Documentation

Shared, verifiable memory for multi-agent systems. Pools, ACLs, audit logs, and a built-in treasury — all on-chain.

Quick Start

1. Install

TypeScript

npm install @forestinfra/shelmem

Python

pip install shelmem

2. Initialise

import { ShelMem, openaiEmbeddings } from '@forestinfra/shelmem';

const mem = new ShelMem({
  supabaseUrl: process.env.SUPABASE_URL,
  supabaseKey: process.env.SUPABASE_KEY,
  encrypt: true,
  embeddingProvider: openaiEmbeddings(OPENAI_KEY),
});

3. Write a memory

const result = await mem.write(
  'agent-001', 'User prefers dark mode', 'preferences', 'preference'
);
// → { content_hash, shelby_object_id, aptos_tx_hash }

4. Recall + verify

const memories = await mem.recall('agent-001', 'preferences');
for (const m of memories) {
  console.log(m.memory, m.verified); // true | false | null
}

5. Semantic search

const results = await mem.search('what does the user prefer?');
// → [{ memory_preview, similarity: 0.91 }]

API Reference

write(agent_id, memory, context, memory_type?, metadata?, treasury?)Store a memory on Shelby. Content is SHA-256 hashed, optionally encrypted, and embedding stored if provider configured. Treasury fields (amount, currency, counterparty, tx_status) can be passed for financial records.Parameters

`agent_id`	string	Agent identifier
`memory`	string	Content to store
`context`	string	Category label
`memory_type`	MemoryType?	'fact'\|'decision'\|'preference'\|'observation'\|'transaction_record'\|'balance_snapshot'\|'spending_policy'
`metadata`	object?	Key-value metadata
`treasury`	TreasuryFields?	{ amount?, currency?, counterparty?, tx_status? }

Returns

`shelby_object_id`	string	Shelby address
`aptos_tx_hash`	string	On-chain tx hash
`content_hash`	string	SHA-256 of plaintext
`memory_type`	string	Type stored
`timestamp`	string	ISO 8601
`amount`	number?	Transaction amount
`currency`	string?	Currency (APT, USDT, etc)

recall(agent_id, context?, limit?, memory_type?)Retrieve memories. Each is decrypted and verified against its stored content hash.Parameters

`agent_id`	string	Agent to query
`context`	string?	Filter by context
`limit`	number?	Max results (default 10)
`memory_type`	MemoryType?	Filter by type

Returns

`memory`	string	Content (decrypted)
`verified`	boolean\|null	true=authentic, false=tampered
`memory_type`	string	Memory type
`content_hash`	string	SHA-256 hash
`timestamp`	string	ISO 8601

search(query, agent_id?, limit?, threshold?)Semantic search by meaning using vector similarity. Requires embeddingProvider.Parameters

`query`	string	Natural language query
`agent_id`	string?	Filter to agent
`limit`	number?	Max results (default 10)
`threshold`	number?	Min similarity 0-1

Returns

`memory_preview`	string	First 200 chars
`similarity`	number	Cosine similarity
`memory_type`	string	Type
`agent_id`	string	Agent

verify(id)Re-download from Shelby, decrypt, and verify content hash.Parameters

id string Memory UUID

Returns

`verified`	boolean	Hash matches
`content_hash`	string	Actual hash
`expected_hash`	string	Stored hash

delete(id)Remove a memory from Supabase and attempt Shelby blob deletion.Parameters

id string Memory UUID

recordTransaction(params)Convenience wrapper for write(). Sets memory_type='transaction_record', defaults tx_status to 'pending'. Treasury records get 365-day Shelby expiry.Parameters

`agentId`	string	Agent identifier
`memory`	string	Description of the transaction
`context`	string	Category label
`amount`	number	Transaction amount
`currency`	string	Currency (APT, USDT, etc)
`counterparty`	string	Wallet address of payer/payee
`txStatus`	string?	'pending' (default) \| 'confirmed' \| 'failed'

Returns

`shelby_object_id`	string	Shelby address
`content_hash`	string	SHA-256 hash
`amount`	number	Amount
`currency`	string	Currency
`tx_status`	string	Status

recordBalanceSnapshot(params)Convenience wrapper for write(). Sets memory_type='balance_snapshot'. Records a point-in-time balance.Parameters

