Skip to main content

Sapere — governed memory for AI agents. The product layer (door-1 REST + MCP) over the prodedify-memory engine, deployable standalone or mounted by a host (ADR-015).

Project description

sapere-server

Sapere — governed memory for AI agents, standalone. The door-1 REST surface (propose → govern → ground → replay), the MCP surface, and a tamper-evident audit chain over the prodedify-memory engine — one container, one Postgres, native hashed API keys. No IdP, no vendor cloud callback (ADR-015).

Quickstart (≈10 minutes, Docker Compose)

cd deploy/
docker compose up -d --build          # pgvector Postgres + the server; engine schema migrates to head

# 1. Mint a workspace API key — the secret prints ONCE and is never stored
docker compose exec server sapere-server keys mint \
  --workspace 11111111-1111-1111-1111-111111111111 --name my-first-key
export SAPERE_KEY=sk_sapere_...        # from the mint output

# 2. Propose a fact — it lands PROPOSED (fail-closed; humans promote)
curl -X POST localhost:8010/api/v1/sapere/v1/facts \
  -H "Authorization: Bearer $SAPERE_KEY" -H 'Content-Type: application/json' \
  -d '{"summary":"We only quote on properties with certified wiring","detail":"Underwriting guideline v3 §2.1"}'

# 3. See the review queue
curl -H "Authorization: Bearer $SAPERE_KEY" localhost:8010/api/v1/sapere/v1/pending

# 4. Ground — an audited, hash-chained snapshot of what counts right now
curl -X POST localhost:8010/api/v1/sapere/v1/ground \
  -H "Authorization: Bearer $SAPERE_KEY" -H 'Content-Type: application/json' \
  -d '{"query":"wiring"}'
# → note audit.audit_id in the response

# 5. Replay it — the demo moment: VERIFIED means the served set reproduces
curl -X POST localhost:8010/api/v1/sapere/v1/audit/<audit_id>/replay \
  -H "Authorization: Bearer $SAPERE_KEY"

deploy/quickstart_litmus.sh runs this whole lifecycle end-to-end (and tears the stack down).

MCP (door 2). With SAPERE_MCP_ENABLED=true (the compose default) the MCP endpoint at /api/v1/sapere/mcp accepts the same sk_sapere_… keys — tools: ground, retrieve, propose, replay, pending. There is deliberately no promote tool: agents propose, humans decide. Have an IdP? Point SAPERE_MCP_JWKS_URL at its JWKS to also accept your JWTs.

Production posture

  • BYO Postgres 16+ with pgvector + pg_trgm (the bundled DB is the eval/dev default). Set SAPERE_SERVER_DATABASE_URL; run sapere-server migrate as a gated step (SAPERE_SERVER_MIGRATE_ON_START=false).
  • Connect as a NOBYPASSRLS role so the engine's FORCE-RLS tenancy is a real control, not decoration.
  • Recall embedder (optional): SAPERE_OPENAI_API_KEY enables semantic recall; without it retrieval degrades gracefully to lexical + entity + recency. SAPERE_REQUIRE_EMBEDDER=true makes a missing key a loud 503 at the write boundary instead of silent under-recall.
  • Document ingest returns 501 on this worker-less core; the ingest worker profile ships separately.
  • No rate limiting is built in yet — put the server behind your gateway's limiter for now.

Keys

sapere-server keys mint --workspace <uuid> [--name N] [--expires-days D]
sapere-server keys list --workspace <uuid>
sapere-server keys revoke --workspace <uuid> --key-id <id>

Keys are stored as SHA-256 hashes (256-bit secrets, shown once); revocation and expiry are set-columns — a key's lifecycle stays auditable, never deleted. A key's writes are stamped with its own source identity and land PROPOSED unless that exact identity has been explicitly trusted in write_policy.

Embedding in your own app

pip install sapere-server and mount the same router your way: implement the SapereHost seams (sapere_server.hosting) — sessions/tenancy, key context, workspace anchors, ontology registry — and include_router the surface. The hosted Prodedify backend consumes this exact package through those seams, with parity tests pinning that both deployments serve the same product.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sapere_server-0.1.1.tar.gz (124.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sapere_server-0.1.1-py3-none-any.whl (156.0 kB view details)

Uploaded Python 3

File details

Details for the file sapere_server-0.1.1.tar.gz.

File metadata

  • Download URL: sapere_server-0.1.1.tar.gz
  • Upload date:
  • Size: 124.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.13

File hashes

Hashes for sapere_server-0.1.1.tar.gz
Algorithm Hash digest
SHA256 e60db3a726d21518d25947e7a4d147cc43e564bed780ff40b65a2d5d644442d6
MD5 2bf42a85ad0cc24959d5f59c8a5adf14
BLAKE2b-256 9627be0c357fa3573083f2404347e052faf24f260541ed6a3b9b83d9fcd569ac

See more details on using hashes here.

File details

Details for the file sapere_server-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: sapere_server-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 156.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.13

File hashes

Hashes for sapere_server-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 2bdfa1de99cfce87d74205bf389cadcf3ae34899288b67d4dfa055b603e443bd
MD5 f981ac7bfec0a8ba2498a16fdd64314b
BLAKE2b-256 90dce592b665162637a86e4ed992e4b621132b7905ee3fc3a9d3f3c6c43312a7

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page