agmem 0.1.3__tar.gz → 0.1.5__tar.gz

{agmem-0.1.3/agmem.egg-info → agmem-0.1.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: agmem
-Version: 0.1.3
+Version: 0.1.5
 Summary: Agentic Memory Version Control System - Git for AI agent memories
 Home-page: https://github.com/vivek-tiwari-vt/agmem
 Author: agmem Team
@@ -33,6 +33,7 @@ Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
 Requires-Dist: black==24.10.0; extra == "dev"
 Requires-Dist: flake8>=5.0.0; extra == "dev"
 Requires-Dist: mypy>=1.0.0; extra == "dev"
+Requires-Dist: bandit[toml]>=1.7.0; extra == "dev"
 Provides-Extra: llm
 Requires-Dist: openai>=1.0.0; extra == "llm"
 Requires-Dist: anthropic>=0.18.0; extra == "llm"
@@ -68,6 +69,8 @@ Provides-Extra: crypto
 Requires-Dist: cryptography>=41.0.0; extra == "crypto"
 Provides-Extra: ipfs
 Requires-Dist: requests>=2.28.0; extra == "ipfs"
+Provides-Extra: ipfs-daemon
+Requires-Dist: ipfshttpclient>=0.8.0; extra == "ipfs-daemon"
 Provides-Extra: all
 Requires-Dist: mcp>=1.0.0; extra == "all"
 Requires-Dist: cryptography>=41.0.0; extra == "all"
@@ -129,12 +132,12 @@ agmem solves all of these problems with a familiar Git-like interface.
 - ✅ **Tamper-evident audit trail** — Append-only hash-chained log (init, add, commit, checkout, merge, push, pull, config); `agmem audit` and `agmem audit --verify`
 - ✅ **Multi-agent trust** — Trust store (full / conditional / untrusted) per public key; applied on pull/merge; clone copies remote keys
 - ✅ **Conflict resolution** — `agmem resolve` with ours/theirs/both; conflicts persisted in `.mem/merge/`; path-safe
-- ✅ **Differential privacy** — Epsilon/delta budget in `.mem/privacy_budget.json`; `--private` on `agmem distill` and `agmem garden` when enabled
-- ✅ **Pack files & GC** — `agmem gc` (reachable from refs, prune loose, optional repack); pack format and index in core
+- ✅ **Differential privacy** — Epsilon/delta budget in `.mem/privacy_budget.json`; `--private` on `agmem distill` and `agmem garden`; noise applied to counts and frontmatter
+- ✅ **Pack files & GC** — `agmem gc [--repack]` (reachable from refs, prune loose, optional pack file + index); ObjectStore reads from pack when loose missing
 - ✅ **Multi-provider LLM** — OpenAI and Anthropic via `memvcs.core.llm`; config/repo or env; used by gardener, distiller, consistency, merge
 - ✅ **Temporal querying** — Point-in-time and range queries in temporal index; frontmatter timestamps
-- ✅ **Federated collaboration** — `agmem federated push|pull` (stub) for coordinator-based summary sharing
-- ✅ **Zero-knowledge proofs** — `agmem prove` (stub) for keyword containment and memory freshness
+- ✅ **Federated collaboration** — `agmem federated push|pull`; real summaries (topic counts, fact hashes); optional DP on outbound; coordinator API in docs/FEDERATED.md
+- ✅ **Zero-knowledge proofs** — `agmem prove` (hash/signature-based): keyword containment (Merkle set membership), memory freshness (signed timestamp)
 - ✅ **Daemon health** — Periodic Merkle verification in daemon loop; safe auto-remediation hooks
 - ✅ **GPU acceleration** — Vector store detects GPU for embedding model when available
 - ✅ **Optional** — `serve`, `daemon` (watch + auto-commit), `garden` (episode archival), MCP server; install extras as needed
@@ -264,9 +267,9 @@ All commands are listed below. Highlights: **`agmem blame <file>`** (who changed
 | `agmem verify [ref]` | Belief consistency (contradictions); use `--crypto` to verify commit Merkle/signature |
 | `agmem audit [--verify] [--max n]` | Show tamper-evident audit log; `--verify` checks hash chain |
 | `agmem resolve [path]` | Resolve merge conflicts (ours/theirs/both); path under `current/` |
-| `agmem gc [--dry-run] [--prune-days n]` | Garbage collection: delete unreachable loose objects; optional repack |
-| `agmem prove --memory <path> --property keyword\|freshness --value <v> [-o out]` | Generate ZK proofs (stub) |
-| `agmem federated push\|pull` | Federated collaboration (stub; requires coordinator in config) |
+| `agmem gc [--dry-run] [--repack] [--prune-days n]` | Garbage collection: delete unreachable loose objects; optional pack file creation |
+| `agmem prove --memory <path> --property keyword\|freshness --value <v> [-o out]` | Generate ZK proofs (keyword: Merkle set membership; freshness: signed timestamp) |
+| `agmem federated push\|pull` | Federated collaboration (real summaries, optional DP; requires coordinator in config) |
 
