Myrmid 
---
title: "Enterprise Mesh Architecture: Myrmid"
description: "The architecture-level walkthrough of Enterprise Mesh: ten primitives (runtime, memory, identity, tool gateway, observability, evaluations, event bus, event store, governance, durable orchestration) across six deployment shapes."
canonical: https://www.myrmid.ai/en/enterprise-mesh-architecture/
---

Enterprise Mesh Architecture

# Enterprise Mesh: A Substrate Walkthrough for Developers

2026-05-10 · By Myrmid

Enterprise Mesh is the substrate Myrmid runs every other product on. This piece is the architecture-level walkthrough: what the substrate is, how it composes, and what the deployment topology actually looks like under load. It is written for developers and enterprise technical evaluators, not for procurement.

## The substrate proposition

A substrate is the layer below products. For agentic workflows the substrate has to provide eleven primitives: runtime, memory, identity, tool gateway, observability, evaluations, event bus, event store, governance, durable orchestration, and integrations. Workflow Builder, Agent Hub, and Local Assistant compose against these primitives. None of the primitives is optional; the contract holds only when the substrate ships all eleven.

## Runtime

The runtime is a horizontally-scalable agent execution engine. Cold-start to first model token is in the seconds, not the tens of seconds: the engine pre-warms model connections, agent identity tokens, and memory snapshots so the first user-facing token arrives without a perceptible cold-path. Scale is per-workspace; agents in workspace A do not contend with agents in workspace B.

The execution model is request-scoped: an agent invocation is a unit of work that produces an outcome and an audit record. Long-running agent workflows decompose into checkpoint-bracketed segments so they survive process restarts (durable orchestration, below).

## Memory

Memory tiers are explicit, not implicit. Per-agent memory holds the agent's working context: what it has seen this conversation, what it has retrieved this turn. Per-workspace memory holds shared knowledge a team's agents draw from: playbooks, account context, decision history. Per-organisation memory holds policy and preference signal that crosses workspaces.

Each tier has its own retention policy, its own retrieval semantics, and its own redaction rules. None of the tiers exfiltrate to model providers; retrieval happens in-mesh and the model sees only what the workspace policy permits.

## Identity

Every agent invocation has an identified principal. Bridge into the customer's IdP via SAML or OIDC; the principal is the user who triggered the workflow, end-to-end. Agent-to-agent calls carry the originating principal: a chain of three agents executing on behalf of user X all carry user X as the originating principal, not service-account fan-out that loses the audit trail.

## Tool gateway

Agents call tools via a policy-enforcing gateway. Outbound HTTP, MCP servers, internal APIs: all routed through the gateway. The gateway enforces per-agent allowlists (this agent may call this set of tools, no others), per-call audit (every outbound call is logged with the principal, the tool, the request, the response), and per-tool policy (rate limits, redaction-on-egress rules, blocked-host lists). There are no shadow paths.

## Observability

Every agent invocation, every tool call, every model token is traceable. Traces are exportable to your SIEM via OpenTelemetry; query the trail like any other production telemetry. Per-trace correlation IDs let you reconstruct a workflow's execution after the fact, not just sample it.

## Evaluations

Eval suites are pinned per agent, not per platform release. CI gates on regression: an agent that gets worse on its eval suite blocks the workflow update. Production sampling runs the same suite against live traffic so you have a continuous answer to "is the agent still good in the real world", not just "did it pass eval at deploy time".

## Event bus

Durable pub/sub for cross-agent and cross-workflow choreography. Per-tenant isolation means events from workspace A never reach workspace B. Backpressure-aware: slow consumers do not push back into producer agents in ways that cascade.

Replayable: events are persisted, so a failed downstream consumer can re-process from a known offset rather than dropping the work.

## Event store

The event store is the readable trail Article VIII of the manifesto commits to. Append-only log of every agent action, every tool call, every governance event. Yours, always, unredacted at source: redaction is applied at retrieval time per policy, not by erasing the underlying record.

This is the audit primitive everything else compositions against: regulators see the trail, internal compliance teams see the trail, your own operators see the trail. Same data, different views, same truth.

## Governance

Workspace-scoped policy enforcement. Model allowlists, jurisdiction pins, retention windows, redaction rules, identity bindings: all configured as data, not code. A policy update propagates without a redeploy. Workspaces inherit defaults from the organisation, override per-workspace where needed, and a per-workspace audit shows the effective policy at any point in time.

## Durable orchestration

Long-running agent workflows survive process restarts, deployment rollouts, partial failures, and node loss. Each step is checkpointed; on resume, the workflow continues from the last successful checkpoint with the agent's memory context intact. There is no lost work, and there is no retry-from-scratch overhead either.

## Integrations

Tool Gateway is the substrate-level primitive: a uniform, policy-enforced contract any agent uses to reach any external system. Integrations is the layer above it: a curated catalog of pre-built, off-the-shelf adapters for the SaaS stack enterprises already run. HubSpot, Salesforce, Google Workspace, M365, ServiceNow, and the rest of the long tail ship as configured-not-coded bundles.

Each adapter is published with its allowlist, audit envelope, redaction rules, and identity binding pre-wired through Tool Gateway, so an integration is governed the moment it is enabled, not after a security review. The catalog reduces the bespoke-connector project that would otherwise gate workflow launch, while leaving the gateway primitive untouched for the long-tail systems no catalog will ever cover.

## Deployment topology

Enterprise Mesh ships in six deployment shapes. The shape choice is determined by the customer's sovereignty, latency, and operating constraints, not by the runtime's technical limits.

-   **On-mesh, on-platform.** Myrmid operates the mesh in our European data centres. Default for SMB self-serve and many Enterprise pilots.
-   **On-mesh, off-platform (customer infrastructure).** Myrmid operates the mesh on infrastructure the customer owns. Same software, different operator boundary. Used when the customer's audit boundary requires the mesh inside their VPC.
-   **On-premise.** The mesh runs in the customer's data centre. Air-gap-compatible. Comes with a documented install + governance kit.
-   **Third-party cloud.** The mesh runs in a hyperscaler region the customer selects. Sovereignty contract is honoured at the contractual layer with the customer-selected operator; the runtime layer is the same Myrmid build.
-   **Edge.** Per-site mesh nodes for low-latency or data-residency-restricted deployments. A first-class on-mesh deployment target, not a degraded variant.
-   **Off-mesh (degraded).** Exported agents run anywhere, including outside the mesh entirely. They keep running; what they lose is the substrate. The mesh is what they lose. The mesh is what you keep when you stay.

## What the substrate does not do

Enterprise Mesh is not a hosted model. We do not train models. We do not fine-tune third-party models. The model layer is partner-selected and routed through the tool gateway under the customer's policy. The substrate's job is to make any conformant model usable safely, observably, and portably, not to build proprietary frontier capability that locks customers in.

## How to evaluate

If you are technically evaluating Enterprise Mesh, the right questions are operational, not feature-level:

-   Show me the audit trail from a workflow execution.
-   Show me the policy update propagating without redeploy.
-   Show me the off-mesh export and run the agent against production traffic from your laptop.
-   Show me the eval suite gating a workflow update.

We will run those demonstrations. [Reach out](mailto:platform@myrmid.ai) and we will scope an architecture deep-dive.