ai-memory 0.7.1

AI-agnostic persistent memory system — MCP server, HTTP API, and CLI for any AI platform
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377

# @alphaone/ai-memory

TypeScript SDK for the [ai-memory](../../) HTTP API — persistent, tier-aware
memory for AI agents, built on top of the same daemon that powers the MCP
server.

> Status: `0.6.0-alpha.0`. Target server is ai-memory v0.6.0 HTTP API at
> `/api/v1/`. Some endpoints (subscriptions, notify/inbox, cluster, metrics,
> grant/revoke) target v0.6.0.0 shape and may not be merged server-side yet.

- Runtime: Node 20+ (uses `undici.fetch` — Node 20 ships undici as its
  platform `fetch`). Modern browsers work too; see [Browser usage](#browser-usage).
- License: Apache-2.0
- Repo: <https://github.com/alphaone/ai-memory>

## Install

```bash
npm install @alphaone/ai-memory
# or
pnpm add @alphaone/ai-memory
# or
yarn add @alphaone/ai-memory
```

> This SDK is not yet published to npm. During the alpha, consume it via
> the workspace directly or a tarball (`npm pack`). See the root ROADMAP.

## Quickstart

```ts
import { AiMemoryClient } from "@alphaone/ai-memory";

const memory = new AiMemoryClient({
  baseUrl: "http://localhost:9077",
  apiKey: process.env.AI_MEMORY_API_KEY,     // optional
  agentId: "ai:claude-opus-4.7@laptop:pid-1234", // optional default header
});

// Store
const m = await memory.store({
  title: "DNS zone refresh procedure",
  content: "Run `rndc reload` then check SERIAL bump in named.log …",
  tier: "long",
  namespace: "ops/dns",
  tags: ["bind9", "runbook"],
  priority: 8,
});

// Recall — fuzzy, scored, mutates access_count + TTL
const hits = await memory.recall({
  context: "how do I refresh a dns zone",
  namespace: "ops/dns",
  limit: 5,
});
for (const hit of hits.memories) {
  console.log(hit.score.toFixed(3), hit.title);
}
```

## Methods

All methods return typed `Promise<T>` and throw typed errors (see
[Error handling](#error-handling)). `RequestOptions` (last argument) lets
you override `agentId`, pass an `AbortSignal`, or add custom headers.

| Method | Endpoint | Description |
| --- | --- | --- |
| `store(body, opts?)` | `POST /api/v1/memories` | Create a new memory. |
| `storeBulk(memories, opts?)` | `POST /api/v1/memories/bulk` | Batch insert up to 1000. |
| `get(id, opts?)` | `GET /api/v1/memories/:id` | Fetch by id. |
| `update(id, body, opts?)` | `PUT /api/v1/memories/:id` | Patch fields. |
| `delete(id, opts?)` | `DELETE /api/v1/memories/:id` | Delete by id. |
| `promote(id, opts?)` | `POST /api/v1/memories/:id/promote` | Promote to long tier. |
| `list(query?, opts?)` | `GET /api/v1/memories` | Paginated list with filters. |
| `recall(body, opts?)` | `POST /api/v1/recall` | Fuzzy hybrid recall. |
| `search(query, opts?)` | `GET /api/v1/search` | AND keyword search. |
| `forget(body, opts?)` | `POST /api/v1/forget` | Bulk delete by pattern/ns/tier. |
| `link(body, opts?)` | `POST /api/v1/links` | Link two memories. |
| `getLinks(id, opts?)` | `GET /api/v1/links/:id` | Fetch all links for a memory. |
| `stats(opts?)` | `GET /api/v1/stats` | Aggregate stats. |
| `health(opts?)` | `GET /api/v1/health` | Liveness probe. |
| `namespaces(opts?)` | `GET /api/v1/namespaces` | List namespaces w/ counts. |
| `agents(opts?)` | `GET /api/v1/agents` | List registered agents. |
| `registerAgent(body, opts?)` | `POST /api/v1/agents` | Register an NHI. |
| `metrics(opts?)` | `GET /api/v1/metrics` | Prometheus text-format. |
| `subscribe(body, opts?)` | `POST /api/v1/subscriptions` | Register a webhook. |
| `unsubscribe(id, opts?)` | `DELETE /api/v1/subscriptions/:id` | Remove a webhook. |
| `listSubscriptions(opts?)` | `GET /api/v1/subscriptions` | List current webhooks. |
| `grant(memoryId, body, opts?)` | `POST /api/v1/memories/:id/grant` | Grant access. |
| `revoke(memoryId, body, opts?)` | `POST /api/v1/memories/:id/revoke` | Revoke access. |
| `notify(body, opts?)` | `POST /api/v1/notify` | Send inbox message. |
| `inbox(query?, opts?)` | `GET /api/v1/inbox` | Read inbox. |
| `cluster(body, opts?)` | `POST /api/v1/cluster` | Peer management. |

