Skip to main content
Track changes across the Mnemom ecosystem — protocols, SDKs, infrastructure, and tooling.

AAP 0.5.0 — Version Alignment & Trust Edges

March 2026 Ecosystem-wide version alignment. The aap_version field now defaults to "0.5.0" across all SDKs, schemas, fixtures, and examples. This release also introduces YAML policy authoring and the Trust Edges API.
  • Version alignment: aap_version default bumped from "0.1.0" to "0.5.0" across all Mnemom packages
  • YAML policy support: The API now accepts policies in text/yaml and application/yaml content types alongside JSON
  • Trust Edges API: GET/POST/DELETE /v1/agents/:id/trust-edges for declaring explicit trust relationships between agents
  • Fixture consistency: Test fixture version inconsistencies resolved ("1.0""0.5.0") across smoltbot observer/gateway
  • Backward compatible: Existing cards with aap_version: "0.1.0" continue to work without modification
  • Upgrading to 0.5.0 — Migration Guide

Card Lifecycle & Policy Intelligence — CLPI

February 2026 Mnemom becomes a policy-driven governance platform. A 5-phase overhaul that transforms alignment cards into lifecycle-managed artifacts with policy enforcement, trust recovery, and on-chain anchoring. Root cause: configuration drift (new tools added without updating alignment cards) caused false violations and unfair trust score declines. CLPI fixes this by distinguishing card gaps from behavioral gaps and enabling trust recovery.

Phase 1: Policy Engine

  • Policy DSL: YAML-based governance rules with capability_mappings (glob patterns bridging tools to card categories), forbidden rules, escalation_triggers, and configurable defaults
  • Three evaluation contexts: CI/CD static validation, gateway live enforcement, observer post-action analysis
  • Enforcement modes: warn (log only), enforce (block with 403), off — controlled independently from alignment enforcement via X-Policy-Verdict header
  • Grace period: 24-hour default window for newly discovered tools before they become violations
  • Policy CLI: smoltbot policy init|validate|publish|list|test|evaluate subcommands with CI-friendly exit codes
  • Policy merge: Org-level + agent-level policies merge with union semantics for mappings and floor semantics for defaults

Phase 2: Card Lifecycle & Trust Recovery

  • Card amendments: Tracked changes with version history and diffs — cards are now lifecycle-managed artifacts
  • Violation reclassification: Distinguish card_gap (configuration error) from behavior_gap (genuine misbehavior) — reclassified card_gap violations are excluded from compliance and drift scoring
  • Score recomputation: Automatic trust score recovery after reclassification with trust graph propagation (BFS, depth 3, max 50 agents, 0.85/hop decay)
  • Compliance export: Full audit trail of violations, reclassifications, card amendments, and score history
  • Reclassification API: 5 endpoints for reclassify, recompute, export, and history

Phase 3: Intelligence Layer

  • Fault line analysis: Identify value conflicts and capability gaps across teams with classification (resolvable, priority mismatch, incompatible) and severity scoring
  • Risk forecasting: Predict failure modes (escalation conflicts, capability gaps, coordination deadlocks, trust erosion) with probability and severity estimates
  • Policy recommendations: LLM-powered policy generation from team analysis with confidence scores and reasoning chains
  • Transaction guardrails: 3-layer policy merge (org + team + transaction) with intersection semantics for capability mappings

Phase 4: On-Chain Verification

  • ERC-8004 Reputation Registry: Smart contracts on Base L2 for immutable reputation anchoring
  • MnemoReputationRegistry: Publish individual and batch scores (max 200/batch) with metadata hashes
  • MnemoMerkleAnchor: Anchor Merkle roots for tamper-evident verification
  • On-Chain API: 5 endpoints for anchoring roots, publishing scores, verification, and history

Phase 5: Observability

  • Policy OTel spans: policy.evaluate span with verdict, violations, and duration attributes
  • Reclassification OTel spans: reclassification.process span with before/after scores and amendment tracking
  • Policy-aware drift detection: Distinguishes policy gaps from genuine misalignment in drift analysis
New documentation:

Team Reputation & Risk Scoring (E-25)

