inp.select(); navigator.clipboard.writeText(inp.value);
+  const prev = b.textContent; b.textContent = 'Copied'; setTimeout(() => b.textContent = prev, 1200);
+});
+
+updateCount(); updateCursor();
+</script>
+</body>
+</html>
+"""
+
+# ── view page ──────────────────────────────────────────────────��──
+
+_VIEW_HTML = r"""<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width,initial-scale=1">
+<title>Paste __PID__ — DLP Paste-Proxy</title>
+<link rel="preconnect" href="https://fonts.googleapis.com">
+<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
+<style>
+""" + _SHARED_CSS + r"""
+
+.pp-view-head{
+  display:flex;align-items:center;gap:10px;flex-wrap:wrap;margin-bottom:18px;
+  padding:14px 16px;background:var(--panel);border:0.5px solid var(--line);
+  border-radius:var(--radius-lg);box-shadow:var(--shadow-sm);
+}
+.pp-view-id{font-family:var(--font-mono);font-size:12.5px;color:var(--ink-dim);padding:3px 8px;background:var(--panel-2);border:0.5px solid var(--line);border-radius:5px}
+.pp-view-mode{font-size:11px;font-weight:600;letter-spacing:0.06em;text-transform:uppercase;padding:3px 8px;border-radius:4px;background:color-mix(in srgb,var(--ink) 8%,transparent);color:var(--ink-dim)}
+.pp-view-expiry{font-family:var(--font-mono);font-size:11.5px;color:var(--ink-faint)}
+
+.pp-stat-row{display:flex;gap:26px;flex-wrap:wrap;margin-left:auto;margin-right:0}
+.pp-stat{text-align:right}
+.pp-stat b{font-family:var(--font-serif);font-weight:500;font-size:22px;letter-spacing:-0.01em;display:block;line-height:1}
+.pp-stat span{font-size:10.5px;letter-spacing:0.08em;text-transform:uppercase;color:var(--ink-faint);font-weight:500}
+
+.pp-view-body{
+  background:var(--panel);border:0.5px solid var(--line);border-radius:var(--radius-lg);
+  box-shadow:var(--shadow-md);padding:28px 32px 30px;
+}
+.pp-body-redacted, .pp-body-reveal{
+  font-family:var(--font-serif);font-size:17px;line-height:1.7;
+  color:var(--ink);
+  white-space:pre-wrap;word-wrap:break-word;
+}
+
+/* highlight (reveal mode) */
+.pp-hi{
+  background:color-mix(in srgb, var(--cat,#666) 18%, transparent);
+  color:var(--ink);
+  border-radius:3px;padding:1px 3px;margin:0 1px;
+  border:0.5px solid color-mix(in srgb, var(--cat,#666) 30%, transparent);
+  position:relative;
+}
+.pp-hi-tag{
+  font-family:var(--font-sans);font-size:9.5px;letter-spacing:0.07em;text-transform:uppercase;
+  font-weight:600;color:var(--cat,#666);margin-left:4px;opacity:.72;
+}
+
+.pp-badges{display:flex;gap:8px;flex-wrap:wrap;margin-bottom:18px;padding-bottom:16px;border-bottom:0.5px solid var(--line)}
+.pp-badge{
+  display:inline-flex;align-items:center;gap:6px;
+  font-size:12px;font-weight:500;padding:4px 9px 4px 8px;
+  border-radius:4px;background:color-mix(in srgb, var(--cat,#666) 10%, transparent);
+  border:0.5px solid color-mix(in srgb, var(--cat,#666) 22%, transparent);
+  color:var(--ink-dim);
+}
+.pp-badge-dot{width:6px;height:6px;border-radius:50%;background:var(--cat,#666)}
+.pp-badge-n{font-family:var(--font-mono);font-size:11px;color:var(--cat,#666);font-weight:600;margin-left:2px}
+.pp-muted{color:var(--ink-faint);font-size:13px}
+
+.pp-actions{display:flex;gap:10px;margin-top:16px;flex-wrap:wrap}
+.pp-btn{
+  font-size:12.5px;font-weight:500;padding:8px 14px;
+  border:0.5px solid var(--line-strong);border-radius:var(--radius-md);
+  background:var(--panel);color:var(--ink);display:inline-flex;align-items:center;gap:8px;
+  transition:background .12s,border-color .12s;
+}
+.pp-btn:hover{background:color-mix(in srgb, var(--ink) 4%, var(--panel));border-color:var(--ink-dim)}
+
+.pp-footer{margin-top:28px;padding-top:22px;border-top:0.5px solid var(--line);display:flex;justify-content:space-between;gap:16px;color:var(--ink-faint);font-size:12px;flex-wrap:wrap}
+</style>
