AgenticMem

Page 3 / Trust ladder

Five steps from laptop to FedRAMP

Each step extends the trust boundary. Every step is operationally valid; you do not need to be at step 5 to use the system.

Steps 1–5 below correspond to the five public reference architectures (T1–T5) in the OSS docs. Step 6 (Sovereign) extends T5 with FedRAMP authorization and air-gap operational support.

  1. Step 1 OSS Local v0.6.3 · free · Apache 2.0 Shipped

    Single-machine deployment. SQLite database. Bound to 127.0.0.1 by default. Zero outbound network calls. Personal-machine baseline.

    Use case: solo developer, individual researcher, evaluation deployment.

  2. Step 2 OSS Federation v0.6.3 · free · Apache 2.0 Shipped

    Multi-machine deployment with W-of-N quorum writes, mTLS client-cert authentication, fingerprint allowlist. No central PKI required. Each node operates independently.

    Use case: team deployments, multi-region replication, peer-to-peer organization.

  3. Step 3 OSS Attested v0.7 end Q2 2026 · free · Apache 2.0 In flight

    Adds Ed25519 cryptographic attestation. Every memory link write is signed end-to-end. Verifiable provenance from the originating agent through every replication hop.

    Use case: regulated environments where the OSS substrate is sufficient and your internal compliance team can map the evidence to your frameworks.

  4. Step 4 AgenticMem Attest commercial · Q3 2026 launch In flight

    Adds: hardware-backed key storage (TPM, HSM, AWS CloudHSM, Azure Dedicated HSM); SOC 2 Type II mapped evidence; HIPAA Business Associate Agreement; managed key rotation; 24/7 incident response; dedicated TAM.

    Use case: enterprises in regulated industries (financial services, healthcare, regulated professional services) that need commercial counterparty for compliance and liability acceptance.

  5. Step 5 AgenticMem Federate commercial · Q4 2026 launch In flight

    Adds (over Attest): cross-organization federation control plane; multi-region tribunal infrastructure with Byzantine fault tolerance; cross-trust-boundary key management; dedicated security operations center; quarterly third-party penetration testing; incident forensics retainer.

    Use case: large enterprises, consortia, multi-division deployments, joint ventures.

  6. Step 6 AgenticMem Sovereign commercial · targeted late 2027 (FedRAMP-dependent) Charter

    Adds (over Federate): FedRAMP Moderate or High authorization sponsorship via FedRAMP 20x pathway; DoD IL4 / IL5 mappings; ITAR registration; air-gap deployment kits; cleared support team; agency-specific evidence packages.

    Use case: government agencies, defense contractors, intelligence community deployments.

About FedRAMP timing

FedRAMP authorization timelines are 6–18 months minimum, dependent on agency sponsor availability and 3PAO assessment queue. We are pursuing FedRAMP 20x (the new automated pathway), which targets ~3 months for Low and Moderate impact levels. We cannot guarantee a specific authorization date because the FedRAMP process is governed by the GSA and the sponsoring agency, not by us. We will publish status updates publicly throughout the process.

Inquire about commercial deployment Verify the evidence