 ### Optional (install extras)
 
@@ -370,26 +373,26 @@ The following 18 capabilities are implemented (or stubbed) per the agmem feature
 
 | # | Feature | Description |
 |---|---------|-------------|
-| **9** | **Decentralized storage (IPFS)** | Push/pull via IPFS CIDs; pinning and gateway fallback. Stub in `memvcs.core.ipfs_remote`; optional dependency. |
-| **10** | **Pack files and garbage collection** | Pack loose objects into pack file + index; GC deletes unreachable objects. **Command:** `agmem gc [--dry-run] [--prune-days n]`. Config: `gc_prune_days` (default 90). |
-| **11** | **Enhanced cloud remote operations** | Push conflict detection: non–fast-forward push rejected with a clear message. S3/GCS remotes and distributed locking in storage layer. |
+| **9** | **Decentralized storage (IPFS)** | Push/pull via gateway (POST /api/v0/add, GET /ipfs/<cid>). Bundle/unbundle in `memvcs.core.ipfs_remote`; optional `agmem[ipfs]`. |
+| **10** | **Pack files and garbage collection** | Pack loose objects into pack file + index; GC deletes unreachable; ObjectStore reads from pack. **Command:** `agmem gc [--dry-run] [--repack] [--prune-days n]`. |
+| **11** | **Enhanced cloud remote operations** | Push conflict detection; S3/GCS remotes with distributed locking (acquire before push/fetch, release in finally). Config: `lock_table` for S3. |
 
 ### Tier 5 — Intelligence and retrieval
 
 | # | Feature | Description |
 |---|---------|-------------|
 | **12** | **Multi-provider LLM** | `memvcs.core.llm`: OpenAI and Anthropic; factory by config or env. Used by gardener, distiller, consistency checker, merge. Credentials via env (e.g. `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`). |
-| **13** | **Enhanced semantic compression** | Multi-stage pipeline (chunk → fact extraction → dedup → embed → tiered storage); hybrid retrieval. Docstrings and design in distiller/vector store. |
-| **14** | **Temporal querying and time-travel** | Point-in-time and range queries in `memvcs.core.temporal_index`; frontmatter timestamps; “state at T” resolution. |
-| **15** | **Cross-memory relationship graph** | Knowledge graph extended with co-occurrence, semantic similarity, causal and entity edges; incremental updates. Docstrings in `knowledge_graph.py`. |
+| **13** | **Enhanced semantic compression** | Multi-stage pipeline in `memvcs.core.compression_pipeline`: chunk, fact extraction, dedup by hash; hybrid retrieval in strategies. |
+| **14** | **Temporal querying and time-travel** | Point-in-time and range in `memvcs.core.temporal_index`; CLI: `agmem when --from/--to`, `agmem timeline --from/--to`. |
+| **15** | **Cross-memory relationship graph** | Knowledge graph: co-occurrence, causal edges; incremental-update docstring in `knowledge_graph.py`. |
 
 ### Tier 6 — Operations and maintenance
 
 | # | Feature | Description |
 |---|---------|-------------|
-| **16** | **Automated memory health monitoring** | Daemon runs periodic Merkle verification; safe auto-remediation hooks; unsafe actions alert only. |
-| **17** | **GPU-accelerated operations** | Vector store detects GPU for embedding model (e.g. sentence-transformers with CUDA/Metal); transparent CPU fallback. |
-| **18** | **Test suite and quality** | Broad tests: object store, merge, crypto (Merkle, proofs, verify), trust, privacy budget, pack/GC, resolve helpers, encryption, LLM provider; CI with coverage. |
+| **16** | **Automated memory health monitoring** | Daemon: configurable `daemon.health_check_interval_seconds` and `AGMEM_DAEMON_HEALTH_INTERVAL`; alert only on verify failure; suggest `agmem fsck`. |
+| **17** | **GPU-accelerated operations** | Vector store `_device()` returns cuda/mps/cpu; model loaded with that device. |
+| **18** | **Test suite and quality** | Tests: crypto (tampered blob, key missing), encryption (wrong key, corrupted ciphertext), privacy budget, pack/GC, ZK prove/verify, federated mock, IPFS bundle; see docs/TEST_REPORT.md. |
 
 ### New files and config (summary)
 
@@ -399,7 +402,10 @@ The following 18 capabilities are implemented (or stubbed) per the agmem feature
 | `memvcs/core/audit.py` | Tamper-evident audit append and verify |
 | `memvcs/core/trust.py` | Trust store (key → level) |
 | `memvcs/core/privacy_budget.py` | Epsilon/delta budget for DP |
-| `memvcs/core/pack.py` | Pack format, index, GC |
+| `memvcs/core/pack.py` | Pack format, index, GC, repack |
+| `memvcs/core/compression_pipeline.py` | Chunk, fact extraction, dedup; hybrid retrieval |
+| `memvcs/core/zk_proofs.py` | Hash/signature-based proofs (keyword, freshness) |
+| `docs/FEDERATED.md` | Coordinator API for federated push/pull |
 | `memvcs/core/encryption.py` | AES-256-GCM, Argon2id, config |
 | `memvcs/core/llm/` | LLM provider interface and OpenAI/Anthropic |
 | `memvcs/core/zk_proofs.py` | ZK proof stubs |

