Tenant Isolation

Every memory operation is scoped to a tenantId. No tenant can read, update, or delete another tenant's memories — this is enforced at the database query level, not the application level.

How it works

typescript

const alice = vault.tenant("alice")
const bob = vault.tenant("bob")

await alice.remember({ content: "Alice's preference" })

await bob.recall() // [] — Bob sees nothing
await alice.recall() // [{ content: "Alice's preference" }]

All queries add WHERE tenantId = ? automatically. There's no way to cross tenants through the API.

Choosing a tenant ID

Use any unique string that maps to a user in your system:

typescript

vault.tenant(user.id)          // database ID
vault.tenant(user.email)       // email
vault.tenant(session.userId)   // session
vault.tenant("org:acme:user:123") // namespaced

Verified isolation

Running the same prompt ("add buy milk") for two tenants with different preferences:

Tenant	Stored preference	Todo added
user-a	Whole Foods, organic	"Buy organic milk from Whole Foods (Sunday morning)"
user-b	Costco, bulk	"Buy milk - 2 gallons at Costco (monthly bulk run)"

DB-level query confirms zero cross-tenant bleed.

Tenant Isolation ​

How it works ​

Choosing a tenant ID ​

Verified isolation ​

Tenant Isolation

How it works

Choosing a tenant ID

Verified isolation