Agent security model
Hosted Memnode treats machine access as explicit, scoped, and revocable. The product is not safe if agents only get one shared master secret.
Human owner first
A verified user still owns the account, billing relationship, and recovery path.
Scoped machine identity
Use `memory.read`, `memory.write`, or `memory.admin` rather than one all-powerful token.
Server-side quota enforcement
Daily request limits are enforced in the request path, not only shown in the UI.
Revocation matters
Hosted token metadata lives in Supabase, while the data plane can cache and refresh that state.