Five steps from laptop to FedRAMP

1. Step 1 OSS Local v0.6.3 · free · Apache 2.0 Shipped

   Single-machine deployment. SQLite database. Bound to 127.0.0.1 by default. Zero outbound network calls. Personal-machine baseline.

   Use case: solo developer, individual researcher, evaluation deployment.

2. Step 2 OSS Federation v0.6.3 · free · Apache 2.0 Shipped

   Multi-machine deployment with W-of-N quorum writes, mTLS client-cert authentication, fingerprint allowlist. No central PKI required. Each node operates independently.

   Use case: team deployments, multi-region replication, peer-to-peer organization.

3. Step 3 OSS Attested v0.7 target end Q2 2026 · free · Apache 2.0 In flight

   When v0.7 ships (target end Q2 2026), this step will add Ed25519 cryptographic attestation. Every memory link write will be signed end-to-end, providing verifiable provenance from the originating agent through every replication hop. Today (current OSS release), the substrate ships with mTLS authentication and a fingerprint allowlist; cryptographic attestation of individual writes is the v0.7 milestone.

   Use case: regulated environments where the OSS substrate is sufficient and your internal compliance team can map the evidence to your frameworks.

4. Step 4 AgenticMem Attest commercial (pre-launch) · Q3 2026 launch Pre-commercial

   At commercial launch (Q3 2026), AgenticMem Attest is being built to add to OSS Attested: hardware-backed key storage (TPM, HSM, AWS CloudHSM, Azure Dedicated HSM); SOC 2 Type II evidence-mapping for your auditor; HIPAA Business Associate Agreement scope where applicable to the customer engagement (terms in the customer agreement); managed key rotation; severity-tiered managed-SOC response targets specified in the customer agreement; dedicated TAM. All items are subject to the timelines and conditions on the Evidence page.

   Use case: enterprises in regulated industries (financial services, healthcare, regulated professional services) that need a commercial counterparty for compliance and customer-agreement scope.

5. Step 5 AgenticMem Federate commercial (pre-launch) · Q4 2026 launch Pre-commercial

   At commercial launch (Q4 2026), AgenticMem Federate is being built to add to Attest: cross-organization federation control plane; multi-region quorum-write infrastructure using W-of-N consensus and an mTLS-authenticated peer mesh; cross-trust-boundary key management; managed Security Operations Center; planned quarterly third-party penetration testing; technical-personnel availability for incident response, scoped by the customer agreement applicable to the engagement. Specific fault-tolerance properties are documented in the architecture references on the Evidence page.

   Use case: large enterprises, consortia, multi-division deployments, joint ventures.

6. Step 6 AgenticMem Sovereign commercial (pre-launch) · target late 2027 — FedRAMP-dependent Charter

   When delivered (target late 2027), AgenticMem Sovereign is planned to add to Federate: FedRAMP Moderate or High authorization sponsorship via the FedRAMP 20x pathway (subject to GSA process and a sponsoring agency); DoD Impact Level 4 / 5 mappings; ITAR registration with DDTC; air-gap deployment kits; cleared support staff; agency-specific evidence packages. As of 2026-05, no AgenticMem personnel hold federal security clearances; clearance is targeted to be initiated through the sponsoring-agency process at engagement.

   Use case: government agencies, defense contractors, intelligence community deployments.

About FedRAMP timing

FedRAMP authorization timelines are 6–18 months minimum, dependent on agency sponsor availability and 3PAO assessment queue. We are pursuing FedRAMP 20x (the new automated pathway), which targets ~3 months for Low and Moderate impact levels. We cannot guarantee a specific authorization date because the FedRAMP process is governed by the GSA and the sponsoring agency, not by us. We will publish status updates publicly throughout the process.