+</head>
+<body>
+<div class="pp-shell">
+
+  <div class="pp-brand">
+    <a href="/" style="text-decoration:none;display:flex;align-items:center;gap:10px">
+      <div class="pp-brand-mark">P</div>
+      <div class="pp-brand-name">DLP Paste-Proxy<span class="sub">pastebin with a conscience</span></div>
+    </a>
+  </div>
+
+  <div class="pp-view-head">
+    <span class="pp-caps">Paste</span>
+    <span class="pp-view-id">__PID__</span>
+    <span class="pp-view-mode">__MODE__</span>
+    <span class="pp-view-expiry">__CREATED__ · __EXPIRY__</span>
+
+    <div class="pp-stat-row">
+      <div class="pp-stat"><b>__PCT__%</b><span>PII density</span></div>
+      <div class="pp-stat"><b>__SPANS_N__</b><span>spans</span></div>
+      <div class="pp-stat"><b>__CHARS_N__</b><span>chars</span></div>
+    </div>
+  </div>
+
+  __BANNER__
+
+  <div class="pp-view-body">
+    <div class="pp-badges">__BADGES__</div>
+    <div class="__BODY_CLASS__">__BODY__</div>
+
+    <div class="pp-actions">
+      <button type="button" class="pp-btn" onclick="navigator.clipboard.writeText(window.location.href); this.textContent='Copied this link'">Copy this link</button>
+      <a class="pp-btn" href="/">Create your own paste →</a>
+    </div>
+  </div>
+
+  <footer class="pp-footer">
+    <div>Recipients see placeholders. The author's reveal link shows the original inline.</div>
+    <div>Views: __VIEWS__ · Reveals: __REVEALS__</div>
+  </footer>
+</div>
+</body>
+</html>
+"""
+
+_NOT_FOUND_HTML = r"""<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width,initial-scale=1">
+<title>Paste not found — DLP Paste-Proxy</title>
+<link rel="preconnect" href="https://fonts.googleapis.com">
+<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
+<style>
+""" + _SHARED_CSS + r"""
+.pp-404{
+  background:var(--panel);border:0.5px solid var(--line);border-radius:var(--radius-lg);
+  box-shadow:var(--shadow-md);padding:56px 40px;text-align:center;
+}
+.pp-404 h1{font-family:var(--font-serif);font-size:48px;font-weight:500;letter-spacing:-0.02em;line-height:1;margin-bottom:10px}
+.pp-404 p{color:var(--ink-dim);margin-bottom:22px;max-width:44ch;margin-left:auto;margin-right:auto}
+.pp-404 code{font-family:var(--font-mono);font-size:12.5px;background:var(--panel-2);padding:2px 8px;border-radius:4px}
+.pp-btn{font-size:13px;font-weight:500;padding:10px 16px;border:0.5px solid var(--line-strong);border-radius:var(--radius-md);background:var(--primary-bg);color:var(--primary-fg);display:inline-flex;align-items:center;gap:8px}
+</style>
+</head>
+<body>
+<div class="pp-shell">
+  <div class="pp-brand">
+    <a href="/" style="text-decoration:none;display:flex;align-items:center;gap:10px">
+      <div class="pp-brand-mark">P</div>
+      <div class="pp-brand-name">DLP Paste-Proxy<span class="sub">pastebin with a conscience</span></div>
+    </a>
+  </div>
+  <div class="pp-404">
+    <h1>Paste not found</h1>
+    <p><code>{{PID}}</code> either never existed, expired by its TTL, or was evicted by a server restart. Pastes live in process memory for the demo.</p>
+    <a class="pp-btn" href="/">Create a new paste →</a>
+  </div>
+</div>
+</body>
+</html>
+"""
+
+
+# ── launch ────────────────────────────────────────────────────────
+
+if __name__ == "__main__":
+    server.launch(server_name="0.0.0.0", server_port=7860)

opf.py

@@ -0,0 +1,557 @@
+"""
+OpenAI Privacy Filter — inference module for DLP Paste-Proxy.
+
+This is a focused subset of the reference implementation used in
+app_v6.py: architecture (Transformer + Viterbi decoder), span decoding,
+and a single public entrypoint `predict_text(text) -> (source_text, spans)`.
+
+The numerics and the config contract are deliberately identical to v6 so
+any future model-level tweaks made upstream can be ported in directly.
