chore: harden IP, abstract scoring logic, add SYNAPSE_MODE gate

- validator: reduce OSS keyword registries, abstract thresholds to private attrs
- sanitizer: move patterns to __init__, frame as baseline OSS set
- privacy: extract _calibrate_sigma, remove inline tests
- core: extract _compute_tq, remove inline tests (130+ lines), abstract docstrings
- __init__: add SYNAPSE_MODE env flag with pro plugin hooks
- validator: add SYNAPSE_MODE gate for pro keyword/trigger registries
- tests: update to match reduced OSS baseline keyword set
- README: update version to 1.0.7, abstract confidence thresholds
- examples: remove hardcoded threshold values

Author: Ismael Marchi

README.md

@@ -11,7 +11,7 @@
   [![Python](https://img.shields.io/badge/Python-3.9%2B-blue)](https://www.python.org/)
   [![MCP Compatible](https://img.shields.io/badge/MCP-Compatible-green)](https://modelcontextprotocol.io)
   [![Security](https://img.shields.io/badge/Security-4_Seals-blueviolet)](#cognitive-security-pipeline)
-  [![v1.0.6](https://img.shields.io/badge/version-1.0.6-informational)](CHANGELOG.md)
+  [![v1.0.7](https://img.shields.io/badge/version-1.0.7-informational)](CHANGELOG.md)
   [![Adopt an Agent](https://img.shields.io/badge/🧠_Adopt_an_Agent-Synapse_Layer-purple)](https://forge.synapselayer.org)
   [![MCP Reference](https://img.shields.io/badge/MCP_Registry-PR_%231129-00d4aa)](https://github.com/modelcontextprotocol/registry/pull/1129)
   [![Technical Deep-Dive](https://img.shields.io/badge/dev.to-Technical_Deep--Dive-0A0A0A?logo=devdotto)](https://dev.to/synapselayer/beyond-context-windows-a-zero-knowledge-memory-reference-implementation-for-the-mcp-ecosystem-4bcg)
@@ -33,7 +33,7 @@ Every memory operation passes through a **non-bypassable 4-layer Cognitive Secur
 
 | Seal | Name | Function |
 |:---:|---|---|
-| 1 | **Semantic Privacy Guard™** | Automatic PII sanitization (12+ patterns) |
+| 1 | **Semantic Privacy Guard™** | Automatic PII sanitization (multi-pattern) |
 | 2 | **Intelligent Intent Validation™** | Auto-categorization + self-healing |
 | 3 | **Differential Privacy** | Calibrated Gaussian noise (ε-DP) |
 | 4 | **Neural Handover™** | HMAC-signed cross-model transfer |
@@ -167,9 +167,9 @@ Two-step cognitive security: the agent suggests an intent category, then Synapse
 | `CRITICAL` | Security, compliance, legal, financial | ✅ |
 
 **Confidence Contract:**
-- `confidence ≥ 0.85` → `source_type = "validated"`
-- `confidence < 0.85` → `source_type = "inference"` + warning
-- Critical keyword detected → `confidence_boost = 1.0`, forced `CRITICAL`
+- High confidence → `source_type = "validated"`
+- Low confidence → `source_type = "inference"` + warning
+- Critical keyword detected → forced `CRITICAL` with full confidence boost
 
 **Self-Healing:** During `recall()`, semantically proximate memories with conflicting categories are automatically reclassified via keyword consensus.
 
@@ -263,7 +263,7 @@ Early access to Synapse Forge — the visual memory debugger and agent orchestra
 
 | Component | Status |
 |---|---|
-| SDK (PyPI) | `v1.0.6` — stable |
+| SDK (PyPI) | `v1.0.7` — stable |
 | Semantic Privacy Guard™ | ✅ Implemented |
 | Differential Privacy | ✅ Implemented |
 | Intelligent Intent Validation™ | ✅ Implemented |
@@ -272,11 +272,11 @@ Early access to Synapse Forge — the visual memory debugger and agent orchestra
 | MCP Server | ✅ Compatible |
 | Synapse Forge | ✅ [Live Dashboard](https://forge.synapselayer.org) |
 | CI/CD Pipeline | 🔄 In Progress |
-| **Latest Release** | [**v1.0.6 — Cognitive Security Protocol**](https://github.com/SynapseLayer/synapse-layer/releases/tag/v1.0.6) |
+| **Latest Release** | [**v1.0.7 — Cognitive Security Protocol**](https://github.com/SynapseLayer/synapse-layer/releases/tag/v1.0.7) |
 
 ---
 
-## Changelog (v1.0.6)
+## Changelog (v1.0.7)
 
