Skip to content

feat(memory): per-tenant memory isolation #5967

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
John-Jepsen wants to merge 9 commits into
base: main
Choose a base branch
from
+3,119 −230
Open

feat(memory): per-tenant memory isolation #5967

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
f2efe02
docs(memory): add design doc for per-tenant memory isolation
John-Jepsen May 29, 2026
c55f509
feat(memory): add tenant_id and user_id fields to MemoryRecord
John-Jepsen May 29, 2026
69ec535
refactor(memory): require tenant_id keyword on StorageBackend protocol
John-Jepsen May 29, 2026
6f89c45
feat(memory): add ScopedStorage wrapper and tenant isolation tests
John-Jepsen May 29, 2026
9e3adb0
feat(memory): wire ScopedStorage through Memory and Flows
John-Jepsen May 29, 2026
7982112
feat(cli): add 'crewai memory migrate' for tenant isolation rollout
John-Jepsen May 29, 2026
a236207
docs(memory): add per-tenant memory isolation guide
John-Jepsen May 29, 2026
90073fb
fix(memory): address CodeRabbit review on PR #5967
John-Jepsen May 29, 2026
c37fa4e
Merge branch 'main' into feat/memory-tenant-isolation
John-Jepsen May 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
474 changes: 474 additions & 0 deletions design-docs/0001-per-tenant-memory-isolation.md
View file
Open in desktop

Large diffs are not rendered by default.

69 changes: 69 additions & 0 deletions design-docs/diagrams/identity-propagation.mmd
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
%% Per-tenant memory isolation — identity propagation and enforcement path
%% Source of truth for the diagram embedded in
%% design-docs/0001-per-tenant-memory-isolation.md
%% Render:
%% npx -p @mermaid-js/mermaid-cli mmdc -i identity-propagation.mmd -o identity-propagation.svg
%% (or paste into https://mermaid.live)
flowchart TD
Caller["Caller<br/>(API handler, Flow step, agent)"]
Resolve{"Resolve effective tenant<br/>per-call &gt; instance default &gt; '_default'"}

subgraph MemoryAPI["Memory — public API"]
Remember["remember(content, tenant_id=, user_id=)"]
Recall["recall(query, tenant_id=, user_id=)"]
Forget["forget(tenant_id=, user_id=)"]
Scoped["_scoped(tenant_id, user_id)<br/>builds ScopedStorage proxy"]
end

subgraph Enforcement["ScopedStorage — ENFORCEMENT CHOKEPOINT"]
Stamp["WRITE — stamp tenant_id on every record<br/>cross-tenant record raises PermissionError"]
Inject["READ — inject tenant_id predicate<br/>callers cannot omit it"]
Verify["VERIFY — re-check every returned row<br/>foreign tenant row raises RuntimeError (loud)"]
end

subgraph Protocol["StorageBackend Protocol"]
SaveAPI["save(records)"]
SearchAPI["search(*, tenant_id: str, …)<br/>required keyword-only<br/>mypy --strict catches omissions in CI"]
DeleteAPI["delete(*, tenant_id: str, …)"]
end

subgraph Backend["Underlying backend — LanceDB / Chroma / Qdrant"]
Column["tenant_id column<br/>NOT NULL + index on (tenant_id, scope)"]
Filter["WHERE tenant_id = ? pushed into vector query<br/>foreign rows never enter candidate pool"]
end

RecallFlow["RecallFlow (deep mode)<br/>holds ScopedStorage, not raw backend<br/>→ exploration cannot escape tenant filter"]

Caller --> Resolve
Resolve --> Remember
Resolve --> Recall
Resolve --> Forget

Remember --> Scoped
Recall --> Scoped
Forget --> Scoped

Scoped --> Stamp
Scoped --> Inject
Inject --> Verify

Stamp --> SaveAPI
Verify --> SearchAPI
Inject --> DeleteAPI

SaveAPI --> Column
SearchAPI --> Filter
DeleteAPI --> Filter

Recall -. depth=deep .-> RecallFlow
RecallFlow --> Scoped

classDef enforce fill:#ffe6e6,stroke:#c0392b,stroke-width:3px,color:#000
classDef boundary fill:#fff4e0,stroke:#e67e22,stroke-width:2px,color:#000
classDef storage fill:#e8f4fd,stroke:#2980b9,stroke-width:2px,color:#000
classDef caller fill:#eafaf1,stroke:#27ae60,stroke-width:2px,color:#000

class Stamp,Inject,Verify enforce
class SaveAPI,SearchAPI,DeleteAPI boundary
class Column,Filter storage
class Caller,Resolve caller
15 changes: 15 additions & 0 deletions docs/docs.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -686,6 +687,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -1204,6 +1206,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -1688,6 +1691,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -2172,6 +2176,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -2656,6 +2661,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -3150,6 +3156,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -3644,6 +3651,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -4138,6 +4146,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -4631,6 +4640,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -5114,6 +5124,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -5597,6 +5608,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -6080,6 +6092,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -6565,6 +6578,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down Expand Up @@ -7049,6 +7063,7 @@
"en/concepts/collaboration",
"en/concepts/training",
"en/concepts/memory",
"en/concepts/memory-isolation",
"en/concepts/reasoning",
"en/concepts/planning",
"en/concepts/testing",
Expand Down
Loading