`agentId`	string	Agent identifier
`memory`	string	Balance description
`context`	string	Category label
`amount`	number	Balance amount
`currency`	string	Currency

Returns

`shelby_object_id`	string	Shelby address
`amount`	number	Balance amount
`currency`	string	Currency

getLatestBalance(agentId)Returns the most recent balance_snapshot for an agent, or null if none exist.Parameters

agentId string Agent identifier

Returns

`memory`	string	Balance description
`amount`	number	Balance amount
`currency`	string	Currency
`timestamp`	string	When recorded

createPool({ name, ownerAgentId, description?, metadata? })Create a shared memory pool. The owner is automatically added as a member with role 'owner'.Parameters

`name`	string	Pool name
`ownerAgentId`	string	Agent that will own the pool
`description`	string?	Optional description
`metadata`	object?	Optional metadata

Returns

`id`	string	Pool UUID
`name`	string	Pool name
`owner_agent_id`	string	Owner
`created_at`	string	ISO 8601

addPoolMember(poolId, callerAgentId, targetAgentId, role)Add or update a member's role. Caller must be the pool owner.Parameters

`poolId`	string	Pool UUID
`callerAgentId`	string	Must have role owner
`targetAgentId`	string	Agent to add
`role`	'owner'\|'writer'\|'reader'	Role to grant

Returns

`pool_id`	string	Pool UUID
`agent_id`	string	Member agent
`role`	string	Role granted
`added_at`	string	ISO 8601

removePoolMember(poolId, callerAgentId, targetAgentId)Remove a member. Caller must be the pool owner. The owner cannot be removed.Parameters

`poolId`	string	Pool UUID
`callerAgentId`	string	Must have role owner
`targetAgentId`	string	Agent to remove

listPoolMembers(poolId, callerAgentId)List all members of a pool. Caller must be a pool member.Parameters

`poolId`	string	Pool UUID
`callerAgentId`	string	Must be a member

Returns

`agent_id`	string	Member agent
`role`	string	Role
`added_at`	string	When added

listPools(agentId)List all pools the agent is a member of.Parameters

agentId string Agent identifier

Returns

`id`	string	Pool UUID
`name`	string	Pool name
`owner_agent_id`	string	Owner

writeToPool({ poolId, agentId, memory, context, memory_type?, metadata?, treasury? })Write a memory into a shared pool. Caller must have role 'owner' or 'writer'. Throws PermissionError otherwise.Parameters

`poolId`	string	Pool UUID
`agentId`	string	Caller — must be owner or writer
`memory`	string	Content to store
`context`	string	Category label
`memory_type`	MemoryType?	Default: observation
`metadata`	object?	Optional metadata
`treasury`	TreasuryFields?	Optional { amount, currency, counterparty, tx_status }

Returns

`shelby_object_id`	string	Shelby address
`aptos_tx_hash`	string	On-chain tx hash
`content_hash`	string	SHA-256 of plaintext
`memory_type`	string	Type stored
`timestamp`	string	ISO 8601

recallFromPool({ poolId, agentId, context?, limit?, memory_type? })Read memories written into a shared pool by any member. Caller must be a pool member (any role). Each memory is verified against its content hash. Records a 'read' entry in the pool audit log.Parameters

`poolId`	string	Pool UUID
`agentId`	string	Caller — must be a member
`context`	string?	Filter by context
`limit`	number?	Max results (default 10)
`memory_type`	MemoryType?	Filter by type

Returns

`memory`	string	Content (decrypted, verified)
`agent_id`	string	Which agent wrote it
`pool_id`	string	Pool UUID
`memory_type`	string	Type
`verified`	boolean\|null	Hash verification result

recallShared(agent_id, context?, limit?, memory_type?)Read memories that were explicitly shared with this agent via the per-memory shared_with ACL — independent of pool membership.Parameters

`agent_id`	string	Agent identifier
`context`	string?	Filter by context
`limit`	number?	Max results (default 10)
`memory_type`	MemoryType?	Filter by type

