agmem 0.1.2__py3-none-any.whl → 0.1.4__py3-none-any.whl

{agmem-0.1.2.dist-info → agmem-0.1.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: agmem
-Version: 0.1.2
+Version: 0.1.4
 Summary: Agentic Memory Version Control System - Git for AI agent memories
 Home-page: https://github.com/vivek-tiwari-vt/agmem
 Author: agmem Team
@@ -10,7 +10,7 @@ Project-URL: Homepage, https://github.com/vivek-tiwari-vt/agmem
 Project-URL: Documentation, https://github.com/vivek-tiwari-vt/agmem#readme
 Project-URL: Repository, https://github.com/vivek-tiwari-vt/agmem
 Project-URL: Bug Tracker, https://github.com/vivek-tiwari-vt/agmem/issues
-Keywords: ai,agent,memory,version-control,git,vcs,llm
+Keywords: ai,agent,memory,version-control,git,vcs,llm,merkle,audit,encryption,differential-privacy,trust,multi-agent
 Classifier: Development Status :: 3 - Alpha
 Classifier: Intended Audience :: Developers
 Classifier: License :: OSI Approved :: MIT License
@@ -22,6 +22,7 @@ Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Topic :: Software Development :: Version Control
 Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Security :: Cryptography
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
 License-File: LICENSE
@@ -32,6 +33,10 @@ Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
 Requires-Dist: black==24.10.0; extra == "dev"
 Requires-Dist: flake8>=5.0.0; extra == "dev"
 Requires-Dist: mypy>=1.0.0; extra == "dev"
+Requires-Dist: bandit[toml]>=1.7.0; extra == "dev"
+Provides-Extra: llm
+Requires-Dist: openai>=1.0.0; extra == "llm"
+Requires-Dist: anthropic>=0.18.0; extra == "llm"
 Provides-Extra: mcp
 Requires-Dist: mcp>=1.0.0; extra == "mcp"
 Provides-Extra: vector
@@ -46,6 +51,8 @@ Requires-Dist: google-cloud-storage>=2.0.0; extra == "cloud"
 Provides-Extra: gardener
 Requires-Dist: scikit-learn>=1.3.0; extra == "gardener"
 Requires-Dist: openai>=1.0.0; extra == "gardener"
+Provides-Extra: anthropic
+Requires-Dist: anthropic>=0.18.0; extra == "anthropic"
 Provides-Extra: pii
 Requires-Dist: presidio-analyzer>=2.2.0; extra == "pii"
 Provides-Extra: daemon
@@ -58,8 +65,15 @@ Provides-Extra: distill
 Requires-Dist: openai>=1.0.0; extra == "distill"
 Provides-Extra: verify
 Requires-Dist: openai>=1.0.0; extra == "verify"
+Provides-Extra: crypto
+Requires-Dist: cryptography>=41.0.0; extra == "crypto"
+Provides-Extra: ipfs
+Requires-Dist: requests>=2.28.0; extra == "ipfs"
+Provides-Extra: ipfs-daemon
+Requires-Dist: ipfshttpclient>=0.8.0; extra == "ipfs-daemon"
 Provides-Extra: all
 Requires-Dist: mcp>=1.0.0; extra == "all"
+Requires-Dist: cryptography>=41.0.0; extra == "all"
 Requires-Dist: sqlite-vec>=0.1.0; extra == "all"
 Requires-Dist: sentence-transformers>=2.0.0; extra == "all"
 Requires-Dist: fastapi>=0.100.0; extra == "all"
@@ -68,8 +82,12 @@ Requires-Dist: boto3>=1.34.0; extra == "all"
 Requires-Dist: google-cloud-storage>=2.0.0; extra == "all"
 Requires-Dist: scikit-learn>=1.3.0; extra == "all"
 Requires-Dist: openai>=1.0.0; extra == "all"
+Requires-Dist: anthropic>=0.18.0; extra == "all"
 Requires-Dist: watchdog>=3.0.0; extra == "all"
 Requires-Dist: networkx>=3.0; extra == "all"
+Requires-Dist: tiktoken>=0.5.0; extra == "all"
+Requires-Dist: presidio-analyzer>=2.2.0; extra == "all"
+Requires-Dist: requests>=2.28.0; extra == "all"
 Dynamic: author
 Dynamic: home-page
 Dynamic: license-file
@@ -105,10 +123,23 @@ agmem solves all of these problems with a familiar Git-like interface.
 - ✅ **Branch/tag names with `/`** — Git-style refs: `feature/test`, `releases/v1` (path-validated)
 - ✅ **Content-addressable storage** — SHA-256 deduplication like Git
 - ✅ **Memory-type-aware merging** — Episodic append, semantic consolidate, procedural prefer-new
-- ✅ **Remote (file://)** — `clone`, `push`, `pull`, `remote`; pull merges into current branch
+- ✅ **Remote (file://)** — `clone`, `push`, `pull`, `remote`; pull merges into current branch; push conflict detection (non–fast-forward reject)
 - ✅ **Search** — Semantic with `agmem[vector]`, or plain text over `current/` when vector deps missing
 - ✅ **Knowledge graph** — `agmem graph` from wikilinks/tags; `--no-similarity`, `--format d3`, `--serve` (optional `agmem[web]`)
-- ✅ **Integrity** — `agmem fsck`; path/ref/hash validation throughout (no path traversal)
+- ✅ **Integrity** — `agmem fsck` (objects, refs, vector store, Merkle/signature); `agmem verify --crypto`; path/ref/hash validation (no path traversal)
+- ✅ **Cryptographic commit verification** — Merkle tree over blobs; Ed25519 signing of root; verify on checkout, pull, `verify`, `fsck`; Merkle proofs for single-blob verification
+- ✅ **Encryption at rest** — Optional AES-256-GCM with Argon2id key derivation; hash-then-encrypt preserves deduplication
+- ✅ **Tamper-evident audit trail** — Append-only hash-chained log (init, add, commit, checkout, merge, push, pull, config); `agmem audit` and `agmem audit --verify`
+- ✅ **Multi-agent trust** — Trust store (full / conditional / untrusted) per public key; applied on pull/merge; clone copies remote keys
+- ✅ **Conflict resolution** — `agmem resolve` with ours/theirs/both; conflicts persisted in `.mem/merge/`; path-safe
+- ✅ **Differential privacy** — Epsilon/delta budget in `.mem/privacy_budget.json`; `--private` on `agmem distill` and `agmem garden`; noise applied to counts and frontmatter
+- ✅ **Pack files & GC** — `agmem gc [--repack]` (reachable from refs, prune loose, optional pack file + index); ObjectStore reads from pack when loose missing
+- ✅ **Multi-provider LLM** — OpenAI and Anthropic via `memvcs.core.llm`; config/repo or env; used by gardener, distiller, consistency, merge
+- ✅ **Temporal querying** — Point-in-time and range queries in temporal index; frontmatter timestamps
+- ✅ **Federated collaboration** — `agmem federated push|pull`; real summaries (topic counts, fact hashes); optional DP on outbound; coordinator API in docs/FEDERATED.md
+- ✅ **Zero-knowledge proofs** — `agmem prove` (hash/signature-based): keyword containment (Merkle set membership), memory freshness (signed timestamp)
+- ✅ **Daemon health** — Periodic Merkle verification in daemon loop; safe auto-remediation hooks
+- ✅ **GPU acceleration** — Vector store detects GPU for embedding model when available
 - ✅ **Optional** — `serve`, `daemon` (watch + auto-commit), `garden` (episode archival), MCP server; install extras as needed
 
