Memory Sidecar v3.5.1 is the operational hardening release for the public agent-agnostic memory layer. If you’re running memory sidecars in production, this update delivers the stability and security improvements you’ve been demanding. No new features — just tighter resilience, stronger defaults, and better observability. The focus is on making the sidecar production-ready without changing the API or breaking existing integrations.
The release targets four critical areas:
Graceful Degradation — Upstream memory failures used to cascade into sidecar crashes. Now the sidecar implements exponential backoff and circuit breaking for all backend connections. Slots degrade individually rather than killing the entire process. The retry policy is configurable, but the default settings have been battle-tested under load.
Security Hardening — The dependency tree has been minimized and all libraries updated to eliminate CVEs. TLS 1.3 is now mandatory for sidecar-to-backend communication, with certificate pinning enabled by default. The sidecar drops support for plaintext fallback. If your deployment uses self-signed certs, the hardened.yaml configuration includes an example for rotating them safely without downtime.
Observability Out of the Box — Structured logs via OpenTelemetry replace ad hoc stdout dumps. Every memory read and write emits a span. Metrics endpoints now expose cache hit ratios, latency p50/p95/p99, and error counts. A dedicated /metrics port is available, separate from the control plane. This avoids collision with agent health checks.
Agent Agnosticism Verified — The sidecar’s contract is tested against LangChain, LlamaIndex, and a raw HTTP client. The v3.5.1 release adds regression runs in CI for all three. No agent-specific logic lives in the sidecar. Memory operations remain stateless from the sidecar’s perspective. This ensures any external runtime can swap in without sidecar changes.
The most impactful internal change is the new memory allocation protocol. Concurrent writes previously corrupted slot entries. The fix replaces the mutex-based guard with a lock-free ring buffer that uses versioned entries. Writers stamp each entry with a monotonic version. Readers validate the version after copy. This prevents torn reads without slowing down the hot path.
Here is how you deploy the hardened sidecar using the hermes-memory-installer:
hermes memory run --sidecar-version 3.5.1 --config ./hardened.yaml \
--check-consistency --metric-port 9090
The --check-consistency flag activates the new validation layer. The sidecar logs and exposes a counter for every stale read attempt. The --config flag loads the hardened profile, which enforces TLS 1.3 and the lock-free allocator. The --metric-port option surfaces Prometheus-compatible gauges. This single command gives you the full hardening stack.
Upgrading from v3.4.x is a dropped-in replacement. The installer handles the config migration automatically, preserving existing memory associations. If you are coming from an earlier version, the installer includes a dry-run mode to validate your current config against the new defaults.
A tradeoff: the hardened mode adds roughly 5% memory overhead for checksum storage and version metadata. In practice this means ~50 MB extra per 1 GB of memory pool. The operational benefit — no data corruption under concurrent access — outweighs the cost.
Memory Sidecar v3.5.1 is available now through the hermes-memory-installer. Run hermes memory update to pull the latest image. For fresh installs, the installer wizard highlights the hardening options. This release is the only one targeting production agents that need memory without agent lock-in. It works exactly as before, only tougher.
Top comments (0)