{agmem-0.1.3 → agmem-0.1.5}/README.md

@@ -37,12 +37,12 @@ agmem solves all of these problems with a familiar Git-like interface.
 - ✅ **Tamper-evident audit trail** — Append-only hash-chained log (init, add, commit, checkout, merge, push, pull, config); `agmem audit` and `agmem audit --verify`
 - ✅ **Multi-agent trust** — Trust store (full / conditional / untrusted) per public key; applied on pull/merge; clone copies remote keys
 - ✅ **Conflict resolution** — `agmem resolve` with ours/theirs/both; conflicts persisted in `.mem/merge/`; path-safe
-- ✅ **Differential privacy** — Epsilon/delta budget in `.mem/privacy_budget.json`; `--private` on `agmem distill` and `agmem garden` when enabled
-- ✅ **Pack files & GC** — `agmem gc` (reachable from refs, prune loose, optional repack); pack format and index in core
+- ✅ **Differential privacy** — Epsilon/delta budget in `.mem/privacy_budget.json`; `--private` on `agmem distill` and `agmem garden`; noise applied to counts and frontmatter
+- ✅ **Pack files & GC** — `agmem gc [--repack]` (reachable from refs, prune loose, optional pack file + index); ObjectStore reads from pack when loose missing
 - ✅ **Multi-provider LLM** — OpenAI and Anthropic via `memvcs.core.llm`; config/repo or env; used by gardener, distiller, consistency, merge
 - ✅ **Temporal querying** — Point-in-time and range queries in temporal index; frontmatter timestamps
-- ✅ **Federated collaboration** — `agmem federated push|pull` (stub) for coordinator-based summary sharing
-- ✅ **Zero-knowledge proofs** — `agmem prove` (stub) for keyword containment and memory freshness
+- ✅ **Federated collaboration** — `agmem federated push|pull`; real summaries (topic counts, fact hashes); optional DP on outbound; coordinator API in docs/FEDERATED.md
+- ✅ **Zero-knowledge proofs** — `agmem prove` (hash/signature-based): keyword containment (Merkle set membership), memory freshness (signed timestamp)
 - ✅ **Daemon health** — Periodic Merkle verification in daemon loop; safe auto-remediation hooks
 - ✅ **GPU acceleration** — Vector store detects GPU for embedding model when available
 - ✅ **Optional** — `serve`, `daemon` (watch + auto-commit), `garden` (episode archival), MCP server; install extras as needed
@@ -172,9 +172,9 @@ All commands are listed below. Highlights: **`agmem blame <file>`** (who changed
 | `agmem verify [ref]` | Belief consistency (contradictions); use `--crypto` to verify commit Merkle/signature |
 | `agmem audit [--verify] [--max n]` | Show tamper-evident audit log; `--verify` checks hash chain |
 | `agmem resolve [path]` | Resolve merge conflicts (ours/theirs/both); path under `current/` |
-| `agmem gc [--dry-run] [--prune-days n]` | Garbage collection: delete unreachable loose objects; optional repack |
-| `agmem prove --memory <path> --property keyword\|freshness --value <v> [-o out]` | Generate ZK proofs (stub) |
-| `agmem federated push\|pull` | Federated collaboration (stub; requires coordinator in config) |
+| `agmem gc [--dry-run] [--repack] [--prune-days n]` | Garbage collection: delete unreachable loose objects; optional pack file creation |
+| `agmem prove --memory <path> --property keyword\|freshness --value <v> [-o out]` | Generate ZK proofs (keyword: Merkle set membership; freshness: signed timestamp) |
+| `agmem federated push\|pull` | Federated collaboration (real summaries, optional DP; requires coordinator in config) |
 
 ### Optional (install extras)
 
@@ -278,26 +278,26 @@ The following 18 capabilities are implemented (or stubbed) per the agmem feature
 
 | # | Feature | Description |
 |---|---------|-------------|
-| **9** | **Decentralized storage (IPFS)** | Push/pull via IPFS CIDs; pinning and gateway fallback. Stub in `memvcs.core.ipfs_remote`; optional dependency. |
-| **10** | **Pack files and garbage collection** | Pack loose objects into pack file + index; GC deletes unreachable objects. **Command:** `agmem gc [--dry-run] [--prune-days n]`. Config: `gc_prune_days` (default 90). |
-| **11** | **Enhanced cloud remote operations** | Push conflict detection: non–fast-forward push rejected with a clear message. S3/GCS remotes and distributed locking in storage layer. |
+| **9** | **Decentralized storage (IPFS)** | Push/pull via gateway (POST /api/v0/add, GET /ipfs/<cid>). Bundle/unbundle in `memvcs.core.ipfs_remote`; optional `agmem[ipfs]`. |
+| **10** | **Pack files and garbage collection** | Pack loose objects into pack file + index; GC deletes unreachable; ObjectStore reads from pack. **Command:** `agmem gc [--dry-run] [--repack] [--prune-days n]`. |
+| **11** | **Enhanced cloud remote operations** | Push conflict detection; S3/GCS remotes with distributed locking (acquire before push/fetch, release in finally). Config: `lock_table` for S3. |
 
 ### Tier 5 — Intelligence and retrieval
 
 | # | Feature | Description |
 |---|---------|-------------|
 | **12** | **Multi-provider LLM** | `memvcs.core.llm`: OpenAI and Anthropic; factory by config or env. Used by gardener, distiller, consistency checker, merge. Credentials via env (e.g. `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`). |
-| **13** | **Enhanced semantic compression** | Multi-stage pipeline (chunk → fact extraction → dedup → embed → tiered storage); hybrid retrieval. Docstrings and design in distiller/vector store. |
-| **14** | **Temporal querying and time-travel** | Point-in-time and range queries in `memvcs.core.temporal_index`; frontmatter timestamps; “state at T” resolution. |
-| **15** | **Cross-memory relationship graph** | Knowledge graph extended with co-occurrence, semantic similarity, causal and entity edges; incremental updates. Docstrings in `knowledge_graph.py`. |
+| **13** | **Enhanced semantic compression** | Multi-stage pipeline in `memvcs.core.compression_pipeline`: chunk, fact extraction, dedup by hash; hybrid retrieval in strategies. |
+| **14** | **Temporal querying and time-travel** | Point-in-time and range in `memvcs.core.temporal_index`; CLI: `agmem when --from/--to`, `agmem timeline --from/--to`. |
+| **15** | **Cross-memory relationship graph** | Knowledge graph: co-occurrence, causal edges; incremental-update docstring in `knowledge_graph.py`. |
 