 ## Quick Start
@@ -227,12 +258,18 @@ All commands are listed below. Highlights: **`agmem blame <file>`** (who changed
 
 | Command | Description |
 |---------|-------------|
-| `agmem clone <url> [dir]` | Clone repo (file:// URLs); path-validated |
+| `agmem clone <url> [dir]` | Clone repo (file:// URLs); path-validated; copies remote public keys |
 | `agmem remote add <name> <url>` | Add remote |
 | `agmem remote show` | List remotes |
-| `agmem push <remote> <branch>` | Push branch (refs validated) |
-| `agmem pull [--remote <name>] [--branch <b>]` | Fetch and merge into current branch |
-| `agmem fsck` | Check objects, refs, optional vector store |
+| `agmem push <remote> <branch>` | Push branch (refs validated); rejects non–fast-forward |
+| `agmem pull [--remote <name>] [--branch <b>]` | Fetch and merge into current branch; optional crypto/trust checks |
+| `agmem fsck` | Check objects, refs, optional vector store, Merkle roots and signatures |
+| `agmem verify [ref]` | Belief consistency (contradictions); use `--crypto` to verify commit Merkle/signature |
+| `agmem audit [--verify] [--max n]` | Show tamper-evident audit log; `--verify` checks hash chain |
+| `agmem resolve [path]` | Resolve merge conflicts (ours/theirs/both); path under `current/` |
+| `agmem gc [--dry-run] [--repack] [--prune-days n]` | Garbage collection: delete unreachable loose objects; optional pack file creation |
+| `agmem prove --memory <path> --property keyword\|freshness --value <v> [-o out]` | Generate ZK proofs (keyword: Merkle set membership; freshness: signed timestamp) |
+| `agmem federated push\|pull` | Federated collaboration (real summaries, optional DP; requires coordinator in config) |
 