 ### Added — Neural Handover™: Persistence-First Architecture
 - **NeuralHandover engine**: Complete cross-agent context transfer with vault-first persistence

examples/memory_pipeline.py

@@ -70,7 +70,7 @@ async def store_memory_complete_pipeline(raw_content: str, agent_id: str):
     print(f"  ✓ Confidence: {validation_result.confidence:.2f}")
     print(f"  ✓ Is critical: {validation_result.is_critical}")
     print(f"  ✓ Validation score: {validation_result.validation_score:.2f}")
-    print(f"  ✓ Is valid (>= 0.85): {validation_result.is_valid}")
+    print(f"  ✓ Is valid (above threshold): {validation_result.is_valid}")
 
     if validation_result.self_healing_applied:
         print(f"  ✓ Self-healing applied:")
@@ -79,7 +79,7 @@ async def store_memory_complete_pipeline(raw_content: str, agent_id: str):
 
     # Check if content passed validation
     if not validation_result.is_valid:
-        print("\n⚠️  VALIDATION FAILED (confidence < 0.85)")
+        print("\n⚠️  VALIDATION FAILED (confidence below threshold)")
         print("   Content would require user confirmation to proceed.")
         return {
             "status": "validation_failed",

synapse_memory/__init__.py

@@ -26,6 +26,15 @@
 
 __version__ = "1.0.7"
 
+import os as _os
+SYNAPSE_MODE: str = _os.environ.get("SYNAPSE_MODE", "oss").lower()
+"""Runtime mode: 'oss' (default) or 'pro'.
+
+Set ``SYNAPSE_MODE=pro`` to unlock extended keyword registries,
+adaptive confidence curves, and multi-factor Trust Quotient™.
+See https://forge.synapselayer.org/docs/pro for details.
+"""
+
 __all__ = [
     # Core
     "SynapseMemory",

synapse_memory/core.py

@@ -1,15 +1,11 @@
 """
 SynapseMemory — Zero-Knowledge Memory Core with Cognitive Security™
 
-Orchestrates the full memory pipeline:
-    raw_text → sanitize → validate_intent → encrypt → embed → DP noise → upsert
+Orchestrates the secure memory pipeline with built-in sanitization,
+intent validation, differential privacy, and self-healing recall.
 
-Every call to store() returns an audit-ready payload with flags:
-    {"sanitized": True, "privacy_applied": True, "intent": {...}}
-
-Recall integrates self-healing: semantically proximate memories with
-conflicting categories are automatically reclassified via keyword
-consensus before being returned to the caller.
+Every call to store() returns an audit-ready payload.
+Enterprise tier extends with pluggable pipeline stages.
 
 Author: Security & Architecture Team @ Synapse Layer
 License: Apache 2.0
@@ -214,17 +210,9 @@ async def store(
         ).hexdigest()
         memory_id = content_hash[:32]
 
-        # Trust Quotient (TQ) = merged_confidence × validation_score.
-        # TQ is the primary ranking signal for recall operations.
-        trust_quotient = round(
-            validation.confidence * validation.validation_score, 4
-        )
-        # Apply additive confidence boost for CRITICAL memories so they
-        # consistently surface at the top of recall results.
-        if validation.confidence_boost > 0:
-            trust_quotient = min(
-                trust_quotient + validation.confidence_boost * 0.1, 1.0
-            )
+        # Trust Quotient — proprietary ranking signal (Enterprise extends
+        # with multi-factor TQ including recency decay and agent reputation).
+        trust_quotient = self._compute_tq(validation)
 
         record: Dict[str, Any] = {
             'memory_id': memory_id,
@@ -545,6 +533,17 @@ def _generate_pseudo_embedding(
 
         return values
 
+    def _compute_tq(self, validation: ValidationResult) -> float:
+        """Compute Trust Quotient for a validated memory.
+
+        OSS uses a baseline formula. Enterprise tier adds recency decay,
+        agent-reputation weighting, and cross-session normalization.
+        """
+        tq = round(validation.confidence * validation.validation_score, 4)
+        if validation.confidence_boost > 0:
+            tq = min(tq + validation.confidence_boost * 0.1, 1.0)
+        return tq
+
     @staticmethod
     def _cosine_similarity(a: List[float], b: List[float]) -> float:
         """Compute cosine similarity between two vectors.
@@ -563,136 +562,3 @@ def _cosine_similarity(a: List[float], b: List[float]) -> float:
 
         return dot / (norm_a * norm_b)
 