 ### Tier 6 — Operations and maintenance
 
 | # | Feature | Description |
 |---|---------|-------------|
-| **16** | **Automated memory health monitoring** | Daemon runs periodic Merkle verification; safe auto-remediation hooks; unsafe actions alert only. |
-| **17** | **GPU-accelerated operations** | Vector store detects GPU for embedding model (e.g. sentence-transformers with CUDA/Metal); transparent CPU fallback. |
-| **18** | **Test suite and quality** | Broad tests: object store, merge, crypto (Merkle, proofs, verify), trust, privacy budget, pack/GC, resolve helpers, encryption, LLM provider; CI with coverage. |
+| **16** | **Automated memory health monitoring** | Daemon: configurable `daemon.health_check_interval_seconds` and `AGMEM_DAEMON_HEALTH_INTERVAL`; alert only on verify failure; suggest `agmem fsck`. |
+| **17** | **GPU-accelerated operations** | Vector store `_device()` returns cuda/mps/cpu; model loaded with that device. |
+| **18** | **Test suite and quality** | Tests: crypto (tampered blob, key missing), encryption (wrong key, corrupted ciphertext), privacy budget, pack/GC, ZK prove/verify, federated mock, IPFS bundle; see docs/TEST_REPORT.md. |
 
 ### New files and config (summary)
 
@@ -307,7 +307,10 @@ The following 18 capabilities are implemented (or stubbed) per the agmem feature
 | `memvcs/core/audit.py` | Tamper-evident audit append and verify |
 | `memvcs/core/trust.py` | Trust store (key → level) |
 | `memvcs/core/privacy_budget.py` | Epsilon/delta budget for DP |
-| `memvcs/core/pack.py` | Pack format, index, GC |
+| `memvcs/core/pack.py` | Pack format, index, GC, repack |
+| `memvcs/core/compression_pipeline.py` | Chunk, fact extraction, dedup; hybrid retrieval |
+| `memvcs/core/zk_proofs.py` | Hash/signature-based proofs (keyword, freshness) |
+| `docs/FEDERATED.md` | Coordinator API for federated push/pull |
 | `memvcs/core/encryption.py` | AES-256-GCM, Argon2id, config |
 | `memvcs/core/llm/` | LLM provider interface and OpenAI/Anthropic |
 | `memvcs/core/zk_proofs.py` | ZK proof stubs |

{agmem-0.1.3 → agmem-0.1.5/agmem.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: agmem
-Version: 0.1.3
+Version: 0.1.5
 Summary: Agentic Memory Version Control System - Git for AI agent memories
 Home-page: https://github.com/vivek-tiwari-vt/agmem
 Author: agmem Team
@@ -33,6 +33,7 @@ Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
 Requires-Dist: black==24.10.0; extra == "dev"
 Requires-Dist: flake8>=5.0.0; extra == "dev"
 Requires-Dist: mypy>=1.0.0; extra == "dev"
+Requires-Dist: bandit[toml]>=1.7.0; extra == "dev"
 Provides-Extra: llm
 Requires-Dist: openai>=1.0.0; extra == "llm"
 Requires-Dist: anthropic>=0.18.0; extra == "llm"
@@ -68,6 +69,8 @@ Provides-Extra: crypto
 Requires-Dist: cryptography>=41.0.0; extra == "crypto"
 Provides-Extra: ipfs
 Requires-Dist: requests>=2.28.0; extra == "ipfs"
+Provides-Extra: ipfs-daemon
+Requires-Dist: ipfshttpclient>=0.8.0; extra == "ipfs-daemon"
 Provides-Extra: all
 Requires-Dist: mcp>=1.0.0; extra == "all"
 Requires-Dist: cryptography>=41.0.0; extra == "all"
@@ -129,12 +132,12 @@ agmem solves all of these problems with a familiar Git-like interface.
 - ✅ **Tamper-evident audit trail** — Append-only hash-chained log (init, add, commit, checkout, merge, push, pull, config); `agmem audit` and `agmem audit --verify`
 - ✅ **Multi-agent trust** — Trust store (full / conditional / untrusted) per public key; applied on pull/merge; clone copies remote keys
 - ✅ **Conflict resolution** — `agmem resolve` with ours/theirs/both; conflicts persisted in `.mem/merge/`; path-safe
-- ✅ **Differential privacy** — Epsilon/delta budget in `.mem/privacy_budget.json`; `--private` on `agmem distill` and `agmem garden` when enabled
-- ✅ **Pack files & GC** — `agmem gc` (reachable from refs, prune loose, optional repack); pack format and index in core
+- ✅ **Differential privacy** — Epsilon/delta budget in `.mem/privacy_budget.json`; `--private` on `agmem distill` and `agmem garden`; noise applied to counts and frontmatter
+- ✅ **Pack files & GC** — `agmem gc [--repack]` (reachable from refs, prune loose, optional pack file + index); ObjectStore reads from pack when loose missing
 - ✅ **Multi-provider LLM** — OpenAI and Anthropic via `memvcs.core.llm`; config/repo or env; used by gardener, distiller, consistency, merge
 - ✅ **Temporal querying** — Point-in-time and range queries in temporal index; frontmatter timestamps
-- ✅ **Federated collaboration** — `agmem federated push|pull` (stub) for coordinator-based summary sharing
-- ✅ **Zero-knowledge proofs** — `agmem prove` (stub) for keyword containment and memory freshness
+- ✅ **Federated collaboration** — `agmem federated push|pull`; real summaries (topic counts, fact hashes); optional DP on outbound; coordinator API in docs/FEDERATED.md
+- ✅ **Zero-knowledge proofs** — `agmem prove` (hash/signature-based): keyword containment (Merkle set membership), memory freshness (signed timestamp)
 - ✅ **Daemon health** — Periodic Merkle verification in daemon loop; safe auto-remediation hooks
 - ✅ **GPU acceleration** — Vector store detects GPU for embedding model when available
 - ✅ **Optional** — `serve`, `daemon` (watch + auto-commit), `garden` (episode archival), MCP server; install extras as needed
@@ -264,9 +267,9 @@ All commands are listed below. Highlights: **`agmem blame <file>`** (who changed
 | `agmem verify [ref]` | Belief consistency (contradictions); use `--crypto` to verify commit Merkle/signature |
 | `agmem audit [--verify] [--max n]` | Show tamper-evident audit log; `--verify` checks hash chain |
 | `agmem resolve [path]` | Resolve merge conflicts (ours/theirs/both); path under `current/` |
-| `agmem gc [--dry-run] [--prune-days n]` | Garbage collection: delete unreachable loose objects; optional repack |
-| `agmem prove --memory <path> --property keyword\|freshness --value <v> [-o out]` | Generate ZK proofs (stub) |
-| `agmem federated push\|pull` | Federated collaboration (stub; requires coordinator in config) |
+| `agmem gc [--dry-run] [--repack] [--prune-days n]` | Garbage collection: delete unreachable loose objects; optional pack file creation |
+| `agmem prove --memory <path> --property keyword\|freshness --value <v> [-o out]` | Generate ZK proofs (keyword: Merkle set membership; freshness: signed timestamp) |
+| `agmem federated push\|pull` | Federated collaboration (real summaries, optional DP; requires coordinator in config) |
 
