Mem0
best if you want a drop-in memory layer with broad framework integrations, managed or self-hosted.
TL;DR
Mem0, Zep, Cognee, and Letta are strong, established agent-memory tools, and each documents real governance controls. Heartwood Memory's distinction is narrower and deeper: record-level cryptographic proof — per-memory signatures, policy-before-ranking recall, and a per-subject key-destruction proof on erasure — that you can re-execute yourself by cloning the source-available core and running its trust suite. If you need fast, flexible, mature recall, the incumbents are excellent. If you need to prove — cryptographically, per record — what an agent remembered, why it was recalled, and that a deletion actually destroyed the key, that re-executable proof is Heartwood's lane.
You're likely evaluating because “just add memory” turned into real questions: who can read a memory, can you audit why one was recalled, can you prove one was deleted, and does any of it hold up under compliance review. All five tools here answer the first questions well. They diverge on the last one — provability — which is where this comparison focuses.
The ten axes in the table below: governance granularity (where the rules live), provenance signing, tamper-evident audit, policy-before-ranking recall, erasure / right-to-be-forgotten, interface, deployment, license, pricing, and best-fit. We add one more Heartwood-specific axis — a re-executable proof suite — because it's the capability that separates “documented governance” from “governance you can verify yourself.”
Read the columns honestly. Each competitor is split by product surface where its license, deployment, or controls differ (managed vs open-source engine). “Not evaluated in public docs” means the capability was not found in that vendor's current primary documentation as of 2026-07-15 — it is not an assertion that the feature is absent.
| Axis | Heartwood Memory | Mem0 | Zep | Cognee | Letta |
|---|---|---|---|---|---|
| Governance granularity (where rules live) | Per individual memory record — policy travels with each record | Org/project membership + entity IDs (user, agent, app, session); not documented as per-record policy | Account/project RBAC across managed Context Graphs; Enterprise adds audit, retention, customer-key controls | Tenant roles + direct dataset-level read/write/delete grants for users and agents | Not evaluated in public docs (pricing lists RBAC; the detailed RBAC page currently 404s) |
| Provenance signing | Per-record Ed25519 signature, verified fail-closed at read | Not evaluated in public docs (full change history documented; no per-record signing found) | Not evaluated in public docs (Graphiti traces derived facts to episodes; no per-record signing found) | Not evaluated in public docs (document-level metadata/provenance; no per-record signing found) | Not evaluated in public docs |
| Tamper-evident audit | Hash-chained, tamper-evident audit log | Not evaluated in public docs (self-hosting includes a live audit log; no hash-chain claim found) | Not evaluated in public docs (API logs = complete audit trail; no hash-chain claim found) | Not evaluated in public docs (Cloud lists audit logging; no hash-chain claim found) | Not evaluated in public docs |
| Policy-before-ranking recall | Policy gates recall before ranking; constant-shape (no existence leak) | Not evaluated in public docs | Not evaluated in public docs (authorization documented across queries; ordering vs ranking not stated) | Not evaluated in public docs (results limited to accessible datasets; ranking order not stated) | Not evaluated in public docs (core blocks are always-visible; no policy-before-ranking control found) |
| Erasure / right-to-be-forgotten | Crypto-shred of the per-subject key + derived-artifact purge; per-subject key-destruction proof | Record, batch, entity-filtered, and project deletion documented (no cryptographic proof claimed) | Single-operation user deletion removes threads, artifacts, and the user graph (no cryptographic proof claimed) | Item/dataset/all deletion removes graph, vector, and relational data, with storage/shared-node caveats (no cryptographic proof claimed) | Block, archival-passage, and agent deletion APIs (not cryptographic or verified RTBF) |
| Interface | Python library + governed MCP server | Python/TypeScript SDKs, REST API, MCP/integrations, self-hosted server | Managed API with Python/TS/Go SDKs; Graphiti is a separate OSS engine + MCP server | Python API, HTTP API, CLI, and MCP tools | TypeScript/Python SDKs and REST API; MCP/external DBs connectable as tools |
| Deployment | Self-hosted, embedded beside your system of record (source-available core) | Managed Platform or Apache-2.0 self-hosted library/REST stack | Zep Cloud / Cloud+BYOK / BYOC (managed); Graphiti is the separate self-hosted OSS engine (managed Zep is not embedded) | Local/embedded, self-hosted Docker, managed Cloud, or Enterprise BYO cloud | Open-source self-hosted Docker/server, or managed Letta cloud features |
| License | Source-available — BSL 1.1 (converts to Apache-2.0 four years after each release; 0.1.x tail remains MIT). Never “open source.” | Apache-2.0 (Mem0 OSS repo); managed Platform terms separate | Graphiti + getzep/zep repo Apache-2.0; managed Zep Context Graph Engine proprietary | Apache-2.0 OSS engine; hosted Cognee Cloud + Enterprise separate | Apache-2.0 (Letta repo); managed service terms separate |
