memledger 2.0.1

Memory governance and trust layer for AI agents — provenance, attribution, confidence gating

memledger

Memory governance and trust layer for multi-agent AI systems.

memledger adds attribution, provenance, confidence gating, and quality measurement on top of any vector-backed memory store. Every memory carries a source, a confidence score, a derivation chain, and an audit trail — so when agents share memory, trust transfers become legible instead of invisible.

✅ v2.0.0 — AWS-native release. Stable API; subsequent releases follow SemVer.

Why memledger

Existing memory frameworks (Mem0, Zep, Letta, AgentCore Memory) optimize for recall quality — how accurately the system retrieves relevant memory. None of them address accountability: who wrote this memory, how confident were they, what did they derive it from, and how has it been used since.

In a single-agent system, the accountability gap is academic. In a multi-agent system where agents read and act on each other's beliefs, it is the fault line where systems fail at scale.

What v2.0.0 ships

• Attribution — every memory carries created_by, confidence, session_id, derived_from, supersedes, workflow_id, triggered_by, hedged, namespace
• Weakest-link provenance chain — derivation chains tracked across agent boundaries; effective confidence for retrieval is min(declared, chain.min_confidence) — a high-conf claim built on a low-conf ancestor cannot outscore its weakest link
• Confidence-gated retrieval — PASS / FLAG / FILTER policy applied at search time, against effective confidence
• Namespace RBAC — declarative per-agent access control over hierarchical namespaces; add() and search() both gate on it
• 3-tier evaluation suite — deterministic Memory Attribution Integrity (record-quality view) + RAGAS LLM-as-judge (provider-agnostic via LiteLLM; verified end-to-end on Bedrock Sonnet) + structural evaluator (OTEL-span based, no LLM)
• AWS-native backends — Aurora PostgreSQL with IAM auth, OpenSearch with SigV4 + faiss + hybrid RRF, Bedrock for embeddings (Titan v2) and the LLM strategy layer (Sonnet)
• OpenTelemetry observability — every operation emits an OTLP span with memledger.* trust attributes; tier-1 set to OpenInference span kinds so Arize Phoenix categorizes them out of the box
• Outcome feedback loop — record_outcome() updates memory confidence based on observed downstream outcomes
• MCP server — framework-agnostic adoption via Model Context Protocol

Full architecture, concepts, and API reference at memledger.com/docs.

Install

The OSS-default install needs no cloud credentials:

pip install 'memledger[oss]'

The AWS-native install:

pip install 'memledger[aws]'                # Aurora pgvector + Bedrock
pip install 'memledger[aws,opensearch]'     # add OpenSearch backend

Other extras (combine as needed):

Extra	Use
[oss]	Local ONNX embeddings + Postgres + pgvector — no cloud keys
[aws]	Aurora pgvector + Bedrock embeddings + Bedrock judge
[opensearch]	Amazon OpenSearch backend (SigV4 + faiss + hybrid RRF)
[eval]	RAGAS LLM-as-judge (Tier 2 of the eval suite)
[telemetry]	Phoenix-OTEL helper on top of the core OTEL stack
[mcp]	MCP server for framework-agnostic adoption

Backend contract: the only required backend is open-source PostgreSQL ≥ 14 with the pgvector extension ≥ 0.5. Aurora, RDS, Supabase, Neon — same backend, only the DSN changes.

Quick start (60 seconds)

# 1. Postgres + pgvector locally
docker run -d -p 5432:5432 -e POSTGRES_PASSWORD=postgres pgvector/pgvector:pg16

# 2. Install
pip install 'memledger[oss]'

# 3. Write + search one memory
import asyncio
from memledger import Memledger

async def main():
    ml = await Memledger.create(
        backend_name="pgvector",
        connection_string="postgresql://postgres:postgres@localhost:5432/postgres",
    )
    await ml.add(
        content="HikariCP maxPoolSize=50 fixes payment-service OOM",
        namespace="/ops/incidents/payment-svc",
        confidence=0.9,
        created_by="ops-agent",
    )
    results = await ml.search(
        query="connection pool fix",
        namespace="/ops/incidents/payment-svc",
    )
    for r in results.records:
        print(r.confidence, r.created_by, "::", r.content)
    await ml.close()

asyncio.run(main())

For multi-agent walkthroughs (weakest-link gate, contamination interception, eval pipeline), see memledger.com/docs/concepts/provenance-chain.

CLI

memledger init                                  # write a starter memledger.yaml
memledger add "fact" --namespace /n --agent-id a --confidence 0.8
memledger search "query" --namespace /n --confidence-min 0.6
memledger get <memory-id> --chain
memledger eval <session-id>
memledger status

memledger --help for the full surface.

Roadmap

Version	What
v2.0 (this release)	AWS-native trust layer; 3-tier eval suite; weakest-link confidence; namespace RBAC; MCP
v2.1 (Jun 15)	DynamoDB backend with composition; LangGraph + OpenAI Agents SDK adapters; memledger lint CLI
v2.2 (Jun 30)	Mem0 + Letta backend adapters; DeepEval + Phoenix Evals adapters
v3.0 (Jul 15)	Eval feedback flywheel — outcomes drive automated memory promote/demote

License & support

Apache 2.0. License file ships in the PyPI sdist. For enterprise inquiries, repository access requests, or security disclosures, visit memledger.com.