+"""
+
+from __future__ import annotations
+
+import dataclasses
+import functools
+import json
+import math
+import os
+from bisect import bisect_left, bisect_right
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Final
+
+import tiktoken
+import torch
+import torch.nn.functional as F
+from huggingface_hub import snapshot_download
+from safetensors import safe_open
+
+MODEL_REPO = os.getenv("MODEL_ID", "charles-first-org/second-model")
+HF_TOKEN = os.getenv("HF_TOKEN", None)
+MODEL_DIR = Path(snapshot_download(MODEL_REPO, token=HF_TOKEN))
+
+PRIVACY_FILTER_MODEL_TYPE: Final[str] = "privacy_filter"
+REQUIRED_MODEL_CONFIG_KEYS: Final[tuple[str, ...]] = (
+    "model_type", "encoding", "num_hidden_layers", "num_experts",
+    "experts_per_token", "vocab_size", "num_labels", "hidden_size",
+    "intermediate_size", "head_dim", "num_attention_heads",
+    "num_key_value_heads", "sliding_window", "bidirectional_context",
+    "bidirectional_left_context", "bidirectional_right_context",
+    "default_n_ctx", "initial_context_length", "rope_theta",
+    "rope_scaling_factor", "rope_ntk_alpha", "rope_ntk_beta", "param_dtype",
+)
+BACKGROUND_CLASS_LABEL: Final[str] = "O"
+BOUNDARY_PREFIXES: Final[tuple[str, ...]] = ("B", "I", "E", "S")
+SPAN_CLASS_NAMES: Final[tuple[str, ...]] = (
+    BACKGROUND_CLASS_LABEL,
+    "account_number", "private_address", "private_date", "private_email",
+    "private_person", "private_phone", "private_url", "secret",
+)
+NER_CLASS_NAMES: Final[tuple[str, ...]] = (BACKGROUND_CLASS_LABEL,) + tuple(
+    f"{prefix}-{base}"
+    for base in SPAN_CLASS_NAMES if base != BACKGROUND_CLASS_LABEL
+    for prefix in BOUNDARY_PREFIXES
+)
+VITERBI_TRANSITION_BIAS_KEYS: Final[tuple[str, ...]] = (
+    "transition_bias_background_stay", "transition_bias_background_to_start",
+    "transition_bias_inside_to_continue", "transition_bias_inside_to_end",
+    "transition_bias_end_to_background", "transition_bias_end_to_start",
+)
+DEFAULT_VITERBI_CALIBRATION_PRESET: Final[str] = "default"
+
+
+def validate_model_config_contract(cfg: dict, *, context: str) -> None:
+    missing = [k for k in REQUIRED_MODEL_CONFIG_KEYS if k not in cfg]
+    if missing:
+        raise ValueError(f"{context} missing keys: {', '.join(missing)}")
+    if cfg.get("model_type") != PRIVACY_FILTER_MODEL_TYPE:
+        raise ValueError(f"{context} model_type must be {PRIVACY_FILTER_MODEL_TYPE!r}")
+    if cfg.get("bidirectional_context") is not True:
+        raise ValueError(f"{context} must use bidirectional_context=true")
+    lc, rc = cfg.get("bidirectional_left_context"), cfg.get("bidirectional_right_context")
+    if not isinstance(lc, int) or not isinstance(rc, int) or lc != rc or lc < 0:
+        raise ValueError(f"{context} bidirectional context must be equal non-negative ints")
+    sw = cfg.get("sliding_window")
+    if sw != 2 * lc + 1:
+        raise ValueError(f"{context} sliding_window must equal 2*context+1")
+    if cfg["num_labels"] != 33:
+        raise ValueError(f"{context} num_labels must be 33")
+    if cfg["param_dtype"] != "bfloat16":
+        raise ValueError(f"{context} param_dtype must be bfloat16")
+
+
+def expert_linear(x: torch.Tensor, weight: torch.Tensor, bias: torch.Tensor | None) -> torch.Tensor:
+    n, e, k = x.shape
+    _, _, _, o = weight.shape
+    out = torch.bmm(x.reshape(n * e, 1, k), weight.reshape(n * e, k, o)).reshape(n, e, o)
+    return out + bias if bias is not None else out
+
+
+@dataclass
+class ModelConfig:
+    num_hidden_layers: int; num_experts: int; experts_per_token: int
+    vocab_size: int; num_labels: int; hidden_size: int; intermediate_size: int
+    head_dim: int; num_attention_heads: int; num_key_value_heads: int
+    bidirectional_context_size: int; initial_context_length: int
+    rope_theta: float; rope_scaling_factor: float; rope_ntk_alpha: float; rope_ntk_beta: float
+
+    @classmethod