 ### Optional (install extras)
 
@@ -301,7 +338,84 @@ Configure in `.mem/config.json` (e.g. `archive_dir`, consolidation thresholds).
 agmem fsck
 ```
 
-Verifies objects, refs, and (if installed) the vector store. Run after cloning or if something looks wrong.
+Verifies objects, refs, and (if installed) the vector store. When commit metadata includes `merkle_root` and optionally `signature`, fsck also runs cryptographic verification. Run after cloning or if something looks wrong.
+
+---
+
+## Security, trust & advanced features
+
+The following 18 capabilities are implemented (or stubbed) per the agmem features implementation plan. They are grouped by tier.
+
+### Tier 1 — Security and trust
+
+| # | Feature | Description |
+|---|---------|-------------|
+| **1** | **Cryptographic commit verification** | Merkle tree over commit blobs; Ed25519 signing of Merkle root; verification on checkout, pull, `agmem verify --crypto`, and `agmem fsck`. Merkle proofs for single-blob verification. Keys: `.mem/keys/`; private key from env `AGMEM_SIGNING_PRIVATE_KEY` or `AGMEM_SIGNING_PRIVATE_KEY_FILE`. Old commits without `merkle_root` are unverified. |
+| **2** | **Encryption at rest** | Optional AES-256-GCM for object contents; key from passphrase via Argon2id; hash-then-encrypt preserves deduplication. Config in `.mem/encryption.json` or repo config; opt-in. |
+| **3** | **Tamper-evident audit trail** | Append-only, hash-chained log in `.mem/audit/` for init, add, commit, checkout, merge, push, pull, config. **Commands:** `agmem audit` (show entries), `agmem audit --verify` (verify chain). |
+
+### Tier 2 — Multi-agent collaboration
+
+| # | Feature | Description |
+|---|---------|-------------|
+| **4** | **Multi-agent trust and identity** | Trust store (full / conditional / untrusted) per public key; applied on pull and merge. Clone copies remote public keys; user adds them to trust store. Identity = keypair (same as commit signing). |
+| **5** | **Federated memory collaboration** | Agents share summaries or aggregated updates via a coordinator. **Command:** `agmem federated push` / `agmem federated pull` (stub). Config: `federated.enabled`, `coordinator_url`. |
+| **6** | **Conflict resolution interface** | Structured resolution: ours / theirs / both per path. **Command:** `agmem resolve [path]`. Conflicts persisted in `.mem/merge/conflicts.json`; path traversal protected. |
+
+### Tier 3 — Privacy
+
+| # | Feature | Description |
+|---|---------|-------------|
+| **7** | **Differential privacy** | Epsilon/delta budget per repo in `.mem/privacy_budget.json`. **Usage:** `agmem distill --private`, `agmem garden --private`; blocks when budget exceeded. Config: `differential_privacy.max_epsilon`, `delta`. |
+| **8** | **Zero-knowledge proofs** | zk-SNARK-style proofs for keyword containment and memory freshness. **Command:** `agmem prove --memory <path> --property keyword|freshness --value <v> [-o out]` (stub). |
+
+### Tier 4 — Storage and distribution
+
+| # | Feature | Description |
+|---|---------|-------------|
+| **9** | **Decentralized storage (IPFS)** | Push/pull via gateway (POST /api/v0/add, GET /ipfs/<cid>). Bundle/unbundle in `memvcs.core.ipfs_remote`; optional `agmem[ipfs]`. |
+| **10** | **Pack files and garbage collection** | Pack loose objects into pack file + index; GC deletes unreachable; ObjectStore reads from pack. **Command:** `agmem gc [--dry-run] [--repack] [--prune-days n]`. |
+| **11** | **Enhanced cloud remote operations** | Push conflict detection; S3/GCS remotes with distributed locking (acquire before push/fetch, release in finally). Config: `lock_table` for S3. |
+
+### Tier 5 — Intelligence and retrieval
+
+| # | Feature | Description |
+|---|---------|-------------|
+| **12** | **Multi-provider LLM** | `memvcs.core.llm`: OpenAI and Anthropic; factory by config or env. Used by gardener, distiller, consistency checker, merge. Credentials via env (e.g. `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`). |
+| **13** | **Enhanced semantic compression** | Multi-stage pipeline in `memvcs.core.compression_pipeline`: chunk, fact extraction, dedup by hash; hybrid retrieval in strategies. |
+| **14** | **Temporal querying and time-travel** | Point-in-time and range in `memvcs.core.temporal_index`; CLI: `agmem when --from/--to`, `agmem timeline --from/--to`. |
+| **15** | **Cross-memory relationship graph** | Knowledge graph: co-occurrence, causal edges; incremental-update docstring in `knowledge_graph.py`. |
+
+### Tier 6 — Operations and maintenance
+
+| # | Feature | Description |
+|---|---------|-------------|
+| **16** | **Automated memory health monitoring** | Daemon: configurable `daemon.health_check_interval_seconds` and `AGMEM_DAEMON_HEALTH_INTERVAL`; alert only on verify failure; suggest `agmem fsck`. |
+| **17** | **GPU-accelerated operations** | Vector store `_device()` returns cuda/mps/cpu; model loaded with that device. |
+| **18** | **Test suite and quality** | Tests: crypto (tampered blob, key missing), encryption (wrong key, corrupted ciphertext), privacy budget, pack/GC, ZK prove/verify, federated mock, IPFS bundle; see docs/TEST_REPORT.md. |
+
+### New files and config (summary)
+
+| Addition | Purpose |
+|----------|---------|
+| `memvcs/core/crypto_verify.py` | Merkle build/verify, Ed25519 sign/verify, Merkle proofs |
+| `memvcs/core/audit.py` | Tamper-evident audit append and verify |
+| `memvcs/core/trust.py` | Trust store (key → level) |
+| `memvcs/core/privacy_budget.py` | Epsilon/delta budget for DP |
+| `memvcs/core/pack.py` | Pack format, index, GC, repack |
+| `memvcs/core/compression_pipeline.py` | Chunk, fact extraction, dedup; hybrid retrieval |
+| `memvcs/core/zk_proofs.py` | Hash/signature-based proofs (keyword, freshness) |
+| `docs/FEDERATED.md` | Coordinator API for federated push/pull |
+| `memvcs/core/encryption.py` | AES-256-GCM, Argon2id, config |
+| `memvcs/core/llm/` | LLM provider interface and OpenAI/Anthropic |
+| `memvcs/core/zk_proofs.py` | ZK proof stubs |
+| `memvcs/core/federated.py` | Federated push/pull stubs |
+| `.mem/audit/` | Audit log |
+| `.mem/keys/` | Public (and optional private) keys |
+| `.mem/trust/` or config | Trust store |
+| `.mem/privacy_budget.json` | DP budget state |
+| `.mem/merge/conflicts.json` | Unresolved merge conflicts |
+| Commit `metadata` | `merkle_root`, `signature` |
 
 ---
 
@@ -450,10 +564,20 @@ Repository configuration is stored in `.mem/config.json`:
     "summarizer_model": "default",
     "max_episode_size": 1048576,
     "consolidation_threshold": 100
+  },
+  "differential_privacy": {
+    "max_epsilon": 1.0,
+    "delta": 1e-5
+  },
+  "federated": {
+    "enabled": false,
+    "coordinator_url": ""
   }
 }
 ```
 
+Optional sections: **`differential_privacy`** (for `--private` on distill/garden); **`federated`** (for `agmem federated`); **`signing`** (public key for commit verification); trust store under `.mem/trust/` or config; encryption in `.mem/encryption.json` when enabled.
+
 ### agmem config (cloud and PII)
 