February 2026 Teams become first-class meta-agents. Persistent team identity, team alignment cards, accumulated team reputation with a 5-component scoring model, embeddable team badges, roster management with audit trails, ZK proofs for team reputation, and 9 new webhook events.
  • Team CRUD: Create, manage, and archive teams of 2-50 agents with persistent identity and organizational scope
  • Team alignment cards: Auto-derived from member cards (union of values, bounded actions, forbidden actions, escalation triggers) or manually curated — with full version history
  • Team reputation scoring: 5-component model (coherence history 35%, member quality 25%, operational record 20%, structural stability 10%, assessment density 10%) on the same AAA–NR scale
  • Team badges: Embeddable SVG badges at /v1/teams/{id}/badge.svg with all 4 variants (score, score_tier, score_trend, compact)
  • Roster management: Add/remove members with full audit trail and roster history endpoint
  • ZK proofs: Team reputation scores are cryptographically provable via SP1 STARK proofs, chaining individual proof attestations
  • 9 webhook events: team.created, team.archived, team.member_added, team.member_removed, team.card_updated, team_reputation.score_changed, team_reputation.grade_changed, quota.team_reputation_exceeded, quota.team_reputation_warning
  • Billing: Team plan includes 200 team reputation computations/mo ($0.005/ea overage); Enterprise unlimited
  • Team Management Guide
  • Team Reputation
  • Teams API

Mnemom Trust Rating — Public Surfaces & Viral Distribution (E-07)

February 2026 Trust scores escape the dashboard. Public reputation pages, embeddable badges, a verification endpoint with cryptographic proof chains, an A2A trust extension for inter-agent reputation sharing, a GitHub Action for CI/CD gates, and SDK reputation methods across TypeScript and Python.
  • Public reputation pages: Every agent with a published score gets a public page at /agents/{agent_id}/reputation with full component breakdown, trend chart, and cryptographic verification link
  • Trust Directory: Searchable directory of all publicly rated agents at /trust-directory — filter by grade, confidence, trend, and sort by score or checkpoints
  • Badge ecosystem: New score_tier badge variant displays [ Mnemom Trust | 782 Established ]; agents with no reputation record display a “Not Rated” badge instead of a broken image
  • Verification endpoint: GET /v1/reputation/{agent_id}/verify returns a cryptographic proof chain (certificate hash, Merkle root, hash chain validation) for independent score verification
  • A2A trust extension: a2a_trust_extension field added to the reputation response, providing a pre-built trust block for A2A Agent Cards with live score, grade, and verified URLs
  • GitHub Action: mnemom/reputation-check@v1 gates CI/CD pipelines on minimum reputation scores — fail builds when agent scores drop below a configurable threshold
  • SDK reputation methods: TypeScript getReputation(), createReputationGate(), getA2AReputationExtension(); Python get_reputation(), ReputationGate
  • Webhook events: reputation.score_changed fires when score changes by more than 10 points; reputation.grade_changed fires on letter grade transitions
  • Trust Rating API
  • Embeddable Badges
  • Understanding Trust Ratings

GPU-Accelerated Proving (Fly.io CPU to Modal H100 GPU)

February 2026 Proving latency reduced from ~270 seconds to ~700ms — a 400x speedup. Migrated the ZK prover from Fly.io (4-core CPU, SP1 cpu mode) to Modal (NVIDIA H100 GPU, SP1 cuda mode). Per-proof cost dropped from ~0.005to 0.005 to ~0.001 with per-second GPU billing that scales to zero.
  • Infrastructure: Fly.io performance VMs replaced by Modal serverless H100 GPUs
  • Proving mode: SP1_PROVER=cpu (270s avg) to SP1_PROVER=cuda (700ms avg)
  • Benchmarks: clear 710ms, boundary_violation 721ms, review_needed 690ms (warm GPU: 673ms)
  • Receipt size: ~2.7 MB (real SP1 STARK proof)
  • Cost: ~0.001/proof(ModalH100at 0.001/proof (Modal H100 at ~0.001/sec, ~0.7s per proof)
  • Cold start: 60-120s for SP1 prover initialization; warm requests sub-second
  • Verifiable Verdicts