+    def from_checkpoint_config(cls, cfg: dict, *, context: str) -> "ModelConfig":
+        cfg = dict(cfg)
+        cfg["bidirectional_context_size"] = cfg["bidirectional_left_context"]
+        fields = {f.name for f in dataclasses.fields(cls)}
+        return cls(**{k: v for k, v in cfg.items() if k in fields})
+
+
+class RMSNorm(torch.nn.Module):
+    def __init__(self, n: int, eps: float = 1e-5, device=None):
+        super().__init__()
+        self.eps = eps
+        self.scale = torch.nn.Parameter(torch.ones(n, device=device, dtype=torch.float32))
+
+    def forward(self, x):
+        t = x.float()
+        return (t * torch.rsqrt(t.pow(2).mean(-1, keepdim=True) + self.eps) * self.scale).to(x.dtype)
+
+
+def apply_rope(x, cos, sin):
+    cos = cos.unsqueeze(-2).to(x.dtype); sin = sin.unsqueeze(-2).to(x.dtype)
+    x1, x2 = x[..., ::2], x[..., 1::2]
+    return torch.stack((x1 * cos - x2 * sin, x2 * cos + x1 * sin), dim=-1).reshape(x.shape)
+
+
+class RotaryEmbedding(torch.nn.Module):
+    def __init__(self, head_dim, base, dtype, *, initial_context_length=4096,
+                 scaling_factor=1.0, ntk_alpha=1.0, ntk_beta=32.0, device=None):
+        super().__init__()
+        self.head_dim, self.base, self.dtype = head_dim, base, dtype
+        self.initial_context_length = initial_context_length
+        self.scaling_factor, self.ntk_alpha, self.ntk_beta = scaling_factor, ntk_alpha, ntk_beta
+        self.device = device
+        mp = max(int(initial_context_length * scaling_factor), initial_context_length)
+        self.max_position_embeddings = mp
+        cos, sin = self._compute(mp, device=torch.device("cpu"))
+        target = device or torch.device("cpu")
+        self.register_buffer("cos_cache", cos.to(target), persistent=False)
+        self.register_buffer("sin_cache", sin.to(target), persistent=False)
+
+    def _inv_freq(self, device=None):
+        device = device or self.device
+        freq = self.base ** (torch.arange(0, self.head_dim, 2, dtype=torch.float, device=device) / self.head_dim)
+        if self.scaling_factor > 1.0:
+            d_half = self.head_dim / 2
+            low = d_half * math.log(self.initial_context_length / (self.ntk_beta * 2 * math.pi)) / math.log(self.base)
+            high = d_half * math.log(self.initial_context_length / (self.ntk_alpha * 2 * math.pi)) / math.log(self.base)
+            interp = 1.0 / (self.scaling_factor * freq)
+            extrap = 1.0 / freq
+            ramp = (torch.arange(d_half, dtype=torch.float32, device=device) - low) / (high - low)
+            mask = 1 - ramp.clamp(0, 1)
+            return interp * (1 - mask) + extrap * mask
+        return 1.0 / freq
+
+    def _compute(self, n, device=None):
+        inv_freq = self._inv_freq(device)
+        t = torch.arange(n, dtype=torch.float32, device=device or self.device)
+        freqs = torch.einsum("i,j->ij", t, inv_freq)
+        c = 0.1 * math.log(self.scaling_factor) + 1.0 if self.scaling_factor > 1.0 else 1.0
+        return (freqs.cos() * c).to(self.dtype), (freqs.sin() * c).to(self.dtype)
+
+    def forward(self, q, k):
+        n = q.shape[0]
+        if n > self.cos_cache.shape[0]:
+            cos, sin = self._compute(n, torch.device("cpu"))
+            self.cos_cache, self.sin_cache = cos.to(q.device), sin.to(q.device)
+        cc = self.cos_cache.to(q.device) if self.cos_cache.device != q.device else self.cos_cache
+        sc = self.sin_cache.to(q.device) if self.sin_cache.device != q.device else self.sin_cache
+        cos, sin = cc[:n], sc[:n]
+        q = apply_rope(q.view(n, -1, self.head_dim), cos, sin).reshape(q.shape)
+        k = apply_rope(k.view(n, -1, self.head_dim), cos, sin).reshape(k.shape)
+        return q, k
+
+
+def sdpa(Q, K, V, S, sm_scale, ctx):
+    n, nh, qm, hd = Q.shape
+    w = 2 * ctx + 1
+    Kp = F.pad(K, (0, 0, 0, 0, ctx, ctx)); Vp = F.pad(V, (0, 0, 0, 0, ctx, ctx))
+    Kw = Kp.unfold(0, w, 1).permute(0, 3, 1, 2); Vw = Vp.unfold(0, w, 1).permute(0, 3, 1, 2)