 Optional user/repo config for S3/GCS and PII hooks:
@@ -515,13 +639,17 @@ mypy memvcs/
 - [x] Basic commands (init, add, commit, status, log, diff, show, reset, tag, stash, reflog, blame, tree, clean)
 - [x] HEAD~n resolution; branch/tag names with `/` (Git-style)
 - [x] Branching and checkout; merging with memory-type-aware strategies
-- [x] Remote operations (clone, push, pull, remote) — file:// URLs; pull merges into current branch
+- [x] Remote operations (clone, push, pull, remote) — file:// URLs; pull merges into current branch; push conflict detection
 - [x] Search — semantic with `agmem[vector]`, plain text fallback
 - [x] Knowledge graph (`agmem graph`) — wikilinks, tags, optional similarity; `--no-similarity`, `--serve`
-- [x] Integrity (`agmem fsck`); path/ref/hash validation (security)
+- [x] Integrity (`agmem fsck`); path/ref/hash validation; Merkle/signature verification
 - [x] Web UI (`agmem serve`); MCP server (`agmem mcp`); daemon (`agmem daemon`); garden (`agmem garden`)
-- [ ] Garbage collection
-- [ ] Pack files for efficiency
+- [x] Cryptographic commit verification (Merkle tree, Ed25519 signing, verify on checkout/pull/fsck)
+- [x] Tamper-evident audit trail (`agmem audit`); multi-agent trust store; conflict resolution (`agmem resolve`)
+- [x] Encryption at rest (optional AES-256-GCM); differential privacy budget (`--private` on distill/garden)
+- [x] Pack files and garbage collection (`agmem gc`); ZK proofs and federated stubs (`agmem prove`, `agmem federated`)
+- [x] Multi-provider LLM (OpenAI, Anthropic); temporal range queries; daemon health checks; GPU detection; test suite and CI
+- [ ] IPFS remote (stub in place); full ZK circuits and federated coordinator
 
 ## Integrations
 
@@ -614,8 +742,10 @@ agmem graph --serve  # Serve knowledge graph UI (same extra)
 
 - **Full history:** `agmem log`, `agmem reflog`
 - **Line-level attribution:** `agmem blame <file>` — see which commit and author last changed each line (e.g. `agmem blame current/semantic/user-preferences.md`)
+- **Tamper-evident audit:** `agmem audit` and `agmem audit --verify` for hash-chained operation log
+- **Cryptographic verification:** `agmem verify --crypto` and `agmem fsck` for Merkle roots and Ed25519 signatures
 - **Visual audit:** `agmem serve` for browser-based history and diff viewer
-- **Integrity:** `agmem fsck` to verify objects and refs
+- **Integrity:** `agmem fsck` to verify objects, refs, and commit signatures
 
