SAIHM Server
БесплатноНе проверенProvides non-custodial, post-quantum encrypted memory for AI agents, enabling portable memory across models with provable erasure.
Описание
Provides non-custodial, post-quantum encrypted memory for AI agents, enabling portable memory across models with provable erasure.
README
One client-side-encrypted memory. Every model. Erasure you can prove.
⭐ Star SAIHM on GitHub and share it — help every agent get portable, provable memory. Share on X.
This is a tiny, runnable demo of SAIHM — non-custodial, post-quantum memory for AI agents. It stores three personal facts, grounds two models at once (Claude and DeepSeek by default — or Qwen, Kimi, GLM, GPT; your pick) in the same memory, then forgets one fact and shows that neither model can use it any more.
It runs fully offline with zero signup against a local blind endpoint (included, ~130 lines), or against the real hosted SAIHM service with one environment variable.
git clone https://github.com/citw2/demo-cross-model-memory
cd demo-cross-model-memory
npm install
node demo.mjs
What you'll see
------------------------------------------------------------------------
SAIHM cross-model memory demo
------------------------------------------------------------------------
agent id : e4203f25c7dd3a9b...
endpoint : http://127.0.0.1:<port>/mcp (local sandbox)
custody : non-custodial (the endpoint stores ciphertext only; it holds no key)
models : Claude + DeepSeek (set MODEL_A / MODEL_B to: claude, deepseek, qwen, kimi, glm, openai)
Sealed and stored 3 facts (the endpoint now holds 3 opaque shards).
------------------------------------------------------------------------
(1) One memory, every model -- Claude and DeepSeek, both grounded in SAIHM:
------------------------------------------------------------------------
[Claude - offline mock]
What I know about you:
- My name is Dana Okafor.
- I am allergic to penicillin.
- I am building a Rust ray tracer called Lumen.
Medically: per "I am allergic to penicillin.", avoid the substance it names.
[DeepSeek - offline mock]
What I know about you:
- My name is Dana Okafor.
- I am allergic to penicillin.
- I am building a Rust ray tracer called Lumen.
Medically: per "I am allergic to penicillin.", avoid the substance it names.
------------------------------------------------------------------------
(2) Provable erasure -- forget the allergy, then ask the same question again:
------------------------------------------------------------------------
forget("I am allergic to penicillin.") -> recall now returns: NOTHING (crypto-shredded)
[Claude - offline mock]
What I know about you:
- My name is Dana Okafor.
- I am building a Rust ray tracer called Lumen.
Medically: nothing is remembered on that, so I won't guess.
[DeepSeek - offline mock]
What I know about you:
- My name is Dana Okafor.
- I am building a Rust ray tracer called Lumen.
Medically: nothing is remembered on that, so I won't guess.
Two things just happened that a per-vendor "memory" feature doesn't give you:
- Portability across models. Your memory lives with you, not inside one model's account — one live store that grounds Claude and DeepSeek at once, with no per-vendor export or lossy one-time import. The same store would ground GPT, Qwen, Kimi, GLM, a local model, or your own agent, unchanged.
- Provable erasure.
forgetcrypto-shreds the cell (its wrapped key is destroyed).recallreturns nothing for it, and every model loses access at once — not a soft "hidden" flag. This is what GDPR Art. 17 ("right to erasure") actually asks for.
Choose your models (any two, side by side)
The demo runs two models next to each other to show the same memory grounding both. Pick them with MODEL_A / MODEL_B (default: claude + deepseek):
MODEL_A=qwen MODEL_B=kimi node demo.mjs
MODEL_* value |
Model | API key env (BYOK) |
|---|---|---|
claude |
Claude (Anthropic) | ANTHROPIC_API_KEY |
deepseek |
DeepSeek | DEEPSEEK_API_KEY |
qwen |
Qwen (Alibaba) | DASHSCOPE_API_KEY |
kimi |
Kimi (Moonshot) | MOONSHOT_API_KEY |
glm |
GLM (Zhipu) | ZHIPUAI_API_KEY |
openai |
GPT (OpenAI) | OPENAI_API_KEY |
With no key set, a model answers in a deterministic offline mock, so the demo runs end to end with zero setup. Set a key to get real answers; keys are read from your environment and sent only to that model's own API. The DeepSeek / Qwen / Kimi / GLM / GPT calls are the same OpenAI-compatible request — SAIHM reaches every model through one path. (Override a provider's base URL or model id without touching code via SAIHM_<MODEL>_URL / SAIHM_<MODEL>_MODEL.)
That every one of these models can be grounded in — and erased from — a single store is the whole point: your memory is yours, not locked inside one vendor.
Go live against the real SAIHM service
The local sandbox is a throwaway stand-in so you can try the protocol offline — it is not the SAIHM service and stores nothing beyond the current process. To run the exact same demo against the real, hosted, blind endpoint:
Start free — no card. Run
npx -y @saihm/mcp-server-pro free-joinonce to activate a free tier (a one-time, lifetime allowance) on an identity you hold. For production, Join SAIHM for a paid Pro membership and onboard to obtain a JWT.Point the demo at the live endpoint:
export SAIHM_ENDPOINT_URL=https://saihm.coti.global/mcp export SAIHM_MASTER_SECRET_HEX=<at least 64 hex chars, generated and held only by you> export SAIHM_TIER=FREE # free tier (after the free-join above) # …or a paid Pro membership instead: # export SAIHM_AUTH_HEADER="Bearer <your-onboard-JWT>" node demo.mjs
Your master secret never leaves your machine; the endpoint only ever receives ciphertext.
How it works
- @saihm/mcp-server-pro (the client) seals every cell with @saihm/client-pro: an ML-DSA-65 identity signs it, a per-cell AES-256-GCM key encrypts it, and that key is wrapped under a key-encryption key derived from your master secret. Sharing uses ML-KEM-768. All of this happens in your process.
- Only opaque ciphertext is POSTed to the endpoint. sandbox.mjs is a complete, readable blind operator: it stores and returns ciphertext and never holds a key — exactly the property the hosted service provides at scale (with on-chain anchoring, authenticated sharing, and metering).
forgettells the endpoint to destroy the wrapped key. Without it the ciphertext is unrecoverable noise — that is the "crypto-shred".
Built on / see also
- @saihm/mcp-server-pro — the production sealing client this demo uses (npm).
- @saihm/client-pro — the post-quantum client crypto library (npm).
- @saihm/mcp-server — the open MCP thin-client for the SAIHM transport (npm).
- Learn more: AI memory needs a standard · What makes SAIHM different.
- Join the protocol: saihm.coti.global/join.
License
Apache-2.0 © SAIHM
Установка SAIHM Server
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/citw2/demo-cross-model-memoryFAQ
SAIHM Server MCP бесплатный?
Да, SAIHM Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для SAIHM Server?
Нет, SAIHM Server работает без API-ключей и переменных окружения.
SAIHM Server — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить SAIHM Server в Claude Desktop, Claude Code или Cursor?
Открой SAIHM Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
автор: modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
автор: xuzexin-hzCompare SAIHM Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории ai
