pub struct NamespacedMemory { /* private fields */ }Expand description
Wraps a Memory store with namespace prefixing for agent isolation.
Each agent’s memory entries get IDs prefixed with {agent_name}: for provenance.
Recall can search within the agent’s namespace or across all namespaces.
When max_confidentiality is set, recall queries are capped at that level
regardless of what the caller requests. This is the enforcement point for
sensor security — even if the LLM is tricked into calling memory_recall,
the store-level filter prevents confidential data from being returned.
Implementations§
Source§impl NamespacedMemory
impl NamespacedMemory
Sourcepub fn new(inner: Arc<dyn Memory>, agent_name: impl Into<String>) -> Self
pub fn new(inner: Arc<dyn Memory>, agent_name: impl Into<String>) -> Self
Wrap inner so all reads/writes are scoped to agent_name.
Sourcepub fn with_max_confidentiality(self, cap: Option<Confidentiality>) -> Self
pub fn with_max_confidentiality(self, cap: Option<Confidentiality>) -> Self
Set the maximum confidentiality level for recall queries.
When set, all recall queries through this namespace will be capped at this level — entries with higher confidentiality are filtered out at the store level.
Sourcepub fn with_default_store_confidentiality(self, level: Confidentiality) -> Self
pub fn with_default_store_confidentiality(self, level: Confidentiality) -> Self
Set the minimum confidentiality level for new entries stored through this namespace.
When an entry is stored with a confidentiality level below this floor, it
will be upgraded to this level. Entries already at or above this level are
left unchanged. This prevents LLM-driven downgrade attacks and ensures
private conversations (e.g. Telegram DMs) are stored as Confidential
by default without requiring the LLM to specify it.
Trait Implementations§
Source§impl Memory for NamespacedMemory
impl Memory for NamespacedMemory
Source§fn store(
&self,
scope: &TenantScope,
entry: MemoryEntry,
) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
fn store( &self, scope: &TenantScope, entry: MemoryEntry, ) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
Source§fn recall(
&self,
scope: &TenantScope,
query: MemoryQuery,
) -> Pin<Box<dyn Future<Output = Result<Vec<MemoryEntry>, Error>> + Send + '_>>
fn recall( &self, scope: &TenantScope, query: MemoryQuery, ) -> Pin<Box<dyn Future<Output = Result<Vec<MemoryEntry>, Error>> + Send + '_>>
Source§fn update(
&self,
scope: &TenantScope,
id: &str,
content: String,
) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
fn update( &self, scope: &TenantScope, id: &str, content: String, ) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
content on the entry identified by id.Source§fn forget(
&self,
scope: &TenantScope,
id: &str,
) -> Pin<Box<dyn Future<Output = Result<bool, Error>> + Send + '_>>
fn forget( &self, scope: &TenantScope, id: &str, ) -> Pin<Box<dyn Future<Output = Result<bool, Error>> + Send + '_>>
id; returns true if an entry was removed.