 ### Optional (install extras)
 
@@ -370,26 +373,26 @@ The following 18 capabilities are implemented (or stubbed) per the agmem feature
 
 | # | Feature | Description |
 |---|---------|-------------|
-| **9** | **Decentralized storage (IPFS)** | Push/pull via IPFS CIDs; pinning and gateway fallback. Stub in `memvcs.core.ipfs_remote`; optional dependency. |
-| **10** | **Pack files and garbage collection** | Pack loose objects into pack file + index; GC deletes unreachable objects. **Command:** `agmem gc [--dry-run] [--prune-days n]`. Config: `gc_prune_days` (default 90). |
-| **11** | **Enhanced cloud remote operations** | Push conflict detection: non–fast-forward push rejected with a clear message. S3/GCS remotes and distributed locking in storage layer. |
+| **9** | **Decentralized storage (IPFS)** | Push/pull via gateway (POST /api/v0/add, GET /ipfs/<cid>). Bundle/unbundle in `memvcs.core.ipfs_remote`; optional `agmem[ipfs]`. |
+| **10** | **Pack files and garbage collection** | Pack loose objects into pack file + index; GC deletes unreachable; ObjectStore reads from pack. **Command:** `agmem gc [--dry-run] [--repack] [--prune-days n]`. |
+| **11** | **Enhanced cloud remote operations** | Push conflict detection; S3/GCS remotes with distributed locking (acquire before push/fetch, release in finally). Config: `lock_table` for S3. |
 
 ### Tier 5 — Intelligence and retrieval
 
 | # | Feature | Description |
 |---|---------|-------------|
 | **12** | **Multi-provider LLM** | `memvcs.core.llm`: OpenAI and Anthropic; factory by config or env. Used by gardener, distiller, consistency checker, merge. Credentials via env (e.g. `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`). |
-| **13** | **Enhanced semantic compression** | Multi-stage pipeline (chunk → fact extraction → dedup → embed → tiered storage); hybrid retrieval. Docstrings and design in distiller/vector store. |
-| **14** | **Temporal querying and time-travel** | Point-in-time and range queries in `memvcs.core.temporal_index`; frontmatter timestamps; “state at T” resolution. |
-| **15** | **Cross-memory relationship graph** | Knowledge graph extended with co-occurrence, semantic similarity, causal and entity edges; incremental updates. Docstrings in `knowledge_graph.py`. |
+| **13** | **Enhanced semantic compression** | Multi-stage pipeline in `memvcs.core.compression_pipeline`: chunk, fact extraction, dedup by hash; hybrid retrieval in strategies. |
+| **14** | **Temporal querying and time-travel** | Point-in-time and range in `memvcs.core.temporal_index`; CLI: `agmem when --from/--to`, `agmem timeline --from/--to`. |
+| **15** | **Cross-memory relationship graph** | Knowledge graph: co-occurrence, causal edges; incremental-update docstring in `knowledge_graph.py`. |
 
 ### Tier 6 — Operations and maintenance
 
 | # | Feature | Description |
 |---|---------|-------------|
-| **16** | **Automated memory health monitoring** | Daemon runs periodic Merkle verification; safe auto-remediation hooks; unsafe actions alert only. |
-| **17** | **GPU-accelerated operations** | Vector store detects GPU for embedding model (e.g. sentence-transformers with CUDA/Metal); transparent CPU fallback. |
-| **18** | **Test suite and quality** | Broad tests: object store, merge, crypto (Merkle, proofs, verify), trust, privacy budget, pack/GC, resolve helpers, encryption, LLM provider; CI with coverage. |
+| **16** | **Automated memory health monitoring** | Daemon: configurable `daemon.health_check_interval_seconds` and `AGMEM_DAEMON_HEALTH_INTERVAL`; alert only on verify failure; suggest `agmem fsck`. |
+| **17** | **GPU-accelerated operations** | Vector store `_device()` returns cuda/mps/cpu; model loaded with that device. |
+| **18** | **Test suite and quality** | Tests: crypto (tampered blob, key missing), encryption (wrong key, corrupted ciphertext), privacy budget, pack/GC, ZK prove/verify, federated mock, IPFS bundle; see docs/TEST_REPORT.md. |
 