### Examples

#### `.store()`

```ts
await memory.store({
  title: "Rust trait bounds refresher",
  content: "Trait bounds `where T: Send + Sync` …",
  tier: "mid",
  namespace: "rust",
  tags: ["rust", "traits"],
  priority: 6,
  confidence: 0.9,
  metadata: { source_commit: "abc123" },
});
```

#### `.recall()`

```ts
const { memories, tokens_used } = await memory.recall({
  context: "what's our nginx reload command?",
  namespace: "ops",
  budget_tokens: 2000,
});
```

#### `.search()`

```ts
const { results } = await memory.search({
  q: "bind9 AND reload",
  namespace: "ops/dns",
  limit: 20,
});
```

#### `.list()`

```ts
const { memories } = await memory.list({
  namespace: "rust",
  tier: "long",
  limit: 50,
  offset: 0,
});
```

#### `.get()` / `.delete()`

```ts
const m = await memory.get("b4e3…");
await memory.delete("b4e3…");
```

#### `.subscribe()` + webhook verification

```ts
import express from "express";
import { verifyWebhookSignature } from "@alphaone/ai-memory/webhooks";

const sub = await memory.subscribe({
  callback_url: "https://myapp.example.com/webhooks/ai-memory",
  events: ["memory.stored", "memory.updated"],
  secret: process.env.WEBHOOK_SECRET,
});

const app = express();
app.post(
  "/webhooks/ai-memory",
  express.raw({ type: "application/json" }),
  (req, res) => {
    const sig = String(req.header("X-AI-Memory-Signature") ?? "");
    if (!verifyWebhookSignature(req.body, sig, process.env.WEBHOOK_SECRET!)) {
      return res.status(401).send("bad signature");
    }
    const event = JSON.parse(req.body.toString("utf8"));
    console.log("event", event);
    res.status(204).end();
  },
);
```

#### `.unsubscribe()`

```ts
await memory.unsubscribe(sub.id);
```

#### `.notify()` / `.inbox()`

```ts
await memory.notify({
  to: "ai:codex-5.4@ci:pid-42",
  subject: "review needed",
  body: "please approve pending action pa_123",
  memory_id: "b4e3…",
});

const { messages, unread } = await memory.inbox({ unread: true, limit: 20 });
```

#### `.grant()` / `.revoke()`

```ts
await memory.grant("b4e3…", { agent_id: "alice", permission: "read" });
await memory.revoke("b4e3…", { agent_id: "alice" });
```

#### `.cluster()`

```ts
const { peers } = await memory.cluster({ action: "list" });
```

#### `.agents()` / `.registerAgent()`

```ts
await memory.registerAgent({
  agent_id: "ai:claude-opus-4.7@ci:pid-99",
  agent_type: "ai:claude-opus-4.7",
  capabilities: ["memory_write", "memory_recall"],
});
const { agents } = await memory.agents();
```

#### `.health()`

```ts
const h = await memory.health();
if (h.status !== "ok") throw new Error("memory daemon unhealthy");
```

## Agent identity (NHI)

`agent_id` precedence (from `docs/CLAUDE.md` §Agent Identity):

1. Explicit body-level `agent_id` on `.store()` / `.registerAgent()` etc.
2. `X-Agent-Id` HTTP header — set via `new AiMemoryClient({ agentId })` or
   per-call `opts.agentId`.
3. Server-side `anonymous:req-<uuid8>` fallback (logged at WARN).