 ## Ecosystem Plugin Patterns
 

{agmem-0.1.2.dist-info → agmem-0.1.4.dist-info}/RECORD

@@ -1,34 +1,39 @@
-agmem-0.1.2.dist-info/licenses/LICENSE,sha256=X_S6RBErW-F0IDbM3FAEoDB-zxExFnl2m8640rTXphM,1067
+agmem-0.1.4.dist-info/licenses/LICENSE,sha256=X_S6RBErW-F0IDbM3FAEoDB-zxExFnl2m8640rTXphM,1067
 memvcs/__init__.py,sha256=mXwHTSlUPWo4ERqJLGJnxmxtGQQHPSbXb4IpO61l04M,193
-memvcs/cli.py,sha256=0bIdOVz23ZON4i8LoAsepiII-DpiGTGysllXFwmG0GI,5771
+memvcs/cli.py,sha256=YF06oMNjKWUmiNahILmfjrIXgoXzU-5BJFmbunSb8Sc,6075
 memvcs/commands/__init__.py,sha256=A2D6xWaO6epU7iV4QSvqvF5TspnwRyDN7NojmGatPrE,510
-memvcs/commands/add.py,sha256=5Bia5nLfaREyp-ujqReDOyZu6zF5WveQk_N8XkWmqnM,8511
+memvcs/commands/add.py,sha256=k9eM7qf2NFvneiJkFQNiAYFB2GgKmyPw_NXmkCxblQE,8736
+memvcs/commands/audit.py,sha256=E6m54B726tqDQR3rrgRXWrjE-seu2UocqrFxN1aHkY4,1680
 memvcs/commands/base.py,sha256=yWvIYuofRxbHXvChlSd_DL_hJMaQdbZwa2XBDWj5Bio,634
 memvcs/commands/blame.py,sha256=2tEXyXpAebm_zQFAyw-6d3K09Lnh1GVLYGp6htlEmI0,5605
 memvcs/commands/branch.py,sha256=ghsK4tnGe7XApxQSgou7V0BASBC8PL8nQs_yBt0notQ,3150
 memvcs/commands/checkout.py,sha256=xaYZSbCQ-MyLWPtwA2FdH6WqGMI3oF3R2JmCufGBVFg,3182
 memvcs/commands/clean.py,sha256=e0OhSQdHfFnOPTRbyKbM8IcX4yJD5n_kaBKjIeoaRBo,1973
-memvcs/commands/clone.py,sha256=EAeojcUpRyCj1tVLR5zqnbkdF6Cvpza0_gyjZoCHysw,2895
+memvcs/commands/clone.py,sha256=aB0LcugIWJE9IEez6y70KlpZu4eIF2EdXZxE24jXyac,3260
 memvcs/commands/commit.py,sha256=W4ulVZuEETJh1SHpscaQfNjyQMqeIE0AYZIbMbTrsq4,6801
-memvcs/commands/daemon.py,sha256=B9_a7DFXMde9Fphpo7J9-osXqYCby-KfvITObJ3VqIo,8589
+memvcs/commands/daemon.py,sha256=KM9XSCdm4-aVBi4flKjiefpG8SfSrYl10phoMpz0gyk,10707
 memvcs/commands/decay.py,sha256=QcgOTMJZxrfw_AOz94YHA3LGoNXRMDn69TxWlUrpSw4,2421
 memvcs/commands/diff.py,sha256=KcgD57_fae4uvQ8G9ZbXmLpAYYIDiWiBuVcjsDtyE1U,5480
-memvcs/commands/distill.py,sha256=Inl6igvjewGTT1L4nH48PIi8_oUtlFgJwq1gUTosI9E,2171
-memvcs/commands/fsck.py,sha256=PQWEoqmGKhjZEEMYBf1pnORz8j-YaOLFojmQkND3m3Q,6545
-memvcs/commands/garden.py,sha256=0ZbohharxBC6-n1Y2Cgpyfpwuzlq_vmWi3Yu0pQRQBA,3269
+memvcs/commands/distill.py,sha256=reOldqg0lMgqIlpYEIKYfN_TxNwsjU9RnI8Uah1VqTQ,3088
+memvcs/commands/federated.py,sha256=Zj4kxHnjdIs1xu4v7B8XosQXNYK8Alv4I0kJQpmJe6Y,1840
+memvcs/commands/fsck.py,sha256=AdJBMLA2myQ0cJJcjUgsYptsE3qvX4JQc9UAwVmSHlA,7772
+memvcs/commands/garden.py,sha256=8JiLe3JRkOhY-N-h-IDuvdJiECiSElnUzXVtxtU2QgY,4050
+memvcs/commands/gc.py,sha256=vLGREkcHjR_rDvTvEh-dwNkAeTB9y4fU-BwBGbXOEg4,1940
 memvcs/commands/graph.py,sha256=MDi6bK2w0OrpK5VOE8XXw5gQX7BuD7VzUyqJ5Ra9Bsg,4746
 memvcs/commands/init.py,sha256=TsrLFLXwkDFT0opsYJTfwu0NIxLrNiiba5SpzRtxjDI,1614
 memvcs/commands/log.py,sha256=eNlLs0-PS2nF0pMAMI8izKGUiEb2m3S0RB4Zh6cUQpE,2859
 memvcs/commands/mcp.py,sha256=PMfwVD6uHltN58Jh7IOiS1w7oND42tg14QKRCJNudmY,1740
-memvcs/commands/merge.py,sha256=kB9bXBagZrZYz1mozVGwelMTJ3ATm9QyINrE90FhXhA,2417
+memvcs/commands/merge.py,sha256=s3QLZp-_I6OvhllLhL9yFZAQ8d4M4FbvxkXV7gUgw5M,4877
 memvcs/commands/pack.py,sha256=rIDjMpxJG0oxrWnB3vCGHqviCITIeIbdy3nhuHVHzM8,3629
-memvcs/commands/pull.py,sha256=qeEtBEuXo-BLsOqBU146V2lUK1WrCNp1d8z6qqWhhyU,2113
+memvcs/commands/prove.py,sha256=qQYYV5GdLd0Av4pwaxNvUCcl5pmiBwCrlXJwRtXVCF4,2141
+memvcs/commands/pull.py,sha256=hn9FIlNc3KUr5EUDo4_66KQSK0BSSXjOn32xaDNxf0Q,3621
 memvcs/commands/push.py,sha256=0abEdHkCMfHpH_Nmlw3OaU7Hzi0-RXF-cTVHpiSPw6k,5086
 memvcs/commands/recall.py,sha256=7nwC4mFYpdjKWG-Cs3cpDLr5_SgYJ6HkVSXDOkFke5A,4592