+    idx = torch.arange(w, device=Q.device) - ctx
+    pos = torch.arange(n, device=Q.device)[:, None] + idx[None, :]
+    valid = (pos >= 0) & (pos < n)
+    scores = torch.einsum("nhqd,nwhd->nhqw", Q, Kw).float() * sm_scale
+    scores = scores.masked_fill(~valid[:, None, None, :], -float("inf"))
+    sink = (S * math.log(2.0)).reshape(nh, qm)[None, :, :, None].expand(n, -1, -1, 1)
+    scores = torch.cat([scores, sink], dim=-1)
+    wt = torch.softmax(scores, dim=-1)[..., :-1].to(V.dtype)
+    return torch.einsum("nhqw,nwhd->nhqd", wt, Vw).reshape(n, -1)
+
+
+class AttentionBlock(torch.nn.Module):
+    def __init__(self, cfg: ModelConfig, device=None):
+        super().__init__()
+        dt = torch.bfloat16
+        self.head_dim, self.nah, self.nkv = cfg.head_dim, cfg.num_attention_heads, cfg.num_key_value_heads
+        self.ctx = int(cfg.bidirectional_context_size)
+        self.sinks = torch.nn.Parameter(torch.empty(cfg.num_attention_heads, device=device, dtype=torch.float32))
+        self.norm = RMSNorm(cfg.hidden_size, device=device)
+        qkv_d = cfg.head_dim * (cfg.num_attention_heads + 2 * cfg.num_key_value_heads)
+        self.qkv = torch.nn.Linear(cfg.hidden_size, qkv_d, device=device, dtype=dt)
+        self.out = torch.nn.Linear(cfg.head_dim * cfg.num_attention_heads, cfg.hidden_size, device=device, dtype=dt)
+        self.qk_scale = 1 / math.sqrt(math.sqrt(cfg.head_dim))
+        self.rope = RotaryEmbedding(cfg.head_dim, int(cfg.rope_theta), torch.float32,
+                                     initial_context_length=cfg.initial_context_length,
+                                     scaling_factor=cfg.rope_scaling_factor,
+                                     ntk_alpha=cfg.rope_ntk_alpha, ntk_beta=cfg.rope_ntk_beta, device=device)
+
+    def forward(self, x):
+        t = self.norm(x).to(self.qkv.weight.dtype)
+        qkv = F.linear(t, self.qkv.weight, self.qkv.bias)
+        hd, nah, nkv = self.head_dim, self.nah, self.nkv
+        q = qkv[:, :nah * hd].contiguous()
+        k = qkv[:, nah * hd:(nah + nkv) * hd].contiguous()
+        v = qkv[:, (nah + nkv) * hd:(nah + 2 * nkv) * hd].contiguous()
+        q, k = self.rope(q, k)
+        q, k = q * self.qk_scale, k * self.qk_scale
+        n = q.shape[0]
+        q = q.view(n, nkv, nah // nkv, hd); k = k.view(n, nkv, hd); v = v.view(n, nkv, hd)
+        ao = sdpa(q, k, v, self.sinks, 1.0, self.ctx).to(self.out.weight.dtype)
+        return x + F.linear(ao, self.out.weight, self.out.bias).to(x.dtype)
+
+
+def swiglu(x, alpha=1.702, limit=7.0):
+    g, l = x.chunk(2, dim=-1)
+    g, l = g.clamp(max=limit), l.clamp(-limit, limit)
+    return g * torch.sigmoid(alpha * g) * (l + 1)
+
+
+class MLPBlock(torch.nn.Module):
+    def __init__(self, cfg: ModelConfig, device=None):
+        super().__init__()
+        dt = torch.bfloat16
+        self.ne, self.ept = cfg.num_experts, cfg.experts_per_token
+        self.norm = RMSNorm(cfg.hidden_size, device=device)
+        self.gate = torch.nn.Linear(cfg.hidden_size, cfg.num_experts, device=device, dtype=dt)
+        self.mlp1_weight = torch.nn.Parameter(torch.empty(cfg.num_experts, cfg.hidden_size, cfg.intermediate_size * 2, device=device, dtype=dt))
+        self.mlp1_bias = torch.nn.Parameter(torch.empty(cfg.num_experts, cfg.intermediate_size * 2, device=device, dtype=dt))
+        self.mlp2_weight = torch.nn.Parameter(torch.empty(cfg.num_experts, cfg.intermediate_size, cfg.hidden_size, device=device, dtype=dt))
+        self.mlp2_bias = torch.nn.Parameter(torch.empty(cfg.num_experts, cfg.hidden_size, device=device, dtype=dt))
+
+    def forward(self, x):
+        t = self.norm(x)
+        gs = F.linear(t.float(), self.gate.weight.float(), self.gate.bias.float())
+        top = torch.topk(gs, k=self.ept, dim=-1, sorted=True)
+        ew = torch.softmax(top.values, dim=-1) / self.ept
+        ei = top.indices
+        ept = self.ept