Returns

`memory`	string	Content (decrypted, verified)
`agent_id`	string	Original writer
`shared_with`	string[]	ACL list

searchPool({ poolId, agentId, query, limit?, threshold? })Semantic search inside a shared pool using pgvector. Caller must be a pool member. Requires an embeddingProvider in config.Parameters

`poolId`	string	Pool UUID
`agentId`	string	Caller — must be a member
`query`	string	Natural language query
`limit`	number?	Max results (default 10)
`threshold`	number?	Min similarity 0-1 (default 0.5)

Returns

`id`	string	Memory UUID
`agent_id`	string	Writer
`memory_preview`	string	First 200 chars
`similarity`	number	Cosine similarity

getPoolAuditLog(poolId, callerAgentId, limit?)Read the access log for a pool. Owner only. One row per writeToPool / recallFromPool / searchPool call.Parameters

`poolId`	string	Pool UUID
`callerAgentId`	string	Must have role owner
`limit`	number?	Max entries (default 100)

Returns

`action`	'write'\|'read'	Action recorded
`agent_id`	string	Agent that acted
`memory_id`	string\|null	Set on writes
`result_count`	number\|null	Set on reads
`created_at`	string	ISO 8601

Agent Treasury

ShelMem includes treasury memory types for AI agent payments. Agents can record transactions, balance snapshots, and spending policies as tamper-proof, verifiable memories. Treasury records get 365-day Shelby expiry (vs 30 days for standard memories).Record a transaction

await mem.recordTransaction({
  agentId: 'trading-agent',
  memory: 'Paid 100 APT for API access',
  context: 'payments',
  amount: 100,
  currency: 'APT',
  counterparty: '0xmerchant...',
});
// → { memory_type: 'transaction_record', tx_status: 'pending', ... }

Record a balance snapshot

await mem.recordBalanceSnapshot({
  agentId: 'trading-agent',
  memory: 'End-of-day balance',
  context: 'treasury',
  amount: 4725,
  currency: 'APT',
});

Get latest balance

const balance = await mem.getLatestBalance('trading-agent');
// → { amount: 4725, currency: 'APT', memory_type: 'balance_snapshot' }
// → null if no balance snapshots exist

Memory types: transaction_record · balance_snapshot · spending_policy
tx_status values: pending · confirmed · failed
Shelby expiry: 365 days (vs 30 days for standard memories)

Shared Pools

Pools are shared memory workspaces. Add agents as members with owner, writer, or reader roles, then any member can read everything written into the pool while role permissions are enforced at the SDK boundary. Use them to coordinate workflows like trading → execution → risk → reporting through a single source of truth.1. Create a pool and invite collaborators

const pool = await mem.createPool({
  name: 'market-ops',
  ownerAgentId: 'trading-agent',
});

await mem.addPoolMember(pool.id, 'trading-agent', 'execution-agent', 'writer');
await mem.addPoolMember(pool.id, 'trading-agent', 'risk-agent',      'writer');
await mem.addPoolMember(pool.id, 'trading-agent', 'reporting-agent', 'reader');

2. Write into the pool (owner or writer)

await mem.writeToPool({
  poolId: pool.id, agentId: 'trading-agent',
  memory: 'RSI=35, buy 500 APT', context: 'trading',
  memory_type: 'decision',
});

3. Read from the pool (any member)

const records = await mem.recallFromPool({
  poolId: pool.id, agentId: 'reporting-agent',
});
// → each record carries agent_id (writer) and pool_id, plus the verified content

4. Permission errors

import { PermissionError } from '@forestinfra/shelmem';

try {
  await mem.writeToPool({
    poolId: pool.id, agentId: 'reporting-agent',
    memory: 'denied', context: 'trading',
  });
} catch (err) {
  if (err instanceof PermissionError) {
    // role 'reader' cannot write
  }
}

Roles: owner (manage members + read/write) · writer (read/write) · reader (read only)
Membership: creating a pool auto-adds the owner. The owner cannot be removed; transfer ownership before deletion.
Migration: apply supabase/migration-v5.sql to add memory_pools, pool_members, and the nullable pool_id column on memories. Existing private memories are unaffected.

Per-Memory ACLs

Sometimes a memory needs to be shared with specific agents but doesn't belong in a pool. Pass sharedWith on write() to grant individual agents read access via recallShared(). Pools and ACLs compose: a memory can live in a pool and be additionally shared with agents outside it.

