vektor-slipstream 1.4.4 → 2.0.0

package/LICENSE

@@ -1,33 +0,0 @@
-VEKTOR SLIPSTREAM — COMMERCIAL LICENCE
-
-Copyright (c) 2026 VEKTOR Memory (vektormemory.com)
-
-This software is licensed, not sold. Purchase of a Vektor Slipstream licence
-grants you a non-exclusive, non-transferable right to use this software in
-accordance with the following terms:
-
-PERMITTED:
-- Use in personal, commercial, and client projects
-- Embed in products you sell or SaaS platforms
-- Deploy on up to 3 machines per licence key
-- Modify for your own use (modifications are not redistributable)
-
-NOT PERMITTED:
-- Redistribute, resell, or sublicense this software
-- Remove or modify licence enforcement mechanisms
-- Share your licence key with others
-- Use in projects that compete directly with VEKTOR Memory
-
-LICENCE ENFORCEMENT:
-This software requires a valid licence key from vektormemory.com.
-Licence keys are validated via Polar (polar.sh) and cached locally.
-Each key activates on up to 3 machines.
-
-SOVEREIGNTY GUARANTEE:
-Core SDK functionality remains a one-time purchase permanently.
-No mandatory subscription will ever be required for the memory core,
-AUDN loop, REM cycle, or integration adapters included in this package.
-
-Purchase: https://vektormemory.com/product#pricing
-Support:  hello@vektormemory.com
-Docs:     https://vektormemory.com/docs