+
+        def _chunk(tc, eic, ewc):
+            o = expert_linear(tc.float().unsqueeze(1).expand(-1, eic.shape[1], -1),
+                              self.mlp1_weight[eic].float(), self.mlp1_bias[eic].float())
+            o = swiglu(o)
+            o = expert_linear(o.float(), self.mlp2_weight[eic].float(), self.mlp2_bias[eic].float())
+            return (torch.einsum("bec,be->bc", o.to(ewc.dtype), ewc) * ept).to(x.dtype)
+
+        cs = 32
+        if t.shape[0] > cs:
+            parts = [_chunk(t[s:s+cs], ei[s:s+cs], ew[s:s+cs]) for s in range(0, t.shape[0], cs)]
+            return x + torch.cat(parts, 0)
+        return x + _chunk(t, ei, ew)
+
+
+class TransformerBlock(torch.nn.Module):
+    def __init__(self, cfg, device=None):
+        super().__init__()
+        self.attn = AttentionBlock(cfg, device=device)
+        self.mlp = MLPBlock(cfg, device=device)
+    def forward(self, x):
+        return self.mlp(self.attn(x))
+
+
+class Checkpoint:
+    @staticmethod
+    def build_param_name_map(n):
+        return ({f"block.{i}.mlp.mlp1_bias": f"block.{i}.mlp.swiglu.bias" for i in range(n)}
+              | {f"block.{i}.mlp.mlp1_weight": f"block.{i}.mlp.swiglu.weight" for i in range(n)}
+              | {f"block.{i}.mlp.mlp2_bias": f"block.{i}.mlp.out.bias" for i in range(n)}
+              | {f"block.{i}.mlp.mlp2_weight": f"block.{i}.mlp.out.weight" for i in range(n)})
+
+    def __init__(self, path, device, num_hidden_layers):
+        self.pnm = self.build_param_name_map(num_hidden_layers)
+        self.ds = device.type if device.index is None else f"{device.type}:{device.index}"
+        files = [os.path.join(path, f) for f in os.listdir(path) if f.endswith(".safetensors")]
+        self.map = {}
+        for sf in files:
+            with safe_open(sf, framework="pt", device=self.ds) as h:
+                for k in h.keys():
+                    self.map[k] = sf
+
+    def get(self, name):
+        mapped = self.pnm.get(name, name)
+        with safe_open(self.map[mapped], framework="pt", device=self.ds) as h:
+            return h.get_tensor(mapped)
+
+
+class Transformer(torch.nn.Module):
+    def __init__(self, cfg, device):
+        super().__init__()
+        dt = torch.bfloat16
+        self.embedding = torch.nn.Embedding(cfg.vocab_size, cfg.hidden_size, device=device, dtype=dt)
+        self.block = torch.nn.ModuleList([TransformerBlock(cfg, device=device) for _ in range(cfg.num_hidden_layers)])
+        self.norm = RMSNorm(cfg.hidden_size, device=device)
+        self.unembedding = torch.nn.Linear(cfg.hidden_size, cfg.num_labels, bias=False, device=device, dtype=dt)
+
+    def forward(self, token_ids):
+        x = self.embedding(token_ids)
+        for blk in self.block:
+            x = blk(x)
+        return F.linear(self.norm(x), self.unembedding.weight, None)
+
+    @classmethod
+    def from_checkpoint(cls, checkpoint_dir, *, device):
+        torch.backends.cuda.matmul.allow_tf32 = False
+        torch.backends.cudnn.allow_tf32 = False
+        torch.set_float32_matmul_precision("highest")
+        cp = json.loads((Path(checkpoint_dir) / "config.json").read_text())
+        validate_model_config_contract(cp, context=str(checkpoint_dir))
+        cfg = ModelConfig.from_checkpoint_config(cp, context=str(checkpoint_dir))
+        ckpt = Checkpoint(checkpoint_dir, device, cfg.num_hidden_layers)
+        m = cls(cfg, device); m.eval()
+        for name, param in m.named_parameters():
+            loaded = ckpt.get(name)
+            if param.shape != loaded.shape:
+                raise ValueError(f"Shape mismatch {name}: {param.shape} vs {loaded.shape}")
+            param.data.copy_(loaded)
+        return m
+
+
+@dataclass(frozen=True)
+class LabelInfo:
+    boundary_label_lookup: dict[str, dict[str, int]]
+    token_to_span_label: dict[int, int]
+    token_boundary_tags: dict[int, str | None]
+    span_class_names: tuple[str, ...]
