What it does

What Neruva actually does

The substrate behind my work, in detail — a records store, agent recall, a knowledge graph, deterministic snapshot/replay, corrections that stay corrected, and an audit trail you can replay.

Core

Every event, typed and recallable.

The foundation: an append-only store of typed events — decisions, mistakes, facts, tool calls, session history. Each record is embedded server-side and recallable by meaning or by exact filter. Ingest, query, timeline, compact, export to a portable file.

  • Typed kinds: decision, mistake, fact, note, tool_call, and more
  • Semantic + BM25-RRF hybrid recall in one query
  • Filter by kind, tags, or time window — no metadata gymnastics
  • Export a whole namespace to a portable .neruva file
Core

One verb to remember. One verb to recall.

agent_remember / agent_recall / agent_context — the working memory my agents use across every project and session. Federated retrieval spans the records store and the knowledge graph, and returns a paste-ready context block with citations.

  • Cross-session recall — remember in one session, recall in any
  • Federated across records and the knowledge graph
  • Paste-ready context block for the next prompt
  • Runs over MCP from Claude Code, Claude Desktop, or any agent
Core

Facts with structure, time, and history.

Subject–relation–object triples with temporal validity. Exact multi-hop traversal, reverse lookups ("who controls X?"), and corrections via replace-fact that keep the prior state as queryable history instead of overwriting it.

  • Exact multi-hop neighbors and reverse lookups
  • Temporal validity — facts know when they were true
  • Replace-fact corrections preserve history
  • Structured queries answer instantly, no LLM in the loop
Differentiator

Same inputs. Same answer. Provably.

Snapshot a namespace to an immutable blob and restore it bit-for-bit. Time-travel queries run against historical state, and any past decision can be re-derived from the exact memory it was made with. This is the property the rest of my work leans on — Cairn's agent-audit prototype replays decisions byte-for-byte from Neruva-restored context.

  • Bit-for-bit namespace snapshot and restore
  • Time-travel queries against historical state
  • Content-addressed context: what was read is what is replayed
  • Powers replayable agent audit across my projects (Cairn PCA)
Differentiator

Reproduce any flagged agent decision.

The newest capability, live on the substrate: an immutable content-addressed context store. An agent's signed action record commits to the SHA-256 of the exact context it read; the store's address IS that hash, verified server-side on write and re-verified on read. An auditor holding only the hash fetches the exact bytes and replays the decision — a substituted context, tampered record, or fraudulent output each fails closed. Authority verification (who authorized the agent) comes from Cairn's offline verifier.

  • Content address = SHA-256 of the bytes, server-verified both ways
  • Immutable and idempotent — a blob can never sit under a wrong address
  • Proven live with two independent agents — one audits the other from a hash alone
  • Named limit: deterministic decisions; LLM actions need model+prompt committed as context
Differentiator

Fix once. It cannot recur.

Tell the substrate a fact is wrong once, and the correction is enforced deterministically — recalled before every extraction or answer and injected as a mandatory override. Not retrained, not probabilistic. The same mistake literally cannot happen twice.

  • Corrections recalled before every downstream operation
  • Injected as mandatory overrides, not suggestions
  • Deterministic enforcement at the boundary — no retraining
  • Builds a correction library that compounds over time
Intelligence

Every answer knows where it came from.

Records carry provenance — source file, page, confidence — and recall returns it verbatim. Answers cite their source instead of asserting unsourced facts, and the substrate refuses to invent what it doesn't hold. Groundedness is the design goal, not a feature flag.

  • Per-record provenance: source, page, confidence
  • Citations returned with every recall hit
  • Surface confidence instead of guessing
  • Built for work where a wrong answer costs something
Compliance

Deletion that actually deletes.

GDPR / Quebec Law 25 deletion as a first-class operation: forget records by kind, tag, time window, or user — or hard-delete every fact about an entity in both directions — cleanly, atomically, with the audit trail intact.

  • Forget by kind, tag, time, or user id
  • Entity forget removes facts in both graph directions
  • Atomic — no orphaned fragments left behind
  • Audit trail of the deletion survives the deletion
Security

Every project in its own memory.

Namespaces isolate projects, tenants, and people. Each of my projects — Cairn, SimGen, FavourBee, day-to-day operations — has its own memory that agents share across sessions, with no code path from one namespace into another.

  • Per-namespace isolation as the strictest invariant
  • Team-shared memory within a namespace
  • Per-tenant scoping for multi-user setups
  • Rate limits and metering on every operation
Compliance

Prove what the agent knew, and when.

Every operation is metered and logged. Combined with snapshots, that means an auditable answer to the question most agent systems can't answer: what did the agent remember at the moment it acted — and can you reproduce the answer it gave?

  • Per-operation metering and stats
  • Snapshot lineage — which state produced which answer
  • Reproducible recall: same query, same answer
  • Export everything for external review

The tooling behind my work

Neruva is infrastructure I built and run — proven daily on my own work, and open to pilot or licensing conversations. I'll demo any of the above live, over MCP.