 ### New files and config (summary)
 
@@ -399,7 +402,10 @@ The following 18 capabilities are implemented (or stubbed) per the agmem feature
 | `memvcs/core/audit.py` | Tamper-evident audit append and verify |
 | `memvcs/core/trust.py` | Trust store (key → level) |
 | `memvcs/core/privacy_budget.py` | Epsilon/delta budget for DP |
-| `memvcs/core/pack.py` | Pack format, index, GC |
+| `memvcs/core/pack.py` | Pack format, index, GC, repack |
+| `memvcs/core/compression_pipeline.py` | Chunk, fact extraction, dedup; hybrid retrieval |
+| `memvcs/core/zk_proofs.py` | Hash/signature-based proofs (keyword, freshness) |
+| `docs/FEDERATED.md` | Coordinator API for federated push/pull |
 | `memvcs/core/encryption.py` | AES-256-GCM, Argon2id, config |
 | `memvcs/core/llm/` | LLM provider interface and OpenAI/Anthropic |
 | `memvcs/core/zk_proofs.py` | ZK proof stubs |

{agmem-0.1.3 → agmem-0.1.5}/agmem.egg-info/SOURCES.txt

@@ -11,13 +11,12 @@ agmem.egg-info/requires.txt
 agmem.egg-info/top_level.txt
 docs/AGMEM_PUBLISHING_SETUP.md
 docs/CONFIG.md
+docs/FEDERATED.md
 docs/GTM.md
 docs/KNOWLEDGE_GRAPH.md
+docs/SEQUENTIAL_VALIDATION.md
 docs/TEST_REPORT.md
 docs/aux/INSTALL.md
-docs/aux/MARKET_POSITIONING.md
-docs/aux/README.md
-docs/aux/STRESS_TEST_REPORT.md
 examples/basic_workflow.sh
 memvcs/__init__.py
 memvcs/cli.py
@@ -69,6 +68,7 @@ memvcs/commands/when.py
 memvcs/core/__init__.py
 memvcs/core/access_index.py
 memvcs/core/audit.py
+memvcs/core/compression_pipeline.py
 memvcs/core/config_loader.py
 memvcs/core/consistency.py
 memvcs/core/constants.py
@@ -127,6 +127,8 @@ tests/test_crypto_verify.py
 tests/test_decay.py
 tests/test_edge_cases.py
 tests/test_encryption.py
+tests/test_federated.py
+tests/test_ipfs_remote.py
 tests/test_llm_provider.py
 tests/test_objects.py
 tests/test_pack_gc.py
@@ -137,4 +139,5 @@ tests/test_repository.py
 tests/test_resolve_helpers.py
 tests/test_retrieval.py
 tests/test_temporal_index.py
-tests/test_trust.py
+tests/test_trust.py
+tests/test_zk_proofs.py

{agmem-0.1.3 → agmem-0.1.5}/agmem.egg-info/requires.txt

@@ -37,6 +37,7 @@ pytest-cov>=4.0.0
 black==24.10.0
 flake8>=5.0.0
 mypy>=1.0.0
+bandit[toml]>=1.7.0
 
 [distill]
 openai>=1.0.0
@@ -51,6 +52,9 @@ networkx>=3.0
 [ipfs]
 requests>=2.28.0
 
+[ipfs-daemon]
+ipfshttpclient>=0.8.0
+
 [llm]
 openai>=1.0.0
 anthropic>=0.18.0

{agmem-0.1.3 → agmem-0.1.5}/docs/CONFIG.md

@@ -27,6 +27,8 @@ cloud:
     lock_table: null          # optional DynamoDB table for distributed locks
 ```
 
+- When using **s3://** or **gs://** as a remote URL (`agmem remote add origin s3://bucket/prefix`), push and fetch **acquire a distributed lock** (DynamoDB for S3 when `lock_table` is set, or storage-based lock for GCS) before running and **release it** in a `finally` block. This prevents concurrent pushes/fetches from corrupting the remote.
+
 - Set `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` in the environment (or use `~/.aws/credentials` and omit these in config).
 - If `access_key_var` / `secret_key_var` are set, agmem resolves credentials with `os.getenv(var)` and passes them to the S3 client. If unset, boto3 uses its default credential chain.
 
@@ -44,6 +46,16 @@ cloud:
 - **credentials_json_var**: Name of an env var whose value is a JSON string (service account key). Useful for CI; never put the JSON in the config file.
 - If neither is set, GCS uses Application Default Credentials (`GOOGLE_APPLICATION_CREDENTIALS` or `gcloud auth`).
 
+### Daemon health monitoring
+
+```yaml
+daemon:
+  health_check_interval_seconds: 3600   # periodic Merkle/signature check (default 3600); 0 to disable
+```
+
+- Override via env: `AGMEM_DAEMON_HEALTH_INTERVAL` (seconds).
+- On verify failure the daemon only logs to stderr and suggests `agmem fsck`; no automatic destructive action.
+
 ### PII / hooks
 