+    span_label_lookup: dict[str, int]
+    background_token_label: int
+    background_span_label: int
+
+
+def labels_to_spans(labels_by_index, label_info):
+    spans, cur_label, start_idx, prev_idx = [], None, None, None
+    bg = label_info.background_span_label
+    for ti in sorted(labels_by_index):
+        lid = labels_by_index[ti]
+        sl = label_info.token_to_span_label.get(lid)
+        bt = label_info.token_boundary_tags.get(lid)
+        if prev_idx is not None and ti != prev_idx + 1:
+            if cur_label is not None and start_idx is not None:
+                spans.append((cur_label, start_idx, prev_idx + 1))
+            cur_label = start_idx = None
+        if sl is None:
+            prev_idx = ti; continue
+        if sl == bg:
+            if cur_label is not None and start_idx is not None:
+                spans.append((cur_label, start_idx, ti))
+            cur_label = start_idx = None; prev_idx = ti; continue
+        if bt == "S":
+            if cur_label is not None and start_idx is not None and prev_idx is not None:
+                spans.append((cur_label, start_idx, prev_idx + 1))
+            spans.append((sl, ti, ti + 1)); cur_label = start_idx = None
+        elif bt == "B":
+            if cur_label is not None and start_idx is not None and prev_idx is not None:
+                spans.append((cur_label, start_idx, prev_idx + 1))
+            cur_label, start_idx = sl, ti
+        elif bt == "I":
+            if cur_label is None or cur_label != sl:
+                if cur_label is not None and start_idx is not None and prev_idx is not None:
+                    spans.append((cur_label, start_idx, prev_idx + 1))
+                cur_label, start_idx = sl, ti
+        elif bt == "E":
+            if cur_label is None or cur_label != sl or start_idx is None:
+                if cur_label is not None and start_idx is not None and prev_idx is not None:
+                    spans.append((cur_label, start_idx, prev_idx + 1))
+                spans.append((sl, ti, ti + 1)); cur_label = start_idx = None
+            else:
+                spans.append((cur_label, start_idx, ti + 1)); cur_label = start_idx = None
+        else:
+            if cur_label is not None and start_idx is not None and prev_idx is not None:
+                spans.append((cur_label, start_idx, prev_idx + 1))
+            cur_label = start_idx = None
+        prev_idx = ti
+    if cur_label is not None and start_idx is not None and prev_idx is not None:
+        spans.append((cur_label, start_idx, prev_idx + 1))
+    return spans
+
+
+def token_spans_to_char_spans(spans, cs, ce):
+    out = []
+    for li, ts, te in spans:
+        if not (0 <= ts < te <= len(cs)):
+            continue
+        s, e = cs[ts], ce[te - 1]
+        if e > s:
+            out.append((li, s, e))
+    return out
+
+
+def trim_char_spans_whitespace(spans, text):
+    out = []
+    for li, s, e in spans:
+        if not (0 <= s < e <= len(text)):
+            continue
+        while s < e and text[s].isspace(): s += 1
+        while e > s and text[e - 1].isspace(): e -= 1
+        if e > s:
+            out.append((li, s, e))
+    return out
+
+
+@functools.lru_cache(maxsize=1)
+def get_viterbi_transition_biases():
+    cp = MODEL_DIR / "viterbi_calibration.json"
+    default = {k: 0.0 for k in VITERBI_TRANSITION_BIAS_KEYS}
+    if not cp.is_file():
+        return default
+    payload = json.loads(cp.read_text())
+    raw = payload
+    ops = payload.get("operating_points")
+    if isinstance(ops, dict):
+        preset = ops.get(DEFAULT_VITERBI_CALIBRATION_PRESET)
+        if isinstance(preset, dict):
+            raw = preset.get("biases", raw)
+    if not isinstance(raw, dict):
+        return default
+    return {k: float(raw.get(k, 0.0)) for k in VITERBI_TRANSITION_BIAS_KEYS}
+
+
+class Decoder:
+    def __init__(self, label_info):
+        nc = len(label_info.token_to_span_label)
+        self._start = torch.full((nc,), -1e9, dtype=torch.float32)
+        self._end = torch.full((nc,), -1e9, dtype=torch.float32)
+        self._trans = torch.full((nc, nc), -1e9, dtype=torch.float32)
+        biases = get_viterbi_transition_biases()
+        bg_tok, bg_sp = label_info.background_token_label, label_info.background_span_label
+        ttsl, tbt = label_info.token_to_span_label, label_info.token_boundary_tags
+        for i in range(nc):
+            tag, sl = tbt.get(i), ttsl.get(i)
+            if tag in {"B", "S"} or i == bg_tok: self._start[i] = 0.0
+            if tag in {"E", "S"} or i == bg_tok: self._end[i] = 0.0
+            for j in range(nc):
+                nt, ns = tbt.get(j), ttsl.get(j)
+                if self._valid(tag, sl, nt, ns, bg_tok, bg_sp, j):
+                    self._trans[i, j] = self._bias(tag, sl, nt, ns, bg_sp, biases)
+
+    @staticmethod
+    def _valid(pt, ps, nt, ns, bti, bsi, ni):
+        nb = ns == bsi or ni == bti
+        if (ns is None or nt is None) and not nb: return False
