AgenticMem Phase A · pre-commercial · launch Q3 2026

Page 4 / Public evidence

Verify before you engage

We publish evidence the way enterprise procurement wants to see it: cryptographically signed, machine-readable, third-party-verifiable wherever possible.

Source code

github.com/alphaonedev/ai-memory-mcp

  • Apache 2.0 license, full source available
  • All commits signed with GPG key SHA256 tkfDATcb8+hjhJeI3LvDbwAaks/8QqBMRr6oOWz6iBA
  • Reproducible builds documented
  • No contributor-license-agreement is required; contributions are received under the Developer Certificate of Origin. Apache 2.0 is permanent. An OSS Permanence Pledge describing the open-source-license posture is to be published in the same repository.

Test evidence

alphaonedev.github.io/ai-memory-test-hub

  • Per-release verdict pages with phase-by-phase results
  • Ship-gate (release testing on DigitalOcean infrastructure): functional, multi-agent, migration, chaos
  • A2A-gate (multi-agent integration testing): 48 scenarios across mTLS cells
  • All run artifacts linked to GitHub Actions run IDs for verification

Coverage and tests

  • 93.05% line coverage (42,894 / 46,099 lines)
  • 1,809 tests passing, 0 failed, 0 ignored
  • Coverage gate enforced in CI: cargo llvm-cov --fail-under-lines 92
  • Per-module breakdown public (as of v0.6.4): 7 modules at 100%, 39 of 47 ≥ 90%.

Performance budgets

alphaonedev.github.io/ai-memory-mcp/performance.html

  • Public p95/p99 budgets per operation
  • CI fails any PR exceeding budget by >10%
  • Hardware baseline documented (Apple M4, 32GB, NVMe SSD)
  • Bench tool reproducible by any OSS user: ai-memory bench

Distribution channels

All five channels signed and verifiable:

  • crates.io (Rust package registry)
  • Homebrew (macOS)
  • Fedora COPR (RHEL/Fedora)
  • Docker GHCR (container registry)
  • APT PPA (Ubuntu/Debian)

Reference architectures

github.com/alphaonedev/ai-memory-mcp/docs/architectures.html

  • Five reference deployment tiers (T1 laptop → T5 global multi-org) with per-tier prose, capability matrix, and SVG diagram
  • Source-cited: every claim points to an exact file path and line range in v0.6.3.1
  • Distinguishes “ships today” from “vision · v1.0+” line by line; no marketing fiction
  • Covers attested agent identity (NHI), mTLS peer mesh with SHA-256 fingerprint allowlist, scope-based visibility filtering enforced at SQL level, per-namespace policy gates
  • Standalone diagram: architecture.svg

What we have not yet certified

Honest disclosure of what is not yet in place:

  • SOC 2 Type II (own attestation) In flight — readiness assessment in progress; first audit cycle targeted Q3 2026; first attestation report Q4 2026.
  • SOC 2 customer evidence-mapping In flight — the deliverable to your auditor for your own SOC 2 controls; targeted to be available to design partners Q3 2026; targeted to be generally available with the AgenticMem Attest tier.
  • HIPAA BAA template In flight — under legal review; available to design partners Q3 2026
  • FedRAMP authorization Charter — agency sponsor identification in progress; targeted authorization 2027 via FedRAMP 20x
  • ITAR registration Charter — pursued in parallel with first defense contractor design partner engagement
  • Penetration test report In flight — first independent third-party penetration test scheduled Q3 2026.
  • Insurance program (E&O / cyber) In flight — in procurement. Targeted to be in place prior to commercial launch. Any carrier and limits applicable to a given engagement are matters for the customer agreement applicable to that engagement; not disclosed on this page.
  • 24/7 SOC operations In flight — build in progress. Targeted to be stood up alongside AgenticMem Attest launch (Q3 2026). Any response targets applicable to a given engagement are specified in the customer agreement applicable to that engagement.
  • Hardware-attested keys (Ed25519) In flight — v0.7 milestone. Substrate-level Ed25519 attestation ships with ai-memory v0.7, target end Q2 2026.
  • Cleared workforce Charter — no AgenticMem personnel hold federal security clearances as of 2026-05; clearance is targeted to be initiated through the sponsoring-agency process at engagement, alongside Sovereign-tier delivery.

If you need any of the above before we have it, we should not be your vendor yet. Run the OSS in pilot, evaluate other vendors that hold these certifications today, and revisit AgenticMem at our commercial launch.

Pre-launch inquiry — discovery call View ai-memory on GitHub

OSS permanence — pledge to be published

The Apache 2.0 license on ai-memory™ is permanent. The four principles describing the open-source-license posture (no relicense, no paywall on OSS features, no commercial coupling, right to fork) are intended to be published as a dated, owner-signed OSS Permanence Pledge at github.com/alphaonedev/ai-memory-mcp once finalized. Marketing language about future licensing can be unwound by the entity that produced it; a published pledge document at the canonical repository sits at a different evidentiary level. Procurement teams may attach the pledge document, once published, to their vendor file as the open-source-license posture of ai-memory™.