Every memory write returns a cryptographic proof. SHA-256 hash of namespace:key:value:timestamp, chained into a running Merkle root. Verify agent memory offline — no trust required.
When an agent calls POST /v1/memory-set, Slopshop stores the key-value pair and immediately computes two proofs: a leaf proof_hash and an updated Merkle root. Both are returned in the response body — no extra call needed.
The proof is deterministic. Given the same namespace, key, value, and timestamp, anyone can recompute the SHA-256 hash offline and confirm it matches. The Merkle root chains every write in sequence, so tampering with any historical entry breaks the root.
Agent calls POST /v1/memory-set with namespace, key, and value. Slopshop stores the entry in SQLite with an auto-generated timestamp and version number.
Slopshop computes SHA-256(namespace + ":" + key + ":" + value + ":" + timestamp) — the proof_hash. This is the leaf node of the Merkle tree.
The new leaf is appended to the namespace's running Merkle chain. The root is recomputed and stored. The merkle_root reflects the entire write history for that namespace.
Both proof_hash and merkle_root are included in the JSON response body. Store them in your agent's working context or pass them downstream to a verifier.
The POST /v1/memory-set endpoint now returns two additional fields alongside the standard storage confirmation.
// Request body { "namespace": "project", "key": "findings", "value": "Latency is under 120ms on warm cache" }
{
"status": "stored",
"key": "findings",
"namespace": "project",
"version": 1,
"proof_hash": "a3f7b2c1d4e5f6789abc...",
"merkle_root": "e1d2c3b4a5f6789012ab...",
"_engine": "real"
}
proof_hash is the SHA-256 leaf for this specific write. merkle_root is the running chain root for the entire namespace. Use proof_hash to verify individual writes; use merkle_root to verify the full namespace history.
Any system — including your own script — can verify that a proof is valid. Slopshop exposes a dedicated verification endpoint for server-side checks, or you can recompute the hash locally.
// Submit the leaf and the root you received { "leaf": "a3f7b2c1d4e5f6789abc...", "root": "e1d2c3b4a5f6789012ab..." } // Response { "verified": true, "position": 7, "namespace": "project" }
// Recompute the leaf hash from raw values const crypto = require('crypto'); function verifyMemoryWrite({ namespace, key, value, timestamp, proof_hash }) { const input = `${namespace}:${key}:${value}:${timestamp}`; const computed = crypto.createHash('sha256').update(input).digest('hex'); return computed === proof_hash; } // Returns true if the write was not tampered with verifyMemoryWrite({ namespace: 'project', key: 'findings', value: 'Latency is under 120ms on warm cache', timestamp: '2026-03-31T14:22:00Z', proof_hash: 'a3f7b2c1d4e5f6789abc...' }); // => true
Need to pull the proof for a specific memory key later? Use the proof retrieval endpoint. This is useful for audit workflows where you need to revalidate a past write without storing the proof hash in the agent's context.
// Retrieve proof for a specific key in a namespace GET /v1/memory/proof/findings?namespace=project // Response { "key": "findings", "namespace": "project", "version": 1, "proof_hash": "a3f7b2c1d4e5f6789abc...", "merkle_root": "e1d2c3b4a5f6789012ab...", "timestamp": "2026-03-31T14:22:00Z" }
Because the hash function is deterministic and the inputs are plain text, any third party can verify a memory write without contacting Slopshop servers. This means:
If a stored value is modified after writing, the recomputed hash won't match the proof returned at write time.
Every write is a timestamped, hashed record. Export them from GET /v1/memory/audit for compliance logs.
Proofs are verifiable by any SHA-256 implementation. Your compliance team or an external auditor can verify without credentials.
The Merkle root chains all writes in order. Any gap or reordering in the history breaks the root, making deletions visible.
Store the proof_hash alongside your agent's findings so downstream agents or human reviewers can verify the data provenance without having to call back to Slopshop.
import requests SLOP_URL = "https://api.slopshop.gg/v1" HEADERS = {"Authorization": "Bearer sk-slop-..."} # 1. Write a memory entry res = requests.post(f"{SLOP_URL}/memory-set", headers=HEADERS, json={ "namespace": "research", "key": "summary", "value": "Competitor A raised $40M Series B" } ).json() proof_hash = res["proof_hash"] merkle_root = res["merkle_root"] # 2. Pass proof to the next agent in the chain chain_payload = { "finding": "Competitor A raised $40M Series B", "proof_hash": proof_hash, "root": merkle_root, "verified": True # downstream agent can re-verify } # 3. Downstream agent verifies before acting on the data verify = requests.post(f"{SLOP_URL}/proof/verify", headers=HEADERS, json={"leaf": proof_hash, "root": merkle_root} ).json() assert verify["verified"] == True print("Data provenance confirmed ✓")
Combine verifiable memory with the Credential Vault to build fully auditable, secretless agent pipelines. Every credential access is logged; every memory write is provable.