 memvcs/commands/reflog.py,sha256=j8Rxw_4jZuldS1k1g3wF2EItmPxBEmogWcbccOZrGkw,1117
 memvcs/commands/remote.py,sha256=4PXDZjoU4YA4IbGrn_1KbFVCSVxVB_pVdI2nIn1NSbw,1761
 memvcs/commands/repair.py,sha256=OBVa30Zc9rOjUw2GoiSAC6iZrnuCZN_J8nHpCnk5BzM,2312
 memvcs/commands/reset.py,sha256=3TG7qOu2k1uji-TdSyXsdZ6LV2wqc2MB8aSJ6q71IGk,2778
+memvcs/commands/resolve.py,sha256=SFjCCYlcBqP9pjykWIPrDivtk_714VhsWl1Vt7gjyfM,4093
 memvcs/commands/resurrect.py,sha256=zi4ErN1jWVCn8I5rV4g_Dlbg1YadGEU6Xhc7srzlwfg,2503
 memvcs/commands/search.py,sha256=NOMbkQmVurQ-_d7bZVf9vjOH6OgVPeErqpLZiSxsvBA,5322
 memvcs/commands/serve.py,sha256=n8DroVRIQVm5UO2-o-9JU17pQYF-HYOMIJKycdRcBMs,1408
@@ -37,32 +42,47 @@ memvcs/commands/stash.py,sha256=CD3mRWehcmfVRPGGpndUBdTT_ku4LC_rmSKPvTEOTAo,3193
 memvcs/commands/status.py,sha256=O6BgzTiW3UHjXx6OKwH8X4g0hP0IlYDgr7As5RmeujU,3447
 memvcs/commands/tag.py,sha256=CaCnA3JifVrdr8DfX4g0bp-_oRvagJkQFcI4bJbW1uM,3004
 memvcs/commands/test.py,sha256=HZrpGZQhu9HnGZLjiq8TXi8jfOZqP-wc3bW6mgpP2yk,3926
-memvcs/commands/timeline.py,sha256=xdOr2jz-_ArSPY-GxwXBloiwhfBzIfz4MAi-JEhP8H0,3666
+memvcs/commands/timeline.py,sha256=hH4kqd0cHbdtnjMrr_Sw6lt0kmu0yEVctHGOQ2iYK5s,4763
 memvcs/commands/tree.py,sha256=vdULq4vIXA_4gNfMnHn_Y78BwE0sJoeTBOnFJR3WsZ4,4927
-memvcs/commands/verify.py,sha256=aH0FN_7xRulRV2oSLYSB4BiAw_U81IkZ5sFdBRmxdZ0,1858
-memvcs/commands/when.py,sha256=MMQ15PFXFCTmjIq7dr0tC0XvGAdndMvckVnnWehc60Y,3692
+memvcs/commands/verify.py,sha256=04CVW5NYWkUlPJ5z1Kci6dfQFM6UmPTGZh9ZextFLMc,3887
+memvcs/commands/when.py,sha256=gbSQHk96zu4TiH1QIdQJUeSsy9WFbjaheh5jjTsGopw,4772
 memvcs/core/__init__.py,sha256=dkIC-4tS0GhwV2mZIbofEe8xR8uiFwrxslGf1aXwhYg,493
 memvcs/core/access_index.py,sha256=HhacnzSUASzRV2jhDHkwRFoPS3rtqh9n9yE1VV7JXpk,5596
+memvcs/core/audit.py,sha256=8APkm9Spl_-1rIdyRQz1elyxOeK3nlpwm0CLkpLlhTE,3732
+memvcs/core/compression_pipeline.py,sha256=ejFXBTHfBYbCD86a5V0-0wA39K-SBG7dt09oAy-XP5s,5481
 memvcs/core/config_loader.py,sha256=j-jgLDp2TRzWN9ZEZebfWSfatevBNYs0FEb3ud1SIR8,8277
-memvcs/core/consistency.py,sha256=JUUlrGB8b2DMmozoP7KFNqd6nSLzKDZaHGbYyKlK_l8,7464
+memvcs/core/consistency.py,sha256=YOG8xhqZLKZCLbai2rdcP0KxYPNGFv5RRMwrQ6qCeyc,7462
 memvcs/core/constants.py,sha256=WUjAb50BFcF0mbFi_GNteDLCxLihmViBm9Fb-JMPmbM,220
+memvcs/core/crypto_verify.py,sha256=-yphuOE4bP-V1_bpMfNnJTLtpAdtKq8OV2hNUlUxiwk,10432
 memvcs/core/decay.py,sha256=ROGwnqngs7eJNkbKmwyOdij607m73vpmoJqzrIDLBzk,6581
 memvcs/core/diff.py,sha256=koEHTLciIUxYKVJVuvmY0GDXMgDgGZP_qg5RayhF-iE,13226
-memvcs/core/distiller.py,sha256=QBoTz3xFVepwGHOXVuIr5qfln2tkNo1CtcBpKIjsnqc,10337
-memvcs/core/gardener.py,sha256=bFMyHU5H5-rYZIahT8j14ZOvBs5LSVhYZiTbyw7SQl4,16080
+memvcs/core/distiller.py,sha256=859NUR3gzYQuvDFxMtGB2NcTGRmRj4VJyOZTlDKvSzI,11683
+memvcs/core/encryption.py,sha256=epny_nlW6ylllv1qxs1mAcFq-PrLIisgfot4llOoAqw,5289
+memvcs/core/federated.py,sha256=RRNzhDVahTM-XQanT__8IBfGsS6fPDbq40b4v327iHg,5374
+memvcs/core/gardener.py,sha256=YKw4amhlPrX34gvg71PNUWmERUhrqvhrCuHnOj229gs,17462
 memvcs/core/hooks.py,sha256=XF9z8J5sWjAcuOyWQ2nuvEzK0UV8s4ThrcltaBZttzw,5448
-memvcs/core/knowledge_graph.py,sha256=fjDZ-68tUHA6AZcn-p0d32r8X3SyrMME1OyuRPxtI_0,12875
-memvcs/core/merge.py,sha256=eBdPd8loe7G6F8C3fMNdnm_kvlKgZ4JC5z4xnboteOI,19165
-memvcs/core/objects.py,sha256=zlTcNHc3ehFnLm0UoI1Ct2gw5CU4moaRLhN8hZXm3p4,9943
+memvcs/core/ipfs_remote.py,sha256=1Xob0Tiz0-GevgQrBhwUBifnVLO8U0dUIlvJS88BMBk,6651
+memvcs/core/knowledge_graph.py,sha256=6UuSdkaaXQnVti9TK10ak_KeCn8apLOgB70GXN_1I-Q,16370
+memvcs/core/merge.py,sha256=x2eSaxr4f63Eq00FCJ6DDe2TZU8H5yHQpzKzMhYsaFw,19871
+memvcs/core/objects.py,sha256=G6EigwJI0c9NZ9LB36L-3beNYt_MwETNgbtwnrptqMA,11004
+memvcs/core/pack.py,sha256=SiEReq9EMzffd3trnc38REWrh5Vo5HAmErovNgsx01U,9749
 memvcs/core/pii_scanner.py,sha256=T6gQ1APFrSDk980fjnv4ZMF-UztbJgmUFSwGrwWixEw,10802
+memvcs/core/privacy_budget.py,sha256=fOPlxoKEAmsKtda-OJCrSaKjTyw7ekcqdN7KfRBw1CY,2113
 memvcs/core/refs.py,sha256=4Nx2ZVRa_DzfUZ4O1AwzOHEjoGAEICJKqSd9GxaiD_g,16754
-memvcs/core/remote.py,sha256=MhQTfxpzmH0mAMb7hoQJrTOAoqX0tqZxx1Yq5Q5niS8,10117
-memvcs/core/repository.py,sha256=fu6ZxkF3RY7yV1FHRQ2gVOpxkwJzeffna2sZixd8puI,17894
+memvcs/core/remote.py,sha256=HmGXx-NZFw7wgf0rHcwmGOQSWUoHNP85RHP5UaUDuuE,19429
+memvcs/core/repository.py,sha256=NzC2UFPv6ePxi5lfiSKyZFLclH4bJpWJz88pY7tDiv4,20605
 memvcs/core/schema.py,sha256=_CrEWCdArc0yDJ04GT7fyvjHqkal7gegdFSsFOjVpBc,15287
 memvcs/core/staging.py,sha256=dptdGi_74lhDkcGqGVU39ZyTkb25j-Rnkz0GWi83W1k,7221
-memvcs/core/temporal_index.py,sha256=OmgfznlScItVf2sML7JOj_WaGtKJZMIsP818YKUlMAw,3554
+memvcs/core/temporal_index.py,sha256=81hZHlVElp2UpXjseFVCdDUwxGM45zIU-y1dDlOhFHI,4012
 memvcs/core/test_runner.py,sha256=7-0jCvji63JRbVfy3LNQWIQ7VL5weulOoG7SY1-YJbw,11496
-memvcs/core/vector_store.py,sha256=JqyiPbznxEkuD1CIna5DKm0PwrlQ4tVARJpt6W0mESE,10599
+memvcs/core/trust.py,sha256=msx80Cl3bxyQTY8mFUKWY9P6l3zb1s8FafympgHwtpo,3494
+memvcs/core/vector_store.py,sha256=yUAp5BlaAtjkrtsdY1I-vmAp_YIFgJykBoNlp5hcg0I,11063
+memvcs/core/zk_proofs.py,sha256=dnwMqhGtzDQtaNuO1bhuLchqYyEDnXzbtd-jQH_M0qQ,5512
+memvcs/core/llm/__init__.py,sha256=vnjtE9Xlv9a2pZV88DMT9JaINkZ30hC9VLPL5lJRlps,236
+memvcs/core/llm/anthropic_provider.py,sha256=O1eaCb9r464ajLJz-Gy8lGxBie5ojRUZ_5HdgRXO5KY,1540
+memvcs/core/llm/base.py,sha256=qPzg3KPAMeoyWGc_2JoVR4-plpdft5Rc2g9uO-Z4fJQ,623
+memvcs/core/llm/factory.py,sha256=sRl4XiAHs1eReXjCdwYLvbjUaIxdfQZV93hiME-i8j8,912
+memvcs/core/llm/openai_provider.py,sha256=hGOdEPWf96zP7PqC5FzwISXoNDvLSOXCHJjbRj2HgI8,885
 memvcs/core/storage/__init__.py,sha256=yJE7bm5G7VlFLpSVFrrTkP4eOyQlWRPfBvEP9T5PW44,1901
 memvcs/core/storage/base.py,sha256=IK4To8Cb-LHv5ltlaQLdB6LE-69euFK3hNqBtMCe7-g,9956
 memvcs/core/storage/gcs.py,sha256=-cWuGw1jkFh-Xig-Abmwr9HGwjW5lWQJuF2xcAR1l78,10632
@@ -79,8 +99,8 @@ memvcs/retrieval/recaller.py,sha256=8KY-XjMUz5_vcKf46zI64uk1DEM__u7wM92ShukOtsY,
 memvcs/retrieval/strategies.py,sha256=26yxQQubQfjxWQXknfVMxuzPHf2EcZxJg_B99BEdl5c,11458
 memvcs/utils/__init__.py,sha256=8psUzz4Ntv2GzbRebkeVsoyC6Ck-FIwi0_lfYdj5oho,185
 memvcs/utils/helpers.py,sha256=37zg_DcQ2y99b9NSLqxFkglHe13rJXKhFDpEbQ7iLhM,4121
-agmem-0.1.2.dist-info/METADATA,sha256=uIzEeVVPQ36Kdy0NQ0ygJS9pvMSglfYSTo_oNjG5TsM,26608
-agmem-0.1.2.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-agmem-0.1.2.dist-info/entry_points.txt,sha256=at7eWycgjqOo1wbUMECnXUsNo3gpCkJTU71OzrGLHu0,42
-agmem-0.1.2.dist-info/top_level.txt,sha256=HtMMsKuwLKLOdgF1GxqQztqFM54tTJctVdJuOec6B-4,7
-agmem-0.1.2.dist-info/RECORD,,
+agmem-0.1.4.dist-info/METADATA,sha256=IU1QZw4zdsUApbsgLUvoh8BNBtbOc3AeSUINr1GSx80,37487
+agmem-0.1.4.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+agmem-0.1.4.dist-info/entry_points.txt,sha256=at7eWycgjqOo1wbUMECnXUsNo3gpCkJTU71OzrGLHu0,42
+agmem-0.1.4.dist-info/top_level.txt,sha256=HtMMsKuwLKLOdgF1GxqQztqFM54tTJctVdJuOec6B-4,7
+agmem-0.1.4.dist-info/RECORD,,

