memlineage v0.1.0 offers two-layer defense against memory poisoning in LLM agents
Developers have released memlineage v0.1.0, a Python library designed to protect AI agents with persistent memory from adversarial memory poisoning attacks that operate through normal interaction channels. The tool combines cryptographic provenance using Ed25519 signatures with behavioral detection based on tool-call trajectory analysis, addressing weaknesses that recent academic research identified in content-filter and trust-score-based defenses. Each stored memory is signed at write time and tied to a verified principal, while a derivation graph enforces that any memory traceable to an untrusted source can never be laundered to a trusted tier. A SensitiveActionGate blocks irreversible actions whose justification traces back to an untrusted ancestor, achieving an attack success rate of 0.000 against Layer A and an AUC of 0.978 with attacker camouflage on Layer B. The release was verified by an independent auditor who ran custom adversarial tests, with the behavioral detection layer currently set to alert-only mode pending false-positive rate measurement.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.


Discussion (0)
Log in to join the discussion and vote.
Log in