Governance and provenance layer for agent memory.
Project description
Procheiron
A governance and provenance layer for agent memory. Not a memory engine — the trust layer that sits on top of one.
Memory engines (supermemory, mempalace, agentmemory, a vector DB, or plain files) answer "what does my agent remember?" Procheiron answers a different question: "can a different agent trust this memory, and prove who wrote it, who reviewed it, and who authorized it?" It is built for the case a single-agent memory store ignores — multiple agents sharing one governed source of truth.
Status: v0.1 draft, pre-release. Conformance passes at fixture level (a second, fully fictional deployment validates against the same Core). Honest scope discipline: nothing here claims more than the conformance suite proves.
Why this exists
Give an agent keys and it will use them. Give several agents a shared memory and, without governance, any one of them can write a "fact" the others will trust — no record of who, no independent review, no way to supersede it cleanly. Procheiron makes the trustworthy path the easy one:
- Provenance-first lifecycle — every memory is
draft → candidate → validated → active → superseded. Anactive(trusted) record requires independent review by an actor that is not its author. - Authority, not vibes — who may promote, review, or authorize is policy, checked by a validator and a policy engine, not a prompt asking nicely.
- Provable, replayable — a conformance suite checks that a deployment obeys the spec; a fictional
reference deployment (
conformance/generic-vault/) proves the same Core governs a vault it has never seen.
What's in this repo
| Path | What it is |
|---|---|
spec/ |
The v0.1 specification: governance.md, memory-commons.md, control-plane.md, the normative conformance.md MUST-list, and the Core/Profile boundary.md. |
conformance/ |
run_conformance.py + fixtures. generic-vault/ is a complete fictional deployment ("Meridian Atelier"); minimal-vault/ is the 5-file minimal adopter. Run it to prove conformance. |
examples/minimal-adopter/ |
The smallest compliant deployment — a memory commons with provenance + independent review, no heavyweight governance ladder. |
init/ |
procheiron_init.py scaffolds a new deployment; PORTING_GUIDE.md is the step-by-step. |
Quick start
# Install (zero runtime dependencies — stdlib-only Python):
pipx install procheiron # or: pip install procheiron
# Scaffold a governed memory commons and validate it:
procheiron init ./my-commons
procheiron validate ./my-commons
From a source checkout (no install required):
# Prove the spec holds against the bundled fixtures:
python3 conformance/run_conformance.py
# Scaffold via the init script directly:
python3 init/procheiron_init.py --root ./my-commons
Design choices worth knowing
- Zero runtime dependencies. Every tool a live deployment runs is standard-library Python. (
jsonschema,opaetc. are used only for development/CI cross-checks, never required at runtime.) Adopt it without taking on a dependency tree. - Bring your own memory engine. Procheiron governs records and their lifecycle; it does not do embeddings or retrieval and never will (that is the engine's job). Point it at any store.
- Core vs Profile. The spec is portable Core. Deployment-specific bindings (identities, paths, a git
preservation executor, a full L0–L9 authority ladder) live in a profile — see
boundary.md.
Not in scope (by design)
No vector/retrieval engine. No recall benchmarks — that is the memory engine's axis, not ours. No claim of "production-replicable" until a second real deployment passes conformance (fixture-level proof is what exists today, and the README says exactly that).
Roadmap (next, post first-deployment feedback)
- Standalone MCP server —
memory.search/get/propose/promote+boot_context, the "any agent has the context on hand" integration. (A working version exists but is currently coupled to its origin deployment's layout; the port to a--root-relative standalone server is the top item.) PyPI /Shipped in v0.1 —pipxpackaging and a one-commandprocheiron init.pip install procheiron,procheiron init,procheiron validate.- A reference integration: Procheiron governing a third-party memory engine end to end.
License
MIT — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file procheiron-0.1.0.tar.gz.
File metadata
- Download URL: procheiron-0.1.0.tar.gz
- Upload date:
- Size: 176.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6f0b8e5e4a1dc1a264f3c9dfdc03ae198d26d2fe8521948967eee545b650affb
|
|
| MD5 |
a0522c63d12e8f65b2da4aa3a5a7fed0
|
|
| BLAKE2b-256 |
4d1a1cb9b25564e74f19d5a525667ab890c3fcf4ff14f5c056ca6dcbca0a2c5b
|
File details
Details for the file procheiron-0.1.0-py3-none-any.whl.
File metadata
- Download URL: procheiron-0.1.0-py3-none-any.whl
- Upload date:
- Size: 75.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2801f248348a4ee4ac4770e4822a263fc5d85547d92090cb28fd294e1fbc3435
|
|
| MD5 |
7beb86b8078fb57c8a0438a2bc6830a1
|
|
| BLAKE2b-256 |
ec82b08f9570135e4099a98b7959a22b32ed2191dac26a22be5407bcb9f49a3a
|