The id must match the regex `^[A-Za-z0-9_\-:@./]{1,128}$` — permits prefixed
forms like `ai:claude-opus-4.7@host:pid-123` and future SPIFFE-style ids.
Rejects whitespace, null bytes, control chars, shell metacharacters.

## Authentication

### API key (`X-API-Key`)

The daemon's `api_key_auth` middleware checks `X-API-Key` (or `?api_key=` query
param) when an API key is configured. Pass it to the client once:

```ts
const memory = new AiMemoryClient({
  baseUrl: "https://memory.internal",
  apiKey: process.env.AI_MEMORY_API_KEY,
});
```

### mTLS

ai-memory itself is HTTP-only by design. Terminate TLS and client-certificate
auth at a reverse proxy (nginx, Caddy, Envoy) in front of the daemon, then
forward the verified identity via a header to the backend.

Example nginx snippet:

```nginx
server {
  listen 443 ssl;
  ssl_certificate     /etc/ssl/memory.crt;
  ssl_certificate_key /etc/ssl/memory.key;
  ssl_client_certificate /etc/ssl/ca.crt;
  ssl_verify_client on;

  location / {
    proxy_set_header X-Agent-Id $ssl_client_s_dn_cn;
    proxy_pass http://127.0.0.1:9077;
  }
}
```

## Error handling

All methods reject with a typed error:

```ts
import {
  ApiError,
  ValidationError,
  UnauthorizedError,
  NotFoundError,
  ConflictError,
  ServerError,
  NetworkError,
} from "@alphaone/ai-memory";

try {
  await memory.get("bogus");
} catch (err) {
  if (err instanceof NotFoundError) {
    // 404
  } else if (err instanceof ValidationError) {
    // 400 — err.message carries the server's reason
  } else if (err instanceof UnauthorizedError) {
    // 401/403 — missing or bad API key
  } else if (err instanceof ApiError) {
    console.error(err.status, err.code, err.message);
  } else if (err instanceof NetworkError) {
    // connection refused, DNS, TLS, timeout, etc.
  } else {
    throw err;
  }
}
```

## Claude Code / Cursor integration

### Claude Code (MCP server already includes memory tools)

Run ai-memory as the MCP server and this SDK in your own tooling scripts:

```json
// ~/.config/claude-code/settings.json
{
  "mcpServers": {
    "memory": { "command": "ai-memory", "args": ["serve"] }
  }
}
```

Inside a Claude Code slash command script (or hook) you can call the HTTP
SDK against the same daemon, e.g. to fan-out a memory bulk-create from a
CI hook:

```ts
import { AiMemoryClient } from "@alphaone/ai-memory";
const mem = new AiMemoryClient({ baseUrl: "http://localhost:9077" });
await mem.storeBulk(newFacts.map(f => ({ title: f.title, content: f.body, tier: "long" })));
```

### Cursor

In Cursor's `.cursorrules` or a project-level script, use the same client.
Cursor's agent surface will find stored memories via the MCP server; the SDK
is for bespoke tool integrations (post-commit hooks, review automation).

### Claude desktop extensions

Register the SDK-driven tool under `.claude/commands/*.ts` and import the
client as shown in Quickstart.

## Browser usage

`undici.fetch` is a Node module. For browsers, pass the native `fetch`:

```ts
import { AiMemoryClient } from "@alphaone/ai-memory";
// @ts-ignore - browser globalThis.fetch
const memory = new AiMemoryClient({ baseUrl: "/api" }, globalThis.fetch);
```

Webhook verification (`verifyWebhookSignature`) uses `node:crypto`; for the
browser use the Web Crypto API (`crypto.subtle.importKey` + `sign("HMAC")`) —
not yet shipped in this package.

## Development

```bash
npm install        # (not run by the scaffold generator — review first)
npm run typecheck  # tsc --noEmit
npm run build      # emit ./dist
AI_MEMORY_TEST_DAEMON=1 npm test   # integration tests against a live daemon
```

## Links

- Main repo: <https://github.com/alphaone/ai-memory>
- Architecture notes: [`docs/CLAUDE.md`](../../CLAUDE.md)
- HTTP API handlers: [`src/handlers.rs`](../../src/handlers.rs)
- Validation rules: [`src/validate.rs`](../../src/validate.rs)