// Writer side
await mem.write(
  'trading-agent', 'sensitive insight', 'analysis', 'observation',
  /* metadata */ undefined, /* treasury */ undefined,
  /* sharedWith */ ['execution-agent', 'risk-agent'],
);

// Reader side
const visible = await mem.recallShared('execution-agent');

Storage: memories.shared_with TEXT[] with a GIN index. Empty list = private to the writer.

Pool Audit Log

Every writeToPool, recallFromPool, and searchPool call writes a row to pool_access_log. Reads record the result count; writes record the new memory's id. Pool owners can replay the log to see who read what and when.

const log = await mem.getPoolAuditLog(pool.id, 'trading-agent');
// → [{ action: 'read',  agent_id: 'reporting-agent', result_count: 3,  created_at },
//    { action: 'write', agent_id: 'risk-agent',      memory_id: '...', created_at }]

Access: owner only — non-owners get PermissionError.
Best-effort: a failed audit insert never blocks the underlying read/write.

Cryptographic Agent Identity

By default agent_id is a trusted string. For production hardening — proving an agent owns its identity — sign claims with the agent's Aptos Ed25519 private key and verify them at the trust boundary. The primitives are exported; wiring them into RLS or every method call is opt-in (this stays compatible with the trust model already in use).

import { signAgentClaim, verifyAgentClaim } from '@forestinfra/shelmem';

// Agent side: produce a short-lived signed claim
const claim = signAgentClaim('trading-agent', process.env.AGENT_PRIVATE_KEY);
// → { agentId, timestamp, publicKey, signature }

// Verifier side: registry maps agent_id → expected pubkey
const expectedPub = REGISTRY['trading-agent'];
verifyAgentClaim(claim, 'trading-agent', expectedPub); // throws AgentClaimError on failure

Algo: Ed25519 signature over shelmem:agent-claim:v1\n{agent_id}\n{timestamp}.
Replay protection: claims expire after maxAgeSeconds (default 300s).
Same key: the agent's Aptos key already used for on-chain anchoring works directly — no new keys to issue.

Encryption

AES-256-GCM encryption. Key derived from your Aptos private key via HMAC-SHA256. Content hashes are computed on plaintext before encryption so tamper verification still works.

const mem = new ShelMem({
  supabaseUrl, supabaseKey,
  aptosPrivateKey: '0x...',
  encrypt: true,
});
// Write encrypted, recall decrypted, hash verified on plaintext

Format: [IV 12B] [AuthTag 16B] [Ciphertext]
Key: HMAC-SHA256(privkey, "ShelMem-v1")
Algo: AES-256-GCM, random 96-bit IV per write

Semantic Search

pgvector embeddings stored alongside memories. Search by meaning, not keywords. Provider is pluggable — OpenAI included, any 1536-dim vector function works.

import { ShelMem, openaiEmbeddings } from '@forestinfra/shelmem';

const mem = new ShelMem({
  supabaseUrl, supabaseKey,
  embeddingProvider: openaiEmbeddings(process.env.OPENAI_API_KEY),
});

await mem.write('agent', 'ETH RSI is 28', 'analysis', 'observation');
const results = await mem.search('ethereum price?', 'agent');
// → [{ memory_preview: 'ETH RSI is 28', similarity: 0.87 }]

Configuration

Option	Required	Description
`supabaseUrl`	Yes	Supabase project URL
`supabaseKey`	Yes	Supabase API key
`aptosPrivateKey`	When encrypt=true	Ed25519 private key
`encrypt`	No	Enable AES-256-GCM (default false)
`embeddingProvider`	No	Function for semantic search
`network`	No	testnet (default) or shelbynet
`mock`	No	true (default) for local dev

Integrations

LangChain

Python

from shelmem.integrations.langchain import ShelMemChatMessageHistory

history = ShelMemChatMessageHistory(
    session_id="user-123", agent_id="my-chatbot",
    supabase_url=url, supabase_key=key,
)

from langchain_core.runnables.history import RunnableWithMessageHistory
chain_with_history = RunnableWithMessageHistory(chain, lambda sid: history)

