Home  /  Memory

🧠 Sovereign Memory Graph · moat #2

Every customer remembered. Every recall consented.

DCS Memory is the Sovereign Memory Graph — a per-customer durable memory layer with default-deny cross-product consent. Real OpenAI embeddings + pgvector; /api/memory/* for store / search / revoke / audit. Live in production today.

See the API How consent works
assistant name prefs goals tools past old facts active memory decayed · 30d+ 7 active · 1 archived
/api/memory/*

One graph, four endpoints

Store, search, revoke, audit-log. App-layer enforcement — honest about scope.

POST

/api/memory/store

Write a memory point under a customer + product scope. OpenAI embedding generated inline; the vector + the raw text + the scope live in pgvector.

POST

/api/memory/search

Vector + text hybrid search across a customer's memory, respecting cross-product consent. Returns the top-K with a consent receipt — default-deny if not granted.

POST

/api/memory/revoke

One-click GDPR Article 17 path. The data key shreds; the row disappears from search; a signed erasure_complete receipt is emitted to the R-Series chain.

GET

/api/memory/audit-log

Every store / search / consent change / revoke is logged. The log is queryable per customer and signed end-to-end — auditors get a clean trail.

Embeddings + pgvector

Real vector search, not keyword tricks.

Every memory point gets an OpenAI embedding inline and lands in pgvector. Hybrid search blends vector similarity with text-keyword matches and consent filtering — the result is "remembered the way a person would," not a brittle exact-match.

  • OpenAI text-embedding-3-large for new writes
  • pgvector with HNSW indexes for sub-50ms top-K
  • Hybrid vector + BM25 fallback for short queries
  • Per-product schema — same graph, different shape per surface
memory.tsstore + search
import { memory } from "@dcs/memory"; // store with explicit product scope await memory.store({ customer: "cus_a4e7", product: "os", text: "prefers window seat, gluten-free", tags: ["diet", "booking"], }); // search across products with consent const hits = await memory.search({ customer: "cus_a4e7", query: "any food restrictions?", scope: "platform", // must have consent grant });
3 hits · consent receipt r2:9f3c…a17
Honest scope

What Memory is and isn't

What's live: the full /api/memory/* surface (store, search, revoke, audit-log) on api.dcsai.ai; OpenAI embeddings + pgvector; per-product schema; the cross-product memory_consent table.

Honest: consent enforcement is app-layer, not a cryptographic guarantee. The gate runs in the API; a compromised backend could in principle bypass it. The R-Series signed receipt chain makes any bypass visible after the fact — auditable, not preventable.

Sovereign mode: inside a Sovereign pod the same graph runs inside your perimeter under your keys; outbound consent grants stay local; the cryptographic-erasure path through Storage applies to memory data the same way it applies to receipts.

4 endpointsstore / search / revoke / audit
pgvectorHNSW indexes · sub-50ms
Default-denyCross-product consent
Art. 17One-click erasure · signed
Moat #2Live in production
FAQ

Memory questions, answered

Is consent enforced cryptographically or app-layer?
App-layer today. The R-Series signed audit log makes any policy violation visible after the fact, but the gate itself runs in code. Cryptographic enforcement is a roadmap item.
What embedding model do you use?
OpenAI text-embedding-3-large for new writes today. The system is model-agnostic; switching providers requires a re-embed pass, which is wired up for re-runs.
How is erasure different from "delete"?
Erasure shreds the per-tenant data key; the row's bytes become mathematically unreadable; a signed erasure_complete receipt is added to the chain. A normal delete is a row removal — erasure is the GDPR Article 17 path with proof.
Can two products share memory without explicit consent?
No. The memory_consent table is default-deny on cross-product reads. Same-product reads are unaffected (Platform reading its own writes, OS reading its own).
Where does the memory live in a Sovereign pod?
Inside the pod — same Postgres + pgvector schema, same code path, no outbound calls. The OpenAI embedding step swaps to an in-pod embedding model (Qwen / Llama with an embedding head) when egress is refused.
Does Memory show up over MCP?
Yes — @dcsplatform/mcp-server exposes Memory store / search / revoke as stdio MCP tools. Drop it into Claude Desktop, Cursor or any MCP client.
Is there a per-customer audit export?
Yes — GET /api/memory/audit-log?customer=… returns the full signed log for that customer. Used for DSAR responses and internal audits alike.
Works with

The four products that read Memory

🤖

Platform

Per-customer site personalisation.
💬

OS

Conversation history + customer prefs.
🛡

Agents

Per-customer context for agent runs.
🏛

Sovereign

In-perimeter memory, no external calls.

Remember every customer. Prove every recall.

Four endpoints · cross-product consent · one-click erasure with a receipt.

See the API MCP server