package/TENETS.md

@@ -1,189 +0,0 @@
-# The 8 Sovereign Laws of Vektor Slipstream
-
-Vektor Slipstream is built on a two-tier trust framework.
-
-**Tier 1 — Architectural Laws** are enforced by the code itself.
-You can verify every one of them by inspecting the source.
-
-**Tier 2 — Design Commitments** are the principles that shaped every
-engineering decision. They are auditable in how the system behaves,
-not enforced at runtime (except Law VIII, which is opt-in).
-
----
-
-## Tier 1 — Architectural Laws
-*Enforced by the code. Verifiable by inspection.*
-
-### Law I — Locality
-**Data never leaves your machine.**
-
-All memory operations read and write to a local SQLite file.
-No outbound network calls are made for memory storage, retrieval,
-or embedding. LLM inference uses the provider you configure under
-your own API key.
-
-**Verify it:**
-```bash
-grep -r "fetch\|axios\|http\|https" src/slipstream-core.js | grep -v "provider"
-# Returns nothing — no outbound memory calls exist
-```
-
-**In the code:** `createMemory({ dbPath })` — the only write path
-is the SQLite adapter. There is no cloud sync path in the codebase.
-
----
-
-### Law II — Epistemological Hygiene
-**Every write passes through AUDN curation. No exceptions.**
-
-Every call to `memory.remember()` routes through the AUDN loop
-before writing. The system decides: ADD new info, UPDATE an existing
-node, DELETE a contradiction, or NO_OP if already known.
-Duplicates and drift are structurally impossible.
-
-**Verify it:**
-```bash
-grep -n "remember" src/slipstream-core.js
-# Every path leads through audn() before any db.run()
-```
-
-**In the code:** `memory.remember(text)` → `audn(text)` → `ADD | UPDATE | DELETE | NO_OP` → SQLite write
-
----
-
-### Law III — Continual Synthesis
-**The REM cycle compresses. It never injects.**
-
-The 7-phase REM cycle only removes or consolidates existing memories.
-It never adds new information from external sources. Compression is
-one-way: fragments collapse into insights. The graph grows wiser,
-not larger.
-
-**Verify it:**
-```bash
-grep -n "INSERT\|remember" src/rem.js
-# All INSERTs are rewrites of existing nodes — no external data source
-```
-
-**In the code:** `memory.dream()` — reads the fragment pool, writes
-consolidated insights, tombstones the originals. No external fetch.
-
----
-
-### Law IV — Object Permanence
-**Memory survives all session resets.**
-
-The SQLite graph persists across process restarts, provider changes,
-and agent redeployments. The `.db` file is the complete state.
-Backup is a file copy. Migration is a file move.
-
-**Verify it:**
-```bash
-ls -lh ./your-agent.db
-# Kill the process. Restart. Memory is intact.
-```
-
-**In the code:** `createMemory({ dbPath: './agent.db' })` —
-no in-memory-only state path exists. SQLite is the only store.
-
----
-
-## Tier 2 — Design Commitments
-*Principles that shaped every engineering decision.
-Auditable in how the system behaves, not enforced at runtime.*
-
----
-
-### Law V — Signal Purity
-**Retrieval returns relevance, not recency.**
-
-Recall is ranked by combined importance score and cosine similarity —
-not insertion order or timestamp. A memory from six months ago
-surfaces if it is more relevant than one from yesterday.
-
-**Auditable in:** `memory.recall()` ranking logic —
-`ORDER BY (importance_score * cos_similarity) DESC`,
-never `ORDER BY created_at DESC`.
-
----
-
-### Law VI — Separation of Concerns
-**Memory and identity are separate systems.**
-
-The MAGMA graph holds what the agent knows.
-The Cloak vault holds who the agent is.
-These are separate storage systems with separate access paths.
-Compromising one does not compromise the other.
-
-**Auditable in:** `slipstream-memory.db` ≠ `vault.enc` —
-different files, different encryption keys, different access methods.
-
----
-
-### Law VII — Harm Avoidance
-**No code path knowingly facilitates harm.**
-
-No feature in Vektor Slipstream is designed to enable surveillance,
-manipulation, or harm. This is a design commitment, not runtime
-enforcement. Operators are accountable for what their agents do
-with persistent memory.
-
-**Auditable in:** codebase review — no profiling, tracking, or
-behavioural manipulation primitives exist in the SDK.
-
----
-
-### Law VIII — Injection Resistance *(opt-in enforcement)*
-**Prompt injection surface is minimised by design.
-Full enforcement is available on request.**
-
-AUDN prompt inputs are delimited before LLM evaluation.
-Recalled memories are clearly bounded in context to prevent
-bleed into system instructions.
-
-Full injection-shield screening is available as an opt-in flag
-for operators who require it. It adds approximately 80ms per write.
-
-```js
-const memory = await createMemory({
-  agentId: 'my-agent',
-  licenceKey: process.env.VEKTOR_KEY,
-  dbPath: './agent.db',
-  sovereign: true  // enables Law VIII enforcement
-});
-```
-
-**Auditable in:** `sovereign.js` — input screening wrapper,
-loaded only when `sovereign: true` is passed to `createMemory()`.
-
----
-
-## Boot confirmation
-
-When Vektor Slipstream initialises, the following is logged to confirm
-the laws are active:
-
-```
-[vektor] Sovereign Agent active
-[vektor] Law I   ✓ locality     — no cloud sync path
-[vektor] Law II  ✓ hygiene      — AUDN on every write
-[vektor] Law III ✓ synthesis    — REM compress-only
-[vektor] Law IV  ✓ permanence   — SQLite persists
-[vektor] Law VIII  sovereign: true — injection shield active
-```
-
-Laws V–VII are design commitments and are not logged at boot.
-Law VIII boot line only appears when `sovereign: true` is set.
-
----
-
-## The contract
-
-Tier 1 laws are signed by the architecture.
-If any of them are ever violated by a future version of Vektor,
-that is a breaking change and will be documented as such in CHANGELOG.md.
-
-Tier 2 laws are signed by the team.
-They are the principles we will not compromise in future development.
-
-*Version: Slipstream 1.0.2 · Last updated: 2026-04-03*

