Provenance
Who wrote it is stamped by the server, not the caller. The human path hard-pins "human"; client-supplied agent_id cannot forge authorship.
isanna Hive turns agent memory from a black box into governed infrastructure: every write has provenance, every recall is scoped, and every deletion leaves a verifiable trail.
Read this page for the model. Implementation proof is available when a buyer or reviewer needs it.
If memory is stale, poisoned, leaked, or unprovable, the risk compounds across every future prompt. Governance is the difference between "the agent remembered something" and "the agent remembered something we can defend."
Most memory systems answer one question: "can the agent retrieve it?" Hive answers the harder ones: who wrote it, who can see it, what changed, what was deleted, and whether the system can prove those facts later.
The overview is intentionally simple: each control exists to keep agent memory useful without letting it become unaccountable infrastructure.
Who wrote it is stamped by the server, not the caller. The human path hard-pins "human"; client-supplied agent_id cannot forge authorship.
Every tool call writes an immutable, content-free audit row: action, tenant, status, time, and safe metadata. Never the memory content.
Delete and receipt commit in one transaction. If the receipt cannot be recorded, the delete does not happen.
Each tenant gets its own physical Postgres schema, FORCE row-level security, and request-scoped org_id. Missing scope fails closed.
Suspicious agent writes are held out of recall until a human reviews them. Attack-shaped text cannot quietly become future context.
Curator and Knowledge surfaces render live data once tagged memories exist; the spec-02/03 schema evolution chain is applied.
Memories move through active, superseded, archived, quarantined, and expired states. Default recall prefers current truth.
The memory substrate runs on infrastructure you control. Cloud beta keeps the same governance model on isolated Hive-operated infrastructure.
A memory is not just inserted and forgotten. It moves through a governed path with explicit checks at the places where trust can break.
The request enters through the server boundary under tenant scope.
Author and request context are resolved server-side.
The memory is embedded and prepared for search without silent merging.
Poisoning-shaped writes are quarantined before recall.
Search returns scoped, current, explainable memory.
Human-approved changes supersede rather than overwrite.
Deletes cascade; a complete delete + ledger seal mints a hash-chained receipt (a partial one errors instead).
This page keeps the public story readable. The full engineering notes remain available for developers, reviewers, and skeptical buyers.
The public page stays intentionally high-level. Detailed architecture notes, SQL/RLS mechanics, retrieval diagrams, and telemetry evidence are kept for direct reviewer or buyer share-outs.
The research argument is simple: agents improve when they can learn from prior work. Hive's bet is that production agent memory also needs governance, not just retrieval.
Failure memories improved HumanEval pass@1 to 91% versus the prior GPT-4 state of the art at 80%.
ICML 2025Reusable workflow memory improved web-task success by 24.6% on Mind2Web and 51.1% on WebArena.
NVIDIA / CaltechA growing skill library helped an agent reach milestones up to 15.3x faster than prior systems.
Start with the overview, then apply for the private beta when you want governed memory in a real workflow.