+        if pt is None or ps is None: return nb or nt in {"B", "S"}
+        if ps == bsi or pt in {"E", "S"}: return nb or nt in {"B", "S"}
+        if pt in {"B", "I"}: return ps == ns and nt in {"I", "E"}
+        return False
+
+    @staticmethod
+    def _bias(pt, ps, nt, ns, bsi, b):
+        nb, pb = ns == bsi, ps == bsi
+        if pb: return b["transition_bias_background_stay"] if nb else b["transition_bias_background_to_start"]
+        if pt in {"B", "I"}: return b["transition_bias_inside_to_continue"] if nt == "I" else b["transition_bias_inside_to_end"]
+        return b["transition_bias_end_to_background"] if nb else b["transition_bias_end_to_start"]
+
+    def decode(self, lp):
+        sl, nc = lp.shape
+        if sl == 0: return []
+        st = self._start.to(lp.device, lp.dtype)
+        en = self._end.to(lp.device, lp.dtype)
+        tr = self._trans.to(lp.device, lp.dtype)
+        scores = lp[0] + st
+        bp = torch.empty((sl - 1, nc), device=lp.device, dtype=torch.int64)
+        for i in range(1, sl):
+            t = scores.unsqueeze(1) + tr
+            bs, bi = t.max(dim=0)
+            scores = bs + lp[i]; bp[i - 1] = bi
+        if not torch.isfinite(scores).any(): return lp.argmax(dim=1).tolist()
+        scores = scores + en
+        path = torch.empty(sl, device=lp.device, dtype=torch.int64)
+        path[-1] = scores.argmax()
+        for i in range(sl - 2, -1, -1): path[i] = bp[i, path[i + 1]]
+        return path.tolist()
+
+
+@dataclass(frozen=True)
+class InferenceRuntime:
+    model: Transformer; encoding: tiktoken.Encoding; label_info: LabelInfo
+    device: torch.device; n_ctx: int
+
+
+@functools.lru_cache(maxsize=1)
+def get_runtime():
+    cp = MODEL_DIR
+    cfg = json.loads((cp / "config.json").read_text())
+    validate_model_config_contract(cfg, context=str(cp))
+    device = torch.device("cuda" if torch.cuda.is_available() else "cpu")
+    encoding = tiktoken.get_encoding(str(cfg["encoding"]).strip())
+    scn = [BACKGROUND_CLASS_LABEL]; sll = {BACKGROUND_CLASS_LABEL: 0}
+    bll, ttsl, tbt = {}, {}, {}
+    bg_idx = None
+    for idx, name in enumerate(NER_CLASS_NAMES):
+        if name == BACKGROUND_CLASS_LABEL:
+            bg_idx = idx; ttsl[idx] = 0; tbt[idx] = None; continue
+        bnd, base = name.split("-", 1)
+        si = sll.get(base)
+        if si is None:
+            si = len(scn); scn.append(base); sll[base] = si
+        ttsl[idx] = si; tbt[idx] = bnd
+        bll.setdefault(base, {})[bnd] = idx
+    li = LabelInfo(bll, ttsl, tbt, tuple(scn), sll, bg_idx, 0)
+    m = Transformer.from_checkpoint(str(cp), device=device)
+    return InferenceRuntime(m, encoding, li, device, int(cfg["default_n_ctx"]))
+
+
+@functools.lru_cache(maxsize=1)
+def get_decoder():
+    return Decoder(label_info=get_runtime().label_info)
+
+
+@torch.inference_mode()
+def _predict_with_runtime(runtime, text, decoder):
+    tids = tuple(int(t) for t in runtime.encoding.encode(text, allowed_special="all"))
+    if not tids: return text, []
+    chunks = []
+    for s in range(0, len(tids), runtime.n_ctx):
+        e = min(s + runtime.n_ctx, len(tids))
+        wt = torch.tensor(tids[s:e], device=runtime.device, dtype=torch.int32)
+        lp = F.log_softmax(runtime.model(wt).float(), dim=-1)
+        chunks.append(lp)
+    stacked = chunks[0] if len(chunks) == 1 else torch.cat(chunks, dim=0)
+    dl = decoder.decode(stacked)
+    if len(dl) != len(tids): dl = stacked.argmax(dim=1).tolist()
+    pli = {i: int(l) for i, l in enumerate(dl)}
+    pts = labels_to_spans(pli, runtime.label_info)
+    tb = [runtime.encoding.decode_single_token_bytes(t) for t in tids]
+    dt = b"".join(tb).decode("utf-8", errors="replace")
+    cbs, cbe = [], []
+    bc = 0
+    for ch in dt: cbs.append(bc); bc += len(ch.encode("utf-8")); cbe.append(bc)
+    cs, ce = [], []
+    tbc = 0
+    for rb in tb:
+        tbs = tbc; tbe = tbs + len(rb); tbc = tbe
+        cs.append(bisect_right(cbe, tbs)); ce.append(bisect_left(cbs, tbe))
+    pcs = token_spans_to_char_spans(pts, cs, ce)
+    pcs = trim_char_spans_whitespace(pcs, dt if dt != text else text)
+    src = dt if dt != text else text
+    detected = []
+    for li, s, e in pcs:
+        if 0 <= li < len(runtime.label_info.span_class_names):
+            lbl = runtime.label_info.span_class_names[li]
+        else:
+            lbl = f"label_{li}"
+        detected.append({"label": lbl, "start": s, "end": e, "text": src[s:e]})
+    return src, detected
+
+
+def predict_text(text: str) -> tuple[str, list[dict]]:
+    """Returns (source_text, spans). source_text may differ from input
+    only if the tokenizer's decode path normalizes invalid UTF-8; spans
+    are character offsets into source_text."""
+    return _predict_with_runtime(get_runtime(), text, get_decoder())

requirements.txt

@@ -0,0 +1,9 @@
+tiktoken
+sentencepiece
+torch
+safetensors
+huggingface_hub
+gradio[mcp]>=5.29.0
+accelerate
+spaces
+python-multipart