Self-Healing ZK Proof Pipeline

February 2026 Proof inputs are now persisted and the retry loop actually proves. Three interacting bugs caused the ZK proof pipeline to silently stop generating proofs: Fly.io auto-stopped prover machines despite configuration, the retry loop was a no-op that logged warnings but never called the prover, and the gateway’s fire-and-forget pattern lost proof inputs when the prover was unavailable.
  • Proof input persistence: Gateway now stores analysis_json, thinking_hash, card_hash, values_hash, and model in verdict_proofs on INSERT
  • Self-healing retry loop: Prover fetches stored inputs from DB and spawns prove_verdict_derivation() directly — no longer depends on the original HTTP request
  • Auto-stop prevention: Retry loop self-pings /health every 30s to maintain HTTP activity; machine-level autostop=off set on both prover machines
  • Orphan cleanup: All pre-fix pending proofs marked as permanently failed (inputs were never persisted)
  • Updated get_pending_proofs(): Returns input columns, filters out rows without stored inputs
  • Verifiable Verdicts — Proof Input Persistence

N-Way Fleet Coherence (E-05)

February 2026 Fleet-level value coherence analysis — extend pairwise coherence checks to true N-agent fleet analysis with aggregate scoring, outlier detection, cluster analysis, and divergence reporting.
  • Fleet Score: Mean of all C(n,2) pairwise coherence scores with weakest-link identification
  • Outlier Detection: Statistical detection of agents >1σ below fleet mean, with primary conflict identification
  • Cluster Analysis: Connected-component grouping of compatible agents with shared/distinguishing values
  • Divergence Report: Per-value analysis showing which agents declare, miss, or conflict on each value
  • Enterprise API: GET /v1/orgs/:org_id/coherence with 5-minute caching
  • Showcase: Live interactive fleet coherence panel on /showcase
  • SDK: checkFleetCoherence() in TypeScript and check_fleet_coherence() in Python
  • Fleet Coherence Docs

Admin Impersonate Mode (E-03)

February 2026 See exactly what your customer sees. Enterprise support can now view the real dashboard from any customer’s perspective — read-only, fully audit-logged, with automatic 1-hour expiry.
  • Session-based impersonation: Token-based approach avoids JWT forgery; admin’s own JWT stays the auth credential
  • 3 API endpoints: POST /impersonate (start), GET /impersonation/:id (status), POST /impersonation/:id/end (exit)
  • Read-only enforcement: Centralized write guard rejects all POST/PUT/PATCH/DELETE during active session
  • Full audit trail: Session start/end logged to admin_audit_log, per-page visits tracked
  • No nesting: Cannot impersonate admin users
  • Dashboard integration: Amber “Viewing as” banner with Exit button, all data resolves to target user
  • Security: sessionStorage (clears on tab close), API keys already masked, payment details already last-4
  • Admin Impersonate Mode guide

Custom Conscience Values (E-02)

February 2026 Per-org alignment policies injected into the AIP conscience prompt. Enterprise orgs can now define custom conscience values — “patient safety > efficiency” for healthcare, “never recommend regulatory risk” for fintech — that apply to every agent integrity check.
  • 7 API endpoints: CRUD, reorder, mode control, and audit log under /v1/orgs/:org_id/conscience-values
  • Layered value resolution: Base defaults + org values + per-agent values, with augment (additive) and replace modes
  • 5 value types: BOUNDARY, FEAR, COMMITMENT, BELIEF, HOPE with advisory/mandatory severity
  • Full audit trail: Every create, update, delete, and mode change logged with actor and diffs
  • Observer + Gateway integration: Org values resolved via RPC with 5-min KV cache, fail-open
  • Analyze API integration: Layered resolution applies to hybrid analysis path
  • Webhook event: conscience.values_updated fires on all mutations
  • Dashboard UI: Manage values, toggle mode, view audit log from org settings
  • Feature-gated: Enterprise plan only via custom_conscience_values flag
  • Conscience Values guide

Agent Containment Engine

February 2026 Kill-switch for rogue agents. Enterprise teams can now pause, kill, and resume agents in real-time through the API and dashboard.
  • Containment API: POST /pause, /resume, /kill, /reactivate endpoints under org agent routes
  • Gateway enforcement: Contained agents receive HTTP 403 with structured containment_error response
  • Auto-containment: Configure automatic pause after N consecutive boundary violations
  • Webhook events: agent.paused, agent.resumed, agent.killed events for SIEM integration
  • Audit log: Every containment action recorded with actor, reason, and state transition
  • RBAC: Kill/reactivate restricted to owners; pause/resume available to admins

