Skip to content

celiums/celiums-memory

v1.2.6 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

ai ai-memory artificial-intelligence circadian-rhythm claude-code cognitive-architecture
+13 more
cursor developer-tools emotional-ai knowledge-engine mcp memory model-context-protocol neuroscience opencore persistent-memory personality typescript vscode

Affected surfaces

auth

Summary

AI summary

Adds an append‑only SHA‑256 chain to agent_journal and a verification tool for detecting tampering.

Full changelog

Adds an append-only SHA-256 chain to agent_journal and a new journal_verify_chain tool. Defense-in-depth against malicious or compromised operators with direct DB access — if anyone tampers with the journal bypassing journal_write, the next verify call surfaces it.

npm install @celiums/[email protected]

What's new

  • Schema: agent_journal gains prev_hash text + hash text columns + chain-walk index. Migration is automatic + idempotent.
  • journal_write computes SHA-256(id || agent_id || content || written_at || prev_hash) and persists it on every insert.
  • New tool journal_verify_chain({ agent_id? }): walks the chain, recomputes, returns { agent_id, total, valid, broken: [{ id, reason, expected_hash?, got_hash?, expected_prev?, got_prev? }] }.

Verified

End-to-end on the private cluster (20 existing entries):

  • Chain backfill: 20/20 hashed correctly, valid: true
  • Fresh write: new entry chains to predecessor
  • Post-hoc UPDATE agent_journal SET content = ...: verify returns valid: false, broken: [{ reason: 'content/timestamp tampered' }]
  • Restore content + recompute hash: valid: true

Recommended action

Run journal_verify_chain on each agent_id you have. If valid: true, your journal hasn't been tampered with. If broken is non-empty, the listed entries were modified outside the handler — investigate before trusting them.

Security Fixes

  • Defense‑in‑depth: tampering detection for `agent_journal` entries via SHA‑256 chain verification
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track celiums/celiums-memory

Get notified when new releases ship.

Sign up free

About celiums/celiums-memory

Cognitive memory engine with 5,100+ knowledge modules, circadian rhythm awareness, and emotional state tracking (PAD model). Hybrid search (PostgreSQL + Qdrant vectors + Valkey cache), per-user memory isolation, and multi-protocol support (MCP, REST, OpenAI, LangChain, A2A). `npx @celiums/memory` Website

All releases →

Related context

Earlier breaking changes

  • v2.0.0 SaaS/UI/monetization framing removed.

Beta — feedback welcome: [email protected]