 ```yaml

agmem-0.1.5/docs/FEDERATED.md

@@ -0,0 +1,73 @@
+# Federated collaboration
+
+Agmem can push local summaries to an external coordinator and pull merged summaries. No coordinator is shipped with the package; you run your own or use a third-party service.
+
+## Configuration
+
+In `.mem/config.json` or user config:
+
+```json
+{
+  "federated": {
+    "enabled": true,
+    "coordinator_url": "https://your-coordinator.example.com",
+    "memory_types": ["episodic", "semantic"],
+    "differential_privacy": {
+      "enabled": true,
+      "epsilon": 0.1,
+      "delta": 1e-5
+    }
+  }
+}
+```
+
+- `coordinator_url`: Base URL of the coordinator (no trailing slash).
+- `memory_types`: Which memory dirs to include in the summary.
+- `differential_privacy.enabled`: If true, numeric fields in the summary are noised before push.
+
+## Coordinator API
+
+The coordinator must expose two endpoints.
+
+### POST /push
+
+**Request**
+
+- Body: JSON object (local summary from `produce_local_summary`).
+- `Content-Type: application/json`.
+
+**Summary shape**
+
+- `memory_types`: list of strings (e.g. `["episodic", "semantic"]`).
+- `topics`: dict of memory type → integer count (file count per type; may be noised if DP enabled).
+- `topic_hashes`: dict of memory type → list of topic labels (no raw content).
+- `fact_count`: integer (total fact/file count; may be noised if DP enabled).
+
+**Response**
+
+- Status `200` or `201`: success.
+- Any other status: push is considered failed (agmem reports the status).
+
+### GET /pull
+
+**Request**
+
+- No body.
+
+**Response**
+
+- Status `200`: body is JSON (merged summary from coordinator).
+- Any other status or failure: pull returns `None` (agmem reports failure).
+
+The merged summary shape is defined by the coordinator (e.g. aggregated topic counts, list of topic labels from all agents). Agmem does not interpret it; it only prints the returned object.
+
+## Commands
+
+- `agmem federated push`: Produce local summary (with optional DP) and POST to coordinator `/push`.
+- `agmem federated pull`: GET coordinator `/pull` and print merged summary.
+
+## Security
+
+- Use HTTPS for `coordinator_url`.
+- Request timeout is 30 seconds.
+- No authentication is built in; if the coordinator requires auth, you must extend the client (e.g. custom header or token in config) or run the coordinator behind a gateway that adds auth.

agmem-0.1.5/docs/SEQUENTIAL_VALIDATION.md

@@ -0,0 +1,22 @@
+# Sequential validation (post-implementation)
+
+After completing the feature plan, validate main user flows and document gaps.
+
+## Flows to validate
+
+1. **init → add → commit → branch → merge** — Core Git-like workflow; unchanged.
+2. **push/pull** — file:// unchanged; s3:///gs:// now use storage adapter + distributed lock (acquire before, release in finally).
+3. **garden/distill with --private** — Budget checked and spent; add_noise applied to counts and frontmatter (Gardener: clusters_found, insights_generated, episodes_archived, source_episodes; Distiller: fact_count, confidence_score, clusters_processed, facts_extracted, episodes_archived).
+4. **gc/repack** — run_gc deletes unreachable loose objects; --repack runs run_repack to pack reachable loose into pack file + index, then deletes those loose; ObjectStore.retrieve reads from pack when loose missing.
+5. **prove/verify** — prove_keyword_containment (Merkle set membership) and prove_memory_freshness (signed timestamp) produce proofs; verify_proof checks them.
+6. **federated push/pull** — produce_local_summary builds topic counts and topic_hashes; optional DP noising; push_updates/pull_merged HTTP to coordinator (no in-package server).
+7. **IPFS** — push_to_ipfs bundles objects and POSTs to gateway /api/v0/add; pull_from_ipfs GETs by CID and unbundles into loose objects.
+8. **when/timeline --from/--to** — Temporal range filter via TemporalIndex.range_query; only commits in range included.
+9. **Daemon health** — health_check_interval from config or AGMEM_DAEMON_HEALTH_INTERVAL; on verify failure only stderr + suggest agmem fsck.
+
+## Known gaps / edge cases
+
+- **ZK freshness** — Requires AGMEM_SIGNING_PRIVATE_KEY (or AGMEM_SIGNING_PRIVATE_KEY_FILE) in env to produce proof; verify works with proof that embeds public_key_pem_b64.
+- **IPFS gateway** — Many public gateways are read-only; POST /api/v0/add may fail. Use a writable gateway or local IPFS daemon (ipfshttpclient) for push.
+- **Cloud remote** — Clone still uses parse_remote_url (file only); push/fetch support s3:// and gs:// with lock. Clone from s3/gs not implemented.
+- **Pack** — Single pack file per run_repack; ObjectStore reads from first .idx found in objects/pack (no multi-pack merge yet).

{agmem-0.1.3 → agmem-0.1.5}/docs/TEST_REPORT.md

@@ -76,6 +76,23 @@ This report is based on full-flow tests (`scripts/test_full_flow.py`), manual co
 | StagedFile vs dict | ✅ Fixed | Commit and PII scanner use `_get_blob_hash` / `_get_blob_hash_from_staged` so both StagedFile and dict work. |
 | diff_with_head bytes | ✅ Fixed | Tree content decoded from bytes before `json.loads`. |
 
+### 1.8 Test suite (edge cases and coverage)
+
+| Area | Status | Notes |
+|------|--------|------|
+| **Crypto** | ✅ Tests | Merkle build/verify, tampered blob fails verification, signature present but no public key. |
+| **Encryption** | ✅ Tests | Round-trip, wrong key fails, corrupted ciphertext fails. |
+| **Privacy budget** | ✅ Tests | load_budget, spend_epsilon, add_noise, Gardener/Distiller DP integration (mocked). |
+| **Pack/GC** | ✅ Tests | list_loose_objects, run_gc, write_pack, retrieve_from_pack, ObjectStore read from pack, run_repack dry-run. |
+| **ZK proofs** | ✅ Tests | prove_keyword_containment / verify_proof round-trip; keyword not in file returns False; freshness (skipped without signing key). |
+| **Federated** | ✅ Tests | produce_local_summary (topic_hashes, fact_count), DP noising; push/pull with mock coordinator. |
+| **IPFS** | ✅ Tests | parse_ipfs_url, bundle/unbundle round-trip; push/pull with mock gateway. |
+
+### Security (vulnerability check)
+
+- **Bandit**: Run `bandit -r memvcs -ll` (install with `pip install agmem[dev]` or `pip install bandit[toml]`). Fix any high/critical findings (path traversal, injection, insecure crypto).
+- **Manual**: New and modified code reviewed for: path traversal (user paths under repo/current), injection (subprocess, HTTP, config), key handling (no keys in logs), dependency versions (known CVEs).
+
 ---
 