package/audn-log.js

@@ -1,143 +0,0 @@
-/**
- * VEKTOR AUDN audit log — v1.3.7
- * Records every ADD/UPDATE/DELETE/NO_OP decision AUDN makes
- * before acting on it. Full transparency — nothing disappears silently.
- *
- * Schema additions required:
- *   CREATE TABLE IF NOT EXISTS audn_log (
- *     id          INTEGER PRIMARY KEY AUTOINCREMENT,
- *     agent_id    TEXT NOT NULL,
- *     namespace   TEXT NOT NULL,
- *     action      TEXT NOT NULL,  -- ADD | UPDATE | DELETE | NO_OP
- *     memory_id   TEXT,           -- affected memory id (null for ADD before insert)
- *     content     TEXT,           -- snapshot of content at time of action
- *     reason      TEXT,           -- why AUDN made this decision
- *     similarity  REAL,           -- similarity score that triggered the decision
- *     ran_at      INTEGER DEFAULT (unixepoch())
- *   );
- *   CREATE INDEX IF NOT EXISTS idx_audn_log_agent ON audn_log(agent_id, namespace, ran_at);
- */
-
-/**
- * logAudn — call this inside AUDN before executing each decision
- *
- * @param {object} db
- * @param {string} agentId
- * @param {string} namespace
- * @param {object} entry
- * @param {string} entry.action      - ADD | UPDATE | DELETE | NO_OP
- * @param {string} entry.memoryId    - memory id (if known)
- * @param {string} entry.content     - content snapshot
- * @param {string} entry.reason      - human-readable reason
- * @param {number} entry.similarity  - cosine score that triggered this
- */
-export function logAudn(db, agentId, namespace, entry) {
-  db.prepare(`
-    INSERT INTO audn_log (agent_id, namespace, action, memory_id, content, reason, similarity)
-    VALUES (?, ?, ?, ?, ?, ?, ?)
-  `).run(
-    agentId,
-    namespace,
-    entry.action,
-    entry.memoryId || null,
-    entry.content ? entry.content.slice(0, 500) : null,
-    entry.reason || null,
-    entry.similarity || null
-  );
-}
-
-/**
- * auditLog(opts) — retrieve AUDN decision history
- *
- * @param {object} db
- * @param {string} agentId
- * @param {string} namespace
- * @param {object} opts
- * @param {number}  opts.limit   - max rows (default 50)
- * @param {string}  opts.action  - filter to specific action (ADD|UPDATE|DELETE|NO_OP)
- * @param {string}  opts.since   - time filter — '7d', '24h', ISO date
- * @returns {object[]}
- */
-export function auditLog(db, agentId, namespace, opts = {}) {
-  const { limit = 50, action = null, since = null } = opts;
-
-  let sinceTs = null;
-  if (since) {
-    const rel = String(since).match(/^(\d+)(d|h|m)$/);
-    if (rel) {
-      const n = parseInt(rel[1]);
-      const unit = rel[2];
-      const seconds = unit === 'd' ? n * 86400 : unit === 'h' ? n * 3600 : n * 60;
-      sinceTs = Math.floor(Date.now() / 1000) - seconds;
-    } else {
-      sinceTs = Math.floor(Date.parse(since) / 1000);
-    }
-  }
-
-  const actionClause = action ? `AND action = '${action.toUpperCase()}'` : '';
-  const sinceClause = sinceTs ? `AND ran_at >= ${sinceTs}` : '';
-
-  return db.prepare(`
-    SELECT id, action, memory_id, content, reason, similarity, ran_at
-    FROM audn_log
-    WHERE agent_id = ? AND namespace = ?
-    ${actionClause}
-    ${sinceClause}
-    ORDER BY ran_at DESC
-    LIMIT ?
-  `).all(agentId, namespace, limit);
-}
-
-/**
- * auditStats() — summary counts by action type
- */
-export function auditStats(db, agentId, namespace) {
-  return db.prepare(`
-    SELECT
-      action,
-      COUNT(*) as count,
-      MAX(ran_at) as last_at
-    FROM audn_log
-    WHERE agent_id = ? AND namespace = ?
-    GROUP BY action
-    ORDER BY count DESC
-  `).all(agentId, namespace);
-}
-
-/**
- * pruneAuditLog(days) — keep log from growing forever
- * Call from REM cycle or a scheduled job
- */
-export function pruneAuditLog(db, agentId, namespace, keepDays = 30) {
-  const cutoff = Math.floor(Date.now() / 1000) - keepDays * 86400;
-  const result = db.prepare(
-    `DELETE FROM audn_log WHERE agent_id = ? AND namespace = ? AND ran_at < ?`
-  ).run(agentId, namespace, cutoff);
-  return { pruned: result.changes };
-}
-
-/**
- * Integration into Memory class / AUDN loop:
- *
- * // Inside AUDN decision logic:
- * logAudn(this.db, this.agentId, this.namespace, {
- *   action: 'DELETE',
- *   memoryId: existing.id,
- *   content: existing.content,
- *   reason: 'Contradicts newer memory with score 0.94',
- *   similarity: 0.94
- * });
- * // then execute the delete
- *
- * // Expose on Memory class:
- * auditLog(opts = {}) {
- *   return auditLog(this.db, this.agentId, this.namespace, opts);
- * }
- *
- * Usage:
- *   memory.auditLog({ action: 'DELETE', since: '7d' });
- *   // → [{ id, action:'DELETE', content:'...', reason:'...', ran_at }]
- *
- *   memory.auditLog({ limit: 100 });
- *   // → last 100 AUDN decisions
- */