Zero-trust by construction
Per-agent mTLS identity and server-side path confinement. No shared storage credential to leak, widen, or exfiltrate.
orlop
Give each untrusted agent its own durable POSIX disk — without ever handing it your storage credentials.
orlop is a multi-tenant, zero-trust file plane for agent sandboxes. Each agent gets one auto-expanding POSIX directory that it mounts over FUSE and uses like an ordinary disk. The bytes live remotely in a content-addressed chunk store, so when the sandbox dies the data persists and the next run re-mounts the same disk with zero idle compute — and the agent never sees a storage credential.
Why orlop
Section titled “Why orlop”Survives the sandbox
Data lives in the remote chunk store and re-mounts on the next run with zero idle compute.
Content-addressed & deduped
Bytes are stored verbatim and deduped by hash, so keeping full, uncompressed history is nearly free.
Incremental & fast
A single-byte edit ships one ~4 MiB chunk, not the whole file; a persistent client cache makes re-reads run at local-disk speed.
Atomic overwrites
Versioned, compare-and-swap manifests replace a stale fact in place instead of appending and hoping retrieval picks the latest.
Drop-in POSIX
FUSE on Linux, in-process NFSv3 loopback on macOS. The agent just sees a directory.
Built for agent memory
Section titled “Built for agent memory”orlop is the storage substrate for an agent-memory stack — durable, cheap to update, and safe under multi-tenancy — but it does no extraction, ranking, or semantic consolidation; the layer above does. See Agent memory for what orlop gives that stack and where it stops.