The Wire
Research

SMSR: Certified Defence Against Runtime Memory Poisoning in Persistent LLM Agents

arXivhigh signal

SMSR defends persistent-memory agents from multi-session memory poisoning using HMAC-SHA256 signing plus randomized memory ablation and majority voting. It drops attack success from 93–100% to 0% for unsigned injections and holds authenticated single-injection attacks to 8.0% (95% CI [5.8, 10.9]), while keeping 90% utility on clean queries across 3,150 trials in 15 enterprise scenarios. Directly relevant to anyone running agents with long-lived memory.

Follow the thread