| Pricing entry | Free (Community, source-available, self-hosted); Team $349/mo, Professional $6,000/yr — early access, no live checkout; Enterprise Let's talk | Hobby Free; Starter $19/mo; Growth $79/mo; Pro $249/mo; Enterprise custom (vendor pricing — reverify at publish) | Free trial; Flex $1,250/yr; Flex Plus $3,750/yr; Enterprise custom (vendor pricing; credit overages apply) | Free ($0, one workspace/1M tokens); Standard $2.50 / 1M tokens + $5/additional workspace; Enterprise custom (vendor pricing) | Free $0; Pro $20/mo; API Plan $20/mo + usage; Enterprise custom (vendor pricing) |
| Primary job / best-for | Record-level, re-executable proof for regulated / compliance-driven teams | Drop-in managed or self-hosted memory layer with broad integrations | Managed temporal Context Graphs at enterprise scale, with documented governance/deployment controls | Graph/ontology-centered memory pipelines, OSS + managed | Building and operating stateful agents with self-editing, persistent memory |
| Re-executable proof suite | Yes — the executable gates behind every claim; clone the core and run them yourself | Not evaluated in public docs | Not evaluated in public docs | Not evaluated in public docs | Not evaluated in public docs |
“Not evaluated in public docs” = not found in that vendor's current primary documentation as of 2026-07-15; it is not a claim the feature is absent. Vendor pricing reverified immediately before publish. Managed products and open-source engines are listed separately where they differ.
best if you want a drop-in memory layer with broad framework integrations, managed or self-hosted.
best for managed temporal Context Graphs at enterprise scale with documented governance and deployment controls (Cloud/BYOK/BYOC). Zep publishes a sub-200ms-at-scale retrieval figure — treat it as a vendor claim, not an independent benchmark.
best for graph/ontology-centered memory pipelines; it leads on graph and ontology depth and has a longer public history than Heartwood.
best for building and operating stateful agents with self-editing, persistent memory (the framework formerly known as MemGPT; “MemGPT” now names the original research pattern).
best when you must prove governance at the record level and re-execute that proof yourself: per-memory signatures, policy-before-ranking, and a key-destruction proof on erasure. Heartwood is the younger entrant; the others have longer public histories and established ecosystems.
Mem0, Zep, Cognee, and Letta all document governance features. Heartwood differentiates through record-level cryptographic and re-executable proof. The rules don't live in your app code or a dashboard policy — they live on the memory record itself: every write is Ed25519-signed and re-verified fail-closed at read, recall is policy-gated before ranking, and a hard delete crypto-shreds the per-subject key and records a key-destruction proof in a hash-chained audit log. And because the core is source-available, you don't have to take any of that on faith — you clone it and run the trust suite.
See how governed agent memory worksChoose by fit: Mem0 for a drop-in memory layer and integrations; Zep for managed temporal Context Graphs, enterprise scale, and documented governance; Cognee for graph/ontology-centered memory; Letta for stateful agents with self-editing memory; Heartwood for record-level cryptographic proof you can re-execute. If you operate in a regulated or audited context and need per-record provenance and a defensible deletion proof, that's Heartwood's design center — free to self-host for non-production at any size, and free in production for small orgs (see licensing).
Mem0, Zep, Cognee, and Letta all document governance features. Heartwood's distinction is not governance versus none — it is source-auditable, record-level cryptographic proof that you can re-execute: per-memory Ed25519 signatures, policy-before-ranking recall, and a per-subject key-destruction proof on erasure, all behind a trust suite you run yourself.
Yes — each documents real governance: Mem0 has organization/project isolation and workspace governance; Zep documents RBAC, audit logging, retention, and multi-tenant isolation; Cognee documents tenant/dataset permissions and audit logging; Letta lists role-based access control. Heartwood's difference is where governance lives (on each record) and that you can re-execute the proof yourself.
Yes — that's the point of the model. Heartwood's core is source-available, and it ships a re-executable trust suite: the executable gates behind every claim, which you clone and run. It's the rare comparison asset you can falsify rather than take on faith.
The core is source-available, not OSI "open source." From version 0.2.0 it is licensed under the Business Source License 1.1: you can read the source, run it locally, develop against it, and evaluate and self-host it for non-production use at no charge — and small organizations can run it in production at no charge too. Larger organizations need a commercial license for production use. Each release becomes Apache-2.0 licensed four years after it ships. (Versions 0.1.0–0.1.2 remain MIT-licensed and always will.)