February 2026

Phase 12: Verifiable Integrity — Cryptographic Proof Layer

Every AIP verdict can now be independently verified through a four-layer cryptographic attestation stack. Agents produce IntegrityCertificates that bundle Ed25519 signatures, hash chain proofs, Merkle inclusion proofs, and optional SP1 zero-knowledge proofs into a single portable artifact.
  • Ed25519 checkpoint signing with key rotation and public key registry
  • Hash chain integrity linking consecutive verdicts into a tamper-evident sequence
  • Merkle tree certificates enabling compact inclusion proofs for any checkpoint
  • Zero-knowledge proofs (SP1 STARK) for verdict derivation verification
  • 7 new verification API endpoints (/v1/verify, /v1/keys, certificate, proof, and Merkle endpoints)
  • Client-side WASM verifier for offline, trustless verification
  • Optimistic proving strategy: 10% stochastic + all boundary violations
  • Certificates specification
  • Verifiable Verdicts specification

AAP v0.1.0 — Initial Specification Release

The Agent Alignment Protocol specification is now public. AAP provides post-hoc verification infrastructure for autonomous agents: Alignment Cards declare an agent’s alignment posture, AP-Traces create auditable decision records, and Value Coherence Handshakes verify compatibility before multi-agent coordination.
  • Full specification with JSON schemas
  • Python SDK (pip install agent-alignment-proto) and TypeScript SDK (npm install @mnemom/agent-alignment-protocol)
  • 242 tests (Python), 199 tests (TypeScript), 92 schema validation tests

AIP v0.1.5 — Initial Specification with Provider Adapters

The Agent Integrity Protocol specification ships with built-in support for analyzing thinking blocks from multiple LLM providers. AIP provides real-time assurance by analyzing agent reasoning between turns, before actions execute.
  • Provider adapters for Anthropic, OpenAI, and Google Gemini
  • Conscience prompt system with configurable evaluation criteria
  • Session windowing and integrity drift detection
  • Python SDK (pip install agent-integrity-proto) and TypeScript SDK (npm install @mnemom/agent-integrity-protocol)

Smoltbot v1.0 — Public Launch

Mnemom’s AI gateway and CLI tool for zero-configuration agent transparency infrastructure.
  • Cloudflare Workers-based gateway with automatic agent identification
  • Observer Worker for AP-Trace generation and AAP verification
  • AIP Engine for real-time thinking block analysis
  • CLI: smoltbot init --provider anthropic for full-stack setup
  • API key hashing (never stored in plaintext), raw log deletion within 60 seconds

aip-otel-exporter v0.1.0 — OpenTelemetry Integration

OpenTelemetry exporter for AIP and AAP telemetry, enabling agent integrity signals in any OTel-compatible observability platform.
  • TypeScript package: @mnemom/aip-otel-exporter
  • Python package: aip-otel-exporter
  • GenAI semantic convention span attributes for integrity verdicts, verification results, and drift alerts
  • Compatible with Datadog, Grafana, Splunk, Arize, Langfuse, and any OTel collector

Mnemom Dashboard — Web Console

The Mnemom Dashboard provides a web interface for managing agents, viewing traces, and monitoring integrity scores.
  • Agent management with Alignment Card creation and rotation
  • Trace viewer with filtering by session, verdict, and time range
  • Integrity score dashboard with real-time and historical drift visualization
  • Team management and role-based access control

Phase 1: Analytics and Intelligence

Enterprise features for organizations deploying agents at scale.
  • Enterprise billing with usage-based pricing and license keys
  • SSO/SAML authentication via Supabase Auth
  • Admin customer detail views and usage analytics
  • Daily usage rollup and billing reconciliation
For detailed changelogs, see the individual repository release pages. Each SDK and tool maintains its own CHANGELOG.md with granular version history.
GitHub: github.com/mnemom — Browse all repositories for release notes, issues, and discussions.