memvcs/cli.py

@@ -58,6 +58,11 @@ from .commands.decay import DecayCommand
 from .commands.resurrect import ResurrectCommand
 from .commands.verify import VerifyCommand
 from .commands.repair import RepairCommand
+from .commands.audit import AuditCommand
+from .commands.federated import FederatedCommand
+from .commands.resolve import ResolveCommand
+from .commands.prove import ProveCommand
+from .commands.gc import GcCommand
 
 
 # List of available commands
@@ -100,6 +105,11 @@ COMMANDS = [
     ResurrectCommand,
     VerifyCommand,
     RepairCommand,
+    AuditCommand,
+    FederatedCommand,
+    ResolveCommand,
+    ProveCommand,
+    GcCommand,
 ]
 
 

memvcs/commands/add.py

@@ -198,6 +198,12 @@ class AddCommand:
                 print(f"Rejected {rejected_count} file(s) - use --force to override")
             if staged_count > 0:
                 print("Run 'agmem commit -m \"message\"' to save snapshot")
+                try:
+                    from ..core.audit import append_audit
+
+                    append_audit(repo.mem_dir, "add", {"staged_count": staged_count})
+                except Exception:
+                    pass
         else:
             print("No files staged")
 

memvcs/commands/audit.py

@@ -0,0 +1,59 @@
+"""
+agmem audit - Tamper-evident audit trail.
+
+Read and verify the append-only audit log.
+"""
+
+import argparse
+
+from ..commands.base import require_repo
+from ..core.audit import read_audit, verify_audit
+
+
+class AuditCommand:
+    """Show and verify the tamper-evident audit log."""
+
+    name = "audit"
+    help = "Show and verify the tamper-evident audit log"
+
+    @staticmethod
+    def add_arguments(parser: argparse.ArgumentParser):
+        parser.add_argument(
+            "-n",
+            "--max",
+            type=int,
+            default=50,
+            metavar="N",
+            help="Show at most N entries (default 50)",
+        )
+        parser.add_argument(
+            "--verify",
+            action="store_true",
+            help="Verify the audit chain and report first tampering point",
+        )
+
+    @staticmethod
+    def execute(args) -> int:
+        repo, code = require_repo()
+        if code != 0:
+            return code
+
+        if args.verify:
+            valid, first_bad = verify_audit(repo.mem_dir)
+            if valid:
+                print("Audit log chain is valid.")
+                return 0
+            print(f"Audit log chain invalid at entry index {first_bad}.")
+            return 1
+
+        entries = read_audit(repo.mem_dir, max_entries=args.max)
+        if not entries:
+            print("No audit entries.")
+            return 0
+        for e in entries:
+            ts = e.get("timestamp", "")
+            op = e.get("operation", "")
+            details = e.get("details", {})
+            detail_str = " ".join(f"{k}={v}" for k, v in sorted(details.items()) if v is not None)
+            print(f"{ts}  {op}  {detail_str}")
+        return 0

memvcs/commands/clone.py

@@ -90,5 +90,12 @@ class CloneCommand:
         }
         config_file.write_text(json.dumps(config, indent=2))
 
+        # Copy remote's public key to .mem/keys/remotes/origin.pub for trust store
+        remote_keys = remote_mem / "keys" / "public.pem"
+        if remote_keys.exists():
+            keys_remotes = target / ".mem" / "keys" / "remotes"
+            keys_remotes.mkdir(parents=True, exist_ok=True)
+            shutil.copy2(remote_keys, keys_remotes / "origin.pub")
+
         print(f"Cloned into {target}")
         return 0

memvcs/commands/daemon.py

@@ -203,10 +203,55 @@ class DaemonCommand:
         signal.signal(signal.SIGTERM, signal_handler)
         signal.signal(signal.SIGINT, signal_handler)
 
+        # Health monitoring: periodic integrity check (configurable interval)
+        last_health_check = 0
+        health_check_interval = 3600  # default 1 hour
+        try:
+            from ..core.config_loader import load_agmem_config
+            config = load_agmem_config(repo.root)
+            daemon_cfg = config.get("daemon") or {}
+            health_check_interval = int(daemon_cfg.get("health_check_interval_seconds", 3600))
+            if health_check_interval <= 0:
+                health_check_interval = 0
+        except Exception:
+            pass
+        env_interval = os.environ.get("AGMEM_DAEMON_HEALTH_INTERVAL")
+        if env_interval is not None:
+            try:
+                health_check_interval = int(env_interval)
+            except ValueError:
+                pass
+
         try:
             while running:
                 time.sleep(1)
 
+                # Periodic health check (Merkle/signature, optional). Alert only; no destructive action.
+                if (
+                    health_check_interval
+                    and (time.time() - last_health_check) >= health_check_interval
+                ):
+                    try:
+                        from ..core.crypto_verify import verify_commit, load_public_key
+
+                        head = repo.refs.get_branch_commit(
+                            repo.refs.get_current_branch() or "main"
+                        ) or (repo.refs.get_head() or {}).get("value")
+                        if head:
+                            ok, err = verify_commit(
+                                repo.object_store,
+                                head,
+                                load_public_key(repo.mem_dir),
+                                mem_dir=repo.mem_dir,
+                            )
+                            if not ok and err:
+                                sys.stderr.write(f"Health check: {err}\n")
+                                if "tampered" in (err or "").lower():
+                                    sys.stderr.write("Run 'agmem fsck' for safe integrity check.\n")
+                    except Exception:
+                        pass
+                    last_health_check = time.time()
+
                 if handler.pending:
                     elapsed = time.time() - handler.last_change
                     if elapsed >= debounce:

memvcs/commands/distill.py

@@ -41,6 +41,11 @@ class DistillCommand:
             action="store_true",
             help="Do not create safety branch",
         )
+        parser.add_argument(
+            "--private",
+            action="store_true",
+            help="Use differential privacy (spend epsilon from budget)",
+        )
 
     @staticmethod
     def execute(args) -> int:
@@ -48,10 +53,29 @@ class DistillCommand:
         if code != 0:
             return code
 
+        use_dp = getattr(args, "private", False)
+        dp_epsilon = None
+        dp_delta = None
+        if use_dp:
+            from ..core.privacy_budget import load_budget, spend_epsilon
+
+            spent, max_eps, delta = load_budget(repo.mem_dir)
+            epsilon_cost = 0.1
+            if not spend_epsilon(repo.mem_dir, epsilon_cost):
+                print(f"Privacy budget exceeded (spent {spent:.2f}, max {max_eps}).")
+                return 1
+            if spent + epsilon_cost > max_eps * 0.8:
+                print(f"Privacy budget low: {spent + epsilon_cost:.2f}/{max_eps}")
+            dp_epsilon = 0.05
+            dp_delta = delta
+
         config = DistillerConfig(
             source_dir=args.source,
             target_dir=args.target,
             create_safety_branch=not args.no_branch,
+            use_dp=use_dp,
+            dp_epsilon=dp_epsilon,
+            dp_delta=dp_delta,
         )
         distiller = Distiller(repo, config)