CrewAI

Python

from shelmem.integrations.crewai import ShelMemStorage
crew = Crew(
    agents=[...], tasks=[...], memory=True,
    short_term_memory=ShortTermMemory(storage=ShelMemStorage(
        crew_id="my-crew", supabase_url=url, supabase_key=key,
    )),
)

Vercel AI SDK

TypeScript

import { createShelMemTools } from '@forestinfra/shelmem';
const tools = createShelMemTools({
  agentId: 'my-agent',
  supabaseUrl: process.env.SUPABASE_URL,
  supabaseKey: process.env.SUPABASE_KEY,
});
// gives agents memorize + remember tools

Database Setup

Create a Supabase project, then run this SQL:

SQL

CREATE EXTENSION IF NOT EXISTS vector;

CREATE TABLE IF NOT EXISTS memories (
  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
  agent_id TEXT NOT NULL, context TEXT NOT NULL,
  memory_preview TEXT, shelby_object_id TEXT NOT NULL,
  aptos_tx_hash TEXT, content_hash CHAR(64),
  memory_type TEXT DEFAULT 'observation',
  verified BOOLEAN, embedding vector(1536),
  amount NUMERIC, currency TEXT,
  counterparty TEXT, tx_status TEXT,
  metadata JSONB DEFAULT '{}',
  created_at TIMESTAMPTZ DEFAULT now(),
  updated_at TIMESTAMPTZ DEFAULT now()
);

CREATE INDEX idx_memories_agent_id ON memories(agent_id);
CREATE INDEX idx_memories_agent_context ON memories(agent_id, context);
CREATE INDEX idx_memories_created_at ON memories(created_at DESC);
CREATE INDEX idx_memories_type ON memories(agent_id, memory_type);
CREATE INDEX idx_memories_embedding ON memories USING hnsw (embedding vector_cosine_ops);
ALTER TABLE memories ENABLE ROW LEVEL SECURITY;
CREATE POLICY "Allow all" ON memories FOR ALL USING (true) WITH CHECK (true);

-- Shared pools (migration-v5)
CREATE TABLE memory_pools (
  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
  name TEXT NOT NULL, description TEXT,
  owner_agent_id TEXT NOT NULL,
  metadata JSONB DEFAULT '{}',
  created_at TIMESTAMPTZ DEFAULT now(),
  updated_at TIMESTAMPTZ DEFAULT now()
);
CREATE TABLE pool_members (
  pool_id UUID REFERENCES memory_pools(id) ON DELETE CASCADE,
  agent_id TEXT NOT NULL,
  role TEXT CHECK (role IN ('owner','writer','reader')),
  added_at TIMESTAMPTZ DEFAULT now(),
  PRIMARY KEY (pool_id, agent_id)
);
ALTER TABLE memories ADD COLUMN pool_id UUID
  REFERENCES memory_pools(id) ON DELETE SET NULL;

-- ACLs + audit log + pool semantic search (migration-v6)
ALTER TABLE memories ADD COLUMN shared_with TEXT[] DEFAULT '{}';
CREATE INDEX idx_memories_shared_with ON memories USING gin (shared_with);

CREATE TABLE pool_access_log (
  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
  pool_id UUID REFERENCES memory_pools(id) ON DELETE CASCADE,
  agent_id TEXT NOT NULL,
  action TEXT CHECK (action IN ('write','read')),
  memory_id UUID REFERENCES memories(id) ON DELETE SET NULL,
  result_count INT, metadata JSONB DEFAULT '{}',
  created_at TIMESTAMPTZ DEFAULT now()
);
-- Plus the match_pool_memories pgvector RPC — see migration-v6.sql.

Architecture

Flow

Agent → ShelMem SDK → [SHA-256 hash] → [AES-256 encrypt]
                    → Shelby Protocol (encrypted content)
                    → Supabase (metadata + embeddings)
                    → Aptos (on-chain proof)

Recall ← [verify hash] ← [decrypt] ← Shelby download
       ← Supabase metadata query

Shelby

Decentralised hot storage. Encrypted content lives here.

Supabase

Metadata + pgvector embeddings. Agent IDs, hashes, timestamps.

Aptos

On-chain anchoring. Every write submits a transaction as proof.