Skip to main content

GRAFOMEM Cloud — Inference Governance

Verify the memory. Govern the inference. Prove the erasure.

GRAFOMEM Cloud is the managed inference governance layer for the GRAFOMEM platform. While the core GMP protocol and conformance suite verify memory backends, GRAFOMEM Cloud adds the operational layer enterprises need: every AI inference is logged, every deletion is cryptographically proved, every policy is enforced before execution, and compliance reports are generated on demand.

Cloud vs. Core

Core GRAFOMEM answers: "Does my memory backend behave correctly?" GRAFOMEM Cloud answers: "Can I prove my AI system is governed, transparent, and compliant?"

The five governance layers

LayerWhat it doesAPI PrefixDocs
Decision TrailImmutable audit log of every inference decision — model, query, facts, output, tokens, latency. Ed25519-signed./v1/decisions/Decision Trail
Erasure ProofGDPR Article 17 signed erasure certificates. Cryptographic proof that data was deleted and all references scrubbed./v1/erasure/Erasure Proof
Governance GatewayPre-execution policy engine — rate limits, model allowlists, content filters, PII guards, HITL gates./v1/governance/Governance Gateway
Regulatory ReportsOne-click compliance packages for EU AI Act, GDPR, and DORA./v1/reports/Regulatory Reports
Cloud PortalWeb dashboard — 8 tabs, dark-mode glassmorphism UI.cloud.grafomem.comCloud Portal

Architecture

┌───────────────────────────────────────────────────┐
│ Cloud Portal (UI) │
├───────────────────────────────────────────────────┤
│ Reports │ Governance │ Erasure Proof │ Decision │
│ Engine │ Gateway │ Service │ Trail │
├───────────────────────────────────────────────────┤
│ Compliance · Metering · Auth · Billing │
├───────────────────────────────────────────────────┤
│ GMP Core — Memory Protocol + Backends │
├───────────────────────────────────────────────────┤
│ FastAPI · PostgreSQL · Ed25519 │
└───────────────────────────────────────────────────┘

Cryptographic guarantees

Every layer uses the same provenance primitives from the GMP core:

PrimitiveUsage
BLAKE2b-128Content-addressed IDs for decisions, certificates, and facts
BLAKE2b-256Tamper-detection hashes for reports and corpus manifests
Ed25519Digital signatures on decisions, erasure certificates, and conformance reports

Getting started

Managed Cloud — sign up at cloud.grafomem.com

Self-hosted — deploy with Cloud mode enabled:

pip install grafomem[cloud]
grafomem serve --cloud --db postgresql://... --port 8000

Or with Docker:

docker run -e DATABASE_URL=postgresql://... -e CLOUD_MODE=1 grafomem/server

API authentication

All Cloud APIs are tenant-scoped. Include your API key in every request:

curl -H "Authorization: Bearer gf_your_api_key_here" \
https://cloud.grafomem.com/v1/decisions/stats

API keys are managed via the Cloud Portal or POST /v1/cloud/keys/rotate.

Total API surface

The Cloud Platform adds 30 new endpoints across 4 routers: