Memgraph Co-Processor
Memgraph is a reasoning co-processor that adds graph-native capabilities the forward-chaining engine structurally cannot provide: path-based reasoning, centrality weighting, community detection, and impact propagation.
Key principle: Memgraph does NOT replace the forward-chaining engine. The Python engine remains the hot-path scorer. Memgraph enriches results with graph-native reasoning.
Why Memgraph (Not Neo4j)
| Factor | Memgraph | Neo4j |
|---|
| Write performance | ~10× faster (100K inserts in 400ms) | 3.8s for same workload |
| Memory model | Native in-memory C++ | JVM-based, heavier footprint |
| Built-in ML | MAGE: PageRank, Leiden, TGN | GDS (paid enterprise tier) |
| Docker image | ~200MB | ~500MB+ |
| Railway fit | 256MB RAM sufficient | 512MB+ minimum for JVM |
Enrichment Pipeline
After the forward-chaining engine produces results, the MemgraphEnricher runs four graph queries to enhance the score:
async def enrich(result: InferenceResult) -> InferenceResult
Query 1: Impact Propagation (Blast Radius)
Traverses: RiskFactor → Article → Category → Framework
Returns PageRank, betweenness, and community_id for each article touched by the fired rules. High-PageRank articles indicate the violation has broad regulatory impact.
Query 2: Mitigation Coverage Optimization
Finds the minimal set of mitigations that cover the most violated articles. Returns mitigations ordered by coverage count.
Query 3: Cross-Framework Correlation
Counts how many distinct compliance frameworks are affected. Events triggering violations across 3+ frameworks are treated as systemic issues.
Counts how many distinct communities in the compliance graph are affected. Cross-community violations indicate the event touches structurally independent areas of regulation.
Score Adjustment Logic
# PageRank multiplier
if article.pagerank > 0.01:
score += 5
# Betweenness multiplier
if article.betweenness > 0.05:
score += 3
# Multi-community severity
if community_count >= 3:
score += 5
# Multi-framework severity
if framework_count >= 3:
score += 8
# Final score clamped to [original_score, 100]
Centrality Algorithms
PageRank — Article Influence
Identifies which compliance articles are most “influential.” Articles connected to more risk factors, categories, and frameworks have higher PageRank scores.
Usage: Violating a high-PageRank article (e.g., GDPR Art. 6(1)(a)) is scored higher than violating a niche article.
Betweenness Centrality — Critical Pathways
Identifies “bridge” nodes — articles or categories that connect otherwise-separate parts of the compliance graph. A single violation on a high-betweenness article can cascade across multiple frameworks.
Groups related regulations into clusters. Events triggering violations across multiple communities are more severe than violations within a single community.
Schema
Static Ontology Nodes
| Label | Count | Key Properties |
|---|
:Framework | 7 | id, label, jurisdiction |
:Category | 43 | id, label, framework, pagerank, community_id |
:Article | 259 | id, label, description, pagerank, betweenness, community_id |
:RiskFactor | 12 | id, label, severity_weight, pagerank |
:Mitigation | 1,068 | id, text, effectiveness_score, community_id |
:ActionType | 34 | id, label, risk_weight |
:DataClass | 6 | id, label, sensitivity_level |
:ResourceType | 6 | id, label |
Dynamic Runtime Nodes
| Label | Purpose |
|---|
:ScoredEvent | Each scored event (tenant_id, agent_id, action, score, timestamp) |
:Agent | Agent behavior tracking (first_seen, last_seen, event_count) |
:Tenant | Customer context (id, frameworks) |
Client API
from quint_graph.memgraph import MemgraphClient
client = MemgraphClient(uri="bolt://localhost:7687")
# Execute read query
results = await client.execute(
"MATCH (a:Article) WHERE a.pagerank > $threshold RETURN a",
params={"threshold": 0.01}
)
# Verify connectivity
is_connected = await client.verify_connectivity()
# Clean shutdown
await client.close()
The Python driver used is the neo4j async driver (compatible with Memgraph via the Bolt protocol), not GQLAlchemy.
| Step | Latency |
|---|
| Enrichment (cached) | 1-2ms |
| Enrichment (uncached) | 5-15ms |
| Event store (async) | 0ms blocking |
| Total overhead | < 15ms added to hot path |
