sql/001_init.sql

-- BrainCore pgVector Starter — Safe-by-default schema
-- This is a reference starter, NOT production-ready.

-- Enable pgvector extension
CREATE EXTENSION IF NOT EXISTS vector;

-- 1. Trust classes: gate what can be retrieved and how it is ranked
CREATE TABLE trust_classes (
    id          SERIAL PRIMARY KEY,
    label       TEXT NOT NULL UNIQUE,
    description TEXT,
    max_rank    INTEGER DEFAULT 100,  -- lower = more trusted
    created_at  TIMESTAMPTZ DEFAULT NOW()
);

-- 2. Sources: provenance for every memory item
CREATE TABLE sources (
    id          SERIAL PRIMARY KEY,
    name        TEXT NOT NULL,
    source_type TEXT,                  -- e.g. 'user', 'tool', 'llm', 'file'
    tags        TEXT[],                -- e.g. '{"verified","community"}'
    url         TEXT,
    metadata    JSONB,
    created_at  TIMESTAMPTZ DEFAULT NOW()
);

-- 3. Memory items: the core vector memory store
CREATE TABLE memory_items (
    id          SERIAL PRIMARY KEY,
    tenant_id   TEXT NOT NULL DEFAULT 'public',
    content     TEXT NOT NULL,
    embedding   vector(384),           -- adjust dimension to your model
    visibility  TEXT NOT NULL DEFAULT 'restricted',
                              -- 'public' or 'restricted'
    trust_class_id INTEGER REFERENCES trust_classes(id) ON DELETE SET NULL,
    source_id   INTEGER REFERENCES sources(id) ON DELETE SET NULL,
    metadata    JSONB,
    created_at  TIMESTAMPTZ DEFAULT NOW(),
    updated_at  TIMESTAMPTZ DEFAULT NOW()
);

-- 4. Memory events: audit trail for writes/updates/deletes
CREATE TABLE memory_events (
    id          SERIAL PRIMARY KEY,
    memory_id   INTEGER REFERENCES memory_items(id) ON DELETE CASCADE,
    event_type  TEXT NOT NULL,         -- 'created', 'updated', 'deleted', 'accessed'
    actor       TEXT,                  -- who triggered it
    details     JSONB,
    created_at  TIMESTAMPTZ DEFAULT NOW()
);

-- 5. Retrieval logs: capture queries and results for audit
CREATE TABLE retrieval_logs (
    id          SERIAL PRIMARY KEY,
    tenant_id   TEXT NOT NULL,
    query_text  TEXT,
    query_vector vector(384),
    filters     JSONB,                 -- what filters were applied
    results     JSONB,                 -- list of returned memory_ids + scores
    latency_ms  INTEGER,
    created_at  TIMESTAMPTZ DEFAULT NOW()
);

-- Indexes
CREATE INDEX idx_memory_items_tenant ON memory_items(tenant_id);
CREATE INDEX idx_memory_items_visibility ON memory_items(visibility);
CREATE INDEX idx_memory_items_trust ON memory_items(trust_class_id);
CREATE INDEX idx_memory_items_source ON memory_items(source_id);

-- HNSW index for fast vector search (good for <100k rows in this starter)
CREATE INDEX idx_memory_items_embedding ON memory_items
    USING hnsw (embedding vector_cosine_ops)
    WITH (m = 16, ef_construction = 64);

-- Partial index: only public memories (cross-tenant retrieval)
CREATE INDEX idx_memory_items_public ON memory_items(tenant_id, visibility)
    WHERE visibility = 'public';

-- Row-level security (disabled by default so the starter works without auth)
-- In production, enable RLS and set policies per tenant.
-- ALTER TABLE memory_items ENABLE ROW LEVEL SECURITY;