I built a cryptographic memory layer for humans in Python tags: python, opensource, security, blockchain
Published: (February 7, 2026 at 05:43 PM EST)
2 min read
Source: Dev.to
Source: Dev.to
Quick start
vault = MemoryVault(encryption_key="your-secret-key")Capture Layer — Gets data in
Manual entries now, AI agents later.
Synthesis Layer — AI enrichment
Summarization, pattern detection, emotional analysis. (Coming in v0.2)
Verification Layer — The cryptographic core
This is where it gets interesting.
Permanence Layer — Anchoring verified hashes
Local storage, Arweave, Ethereum L2, or IPFS.
The crypto decisions I made (and why)
Key derivation: HKDF, not raw SHA‑256
My first implementation derived encryption and signing keys by doing SHA‑256(master_key + purpose). It worked, but it isn’t how serious cryptographic systems operate. I switched to HKDF (RFC 5869), the industry‑standard used by TLS 1.3 and the Signal Protocol.
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
import os
def _derive_key(self, purpose: bytes) -> bytes:
# Example derivation using HKDF
hkdf = HKDF(
algorithm=hashes.SHA256(),
length=32,
salt=None,
info=purpose,
)
return hkdf.derive(self._master_key)
def encrypt(self, plaintext: str) -> tuple[bytes, bytes]:
nonce = os.urandom(12)
aesgcm = AESGCM(self._enc_key)
ciphertext = aesgcm.encrypt(nonce, plaintext.encode("utf-8"), None)
return ciphertext, nonceSigning: HMAC‑SHA256
All signed data uses HMAC‑SHA256 to ensure integrity and authenticity.
import hmac
import hashlib
def sign(self, data: bytes) -> bytes:
return hmac.new(self._sign_key, data, hashlib.sha256).digest()AI capture agents (v0.2)
Future versions will include AI agents that automatically capture and annotate entries.
Try it
- GitHub:
- License: MIT
- Test suite: 28 tests passing
- No venture capital, no tokens—just a tool I think should exist.