 ## 2. What Does Not Work or Is Limited

{agmem-0.1.3 → agmem-0.1.5}/memvcs/commands/daemon.py

@@ -205,13 +205,29 @@ class DaemonCommand:
 
         # Health monitoring: periodic integrity check (configurable interval)
         last_health_check = 0
-        health_check_interval = 3600  # 1 hour
+        health_check_interval = 3600  # default 1 hour
+        try:
+            from ..core.config_loader import load_agmem_config
+
+            config = load_agmem_config(repo.root)
+            daemon_cfg = config.get("daemon") or {}
+            health_check_interval = int(daemon_cfg.get("health_check_interval_seconds", 3600))
+            if health_check_interval <= 0:
+                health_check_interval = 0
+        except Exception:
+            pass
+        env_interval = os.environ.get("AGMEM_DAEMON_HEALTH_INTERVAL")
+        if env_interval is not None:
+            try:
+                health_check_interval = int(env_interval)
+            except ValueError:
+                pass
 
         try:
             while running:
                 time.sleep(1)
 
-                # Periodic health check (Merkle/signature, optional)
+                # Periodic health check (Merkle/signature, optional). Alert only; no destructive action.
                 if (
                     health_check_interval
                     and (time.time() - last_health_check) >= health_check_interval
@@ -229,8 +245,10 @@ class DaemonCommand:
                                 load_public_key(repo.mem_dir),
                                 mem_dir=repo.mem_dir,
                             )
-                            if not ok and err and "tampered" in (err or "").lower():
+                            if not ok and err:
                                 sys.stderr.write(f"Health check: {err}\n")
+                                if "tampered" in (err or "").lower():
+                                    sys.stderr.write("Run 'agmem fsck' for safe integrity check.\n")
                     except Exception:
                         pass
                     last_health_check = time.time()

{agmem-0.1.3 → agmem-0.1.5}/memvcs/commands/distill.py

@@ -53,21 +53,29 @@ class DistillCommand:
         if code != 0:
             return code
 
-        if getattr(args, "private", False):
+        use_dp = getattr(args, "private", False)
+        dp_epsilon = None
+        dp_delta = None
+        if use_dp:
             from ..core.privacy_budget import load_budget, spend_epsilon
 
-            spent, max_eps, _ = load_budget(repo.mem_dir)
+            spent, max_eps, delta = load_budget(repo.mem_dir)
             epsilon_cost = 0.1
             if not spend_epsilon(repo.mem_dir, epsilon_cost):
                 print(f"Privacy budget exceeded (spent {spent:.2f}, max {max_eps}).")
                 return 1
             if spent + epsilon_cost > max_eps * 0.8:
                 print(f"Privacy budget low: {spent + epsilon_cost:.2f}/{max_eps}")
+            dp_epsilon = 0.05
+            dp_delta = delta
 
         config = DistillerConfig(
             source_dir=args.source,
             target_dir=args.target,
             create_safety_branch=not args.no_branch,
+            use_dp=use_dp,
+            dp_epsilon=dp_epsilon,
+            dp_delta=dp_delta,
         )
         distiller = Distiller(repo, config)
 

{agmem-0.1.3 → agmem-0.1.5}/memvcs/commands/federated.py

@@ -38,7 +38,13 @@ class FederatedCommand:
             return 1
 
         if args.action == "push":
-            summary = produce_local_summary(repo.root, cfg["memory_types"])
+            summary = produce_local_summary(
+                repo.root,
+                cfg["memory_types"],
+                use_dp=cfg.get("use_dp", False),
+                dp_epsilon=cfg.get("dp_epsilon") or 0.1,
+                dp_delta=cfg.get("dp_delta") or 1e-5,
+            )
             msg = push_updates(repo.root, summary)
             print(msg)
             return 0 if "Pushed" in msg else 1

{agmem-0.1.3 → agmem-0.1.5}/memvcs/commands/garden.py

@@ -50,14 +50,19 @@ class GardenCommand:
         if code != 0:
             return code
 
-        if getattr(args, "private", False):
+        use_dp = getattr(args, "private", False)
+        dp_epsilon = None
+        dp_delta = None
+        if use_dp:
             from ..core.privacy_budget import load_budget, spend_epsilon
 
-            spent, max_eps, _ = load_budget(repo.mem_dir)
+            spent, max_eps, delta = load_budget(repo.mem_dir)
             epsilon_cost = 0.1
             if not spend_epsilon(repo.mem_dir, epsilon_cost):
                 print(f"Privacy budget exceeded (spent {spent:.2f}, max {max_eps}).")
                 return 1
+            dp_epsilon = 0.05
+            dp_delta = delta
 
         # Build config
         config = GardenerConfig(
@@ -65,6 +70,9 @@ class GardenCommand:
             auto_commit=not args.no_commit,
             llm_provider=args.llm if args.llm != "none" else None,
             llm_model=args.model,
+            use_dp=use_dp,
+            dp_epsilon=dp_epsilon,
+            dp_delta=dp_delta,
         )
 
         # Create gardener