daarion-admin/microdao-daarion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7a95f739d4d99fd25c54f551530338c8250b2eb9
microdao-daarion/docs/MEMORY_API_POLICY.md
Apple ef3473db21 snapshot: NODE1 production state 2026-02-09 
Complete snapshot of /opt/microdao-daarion/ from NODE1 (144.76.224.179).
This represents the actual running production code that has diverged
significantly from the previous main branch.

Key changes from old main:
- Gateway (http_api.py): expanded from ~40KB to 164KB with full agent support
- Router: new /v1/agents/{id}/infer endpoint with vision + DeepSeek routing
- Behavior Policy: SOWA v2.2 (3-level: FULL/ACK/SILENT)
- Agent Registry: config/agent_registry.yml as single source of truth
- 13 agents configured (was 3)
- Memory service integration
- CrewAI teams and roles

Excluded from snapshot: venv/, .env, data/, backups, .tgz archives

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-09 08:46:46 -08:00

2.3 KiB
Raw Blame History

Memory API — Single Access Point Policy

Rule: All data access ONLY through Memory API :8000

Allowed

Router      ──► Memory API ──► Qdrant/Neo4j/Postgres
Parser      ──► Memory API ──► Qdrant
Gateway     ──► Memory API ──► facts/sessions
CrewAI      ──► Memory API ──► context retrieval

Forbidden (direct DB access)

Router      ──✗──► Qdrant (direct)
Parser      ──✗──► Neo4j (direct)
Swapper     ──✗──► Postgres (direct)

Exceptions

  1. Migrations — admin scripts only
  2. Backups — scheduled jobs
  3. Health checks — read-only probes

Memory API Endpoints

Endpoint Purpose Consumers
POST /retrieve Vector + graph search Router
POST /store Save message/document Router, Parser
POST /artifacts/store RAG document indexing Parser
GET /facts/{key} Get user facts Gateway
POST /facts/upsert Update user facts Gateway
POST /agents/{id}/memory Agent-scoped storage Gateway

Benefits

  1. Unified ACL — one place for access control
  2. Privacy enforcement — mode/confidential checks
  3. Audit trail — all access logged
  4. Schema consistency — Memory API validates
  5. Easy migration — change DB without touching services

Enforcement

Network Level (Docker)

# Only Memory API can reach DBs
services:
  qdrant:
    networks:
      - data-internal  # Not exposed to dagi-network
  
  memory-service:
    networks:
      - data-internal
      - dagi-network   # Exposed to services

Code Level

  • Router: use ToolManager with Memory API calls
  • Parser: use Memory API for indexing
  • No direct Qdrant/Neo4j imports in Router/Parser

Migration Plan

  1. Router already uses Memory API via tool_manager
  2. Parser uses Memory API for indexing
  3. Audit all direct DB connections
  4. Move to internal network for DBs

Tech Debt: Router Direct Neo4j Access

Current state: Router has direct Neo4j access for graph_query tool.

Why: Performance optimization for real-time graph traversal.

Plan:

  1. Add /graph/query endpoint to Memory API
  2. Migrate Router to use Memory API
  3. Remove direct Neo4j driver from Router

Priority: Medium (after MVP stabilization)

Reference in New Issue View Git Blame Copy Permalink