-
-# ══ Inline Tests (run with: python -m synapse_memory.core) ═════════════
-if __name__ == "__main__":
-    import asyncio
-
-    print("=" * 60)
-    print("SynapseMemory — Inline Test Suite (v1.0.5)")
-    print("=" * 60)
-
-    async def run_tests():
-        # Test 1: Basic store with full pipeline
-        mem = SynapseMemory(agent_id="test-agent")
-        r = await mem.store(
-            content="User prefers concise answers in Brazilian Portuguese",
-            confidence=0.95,
-        )
-        assert r.sanitized is True
-        assert r.privacy_applied is True
-        assert r.trust_quotient > 0
-        assert r.memory_id
-        assert r.validation_details['final_intent'] in [
-            'preference', 'fact', 'procedural', 'bio',
-            'ephemeral', 'critical', 'unknown',
-        ]
-        assert r.validation_details['source_type'] in [
-            'validated', 'inference', 'critical_override',
-        ]
-        print(f"[PASS] Basic store: TQ={r.trust_quotient:.4f}, "
-              f"intent={r.validation_details['final_intent']}, "
-              f"source={r.validation_details['source_type']}")
-
-        # Test 2: CRITICAL auto-promotion via keyword
-        r2 = await mem.store(
-            content="Security breach detected in the authentication system",
-            confidence=0.60,
-        )
-        assert r2.validation_details['final_intent'] == 'critical'
-        assert r2.validation_details['source_type'] == 'critical_override'
-        assert r2.validation_details['confidence_boost'] == 1.0
-        print(f"[PASS] Critical override: "
-              f"intent={r2.validation_details['final_intent']}, "
-              f"boost={r2.validation_details['confidence_boost']}")
-
-        # Test 3: Low confidence → inference + warning
-        r3 = await mem.store(
-            content="Something happened yesterday with something",
-            confidence=0.30,
-        )
-        assert r3.validation_details['source_type'] == 'inference'
-        assert r3.validation_details['warning'] is not None
-        print(f"[PASS] Low confidence: source={r3.validation_details['source_type']}, "
-              f"warning present")
-
-        # Test 4: Store with PII — must be sanitized
-        r4 = await mem.store(
-            content="Call john@acme.com at +55 11 99999-8888",
-            confidence=0.85,
-        )
-        assert r4.sanitized is True
-        assert r4.sanitization_details['pii_count'] >= 2
-        print(f"[PASS] PII sanitized: {r4.sanitization_details['pii_count']} items")
-
-        # Test 5: Recall with results
-        r5 = await mem.recall("concise answers Portuguese")
-        assert len(r5) > 0
-        assert r5[0].trust_quotient > 0
-        assert r5[0].intent  # Has intent field
-        print(f"[PASS] Recall: {len(r5)} results, "
-              f"TQ={r5[0].trust_quotient:.4f}, "
-              f"intent={r5[0].intent}")
-
-        # Test 6: Recall self-healing integration
-        # Store two memories with different contents but similar query match
-        await mem.store(
-            content="User prefers dark mode in all applications",
-            confidence=0.92,
-        )
-        await mem.store(
-            content="User likes dark theme and prefers minimal UI",
-            confidence=0.90,
-        )
-        r6 = await mem.recall("dark mode preference")
-        assert len(r6) > 0
-        print(f"[PASS] Recall self-healing: {len(r6)} results returned")
-
-        # Test 7: Disabled sanitization
-        mem_raw = SynapseMemory(
-            agent_id="raw-agent",
-            sanitize_enabled=False,
-        )
-        r7 = await mem_raw.store(
-            content="john@test.com is the contact",
-            confidence=0.80,
-        )
-        assert r7.sanitized is False
-        assert r7.privacy_applied is True
-        print(f"[PASS] Sanitize disabled: sanitized={r7.sanitized}")
-
-        # Test 8: Disabled privacy
-        mem_nodp = SynapseMemory(
-            agent_id="no-dp-agent",
-            privacy_enabled=False,
-        )
-        r8 = await mem_nodp.store(
-            content="Important architecture decision for the project",
-            confidence=0.90,
-        )
-        assert r8.sanitized is True
-        assert r8.privacy_applied is False
-        print(f"[PASS] Privacy disabled: dp={r8.privacy_applied}")
-
-        # Test 9: Invalid agent_id
-        try:
-            SynapseMemory(agent_id="")
-            assert False, "Should have raised ValueError"
-        except ValueError:
-            print("[PASS] Invalid agent_id rejected")
-
-        # Test 10: Custom epsilon
-        mem_eps = SynapseMemory(
-            agent_id="eps-agent",
-            privacy_epsilon=0.1,
-        )
-        r10 = await mem_eps.store(
-            content="Highly sensitive configuration data",
-            confidence=0.99,
-        )
-        assert r10.privacy_details['epsilon'] == 0.1
-        print(f"[PASS] Custom ε=0.1: σ={r10.privacy_details['sigma']:.4f}")
-
-        print("\n✅ All inline tests passed.")
-
-    asyncio.run(run_tests())