MemChain / Node-blind memory

The first AI memory your server cannot read.

Your AI remembers you; the memory belongs to you alone.

0
readable bytes on node
ciphertext + blind indexes only
2-40ms
recall class
node-side 2-5ms / local 15-40ms design path
offline
local hippocampus
recall works when the encrypted local copy has the memory
device hippocampuslocal first
Device

Plain memory stays local

conversation distilled before sync

Blind node

Cannot read contents

ciphertext + blind index

Recall

Answer uses local context

node never sees the fact

Remember
Device distills
Seal
Key wraps memory
Store
Blind node sync
Recall
Local answer
0x10ae
ciphertext
0x11ae
blind index
0x11ae
opaque edge
One blind protocol

Private movement and private memory should share one trust boundary.

AeroNyx is not a collection of disconnected tools. Privacy Network protects where encrypted work moves; MemChain protects what humans, apps, and agents need to remember.

Interactive proof

Not another memory table. A different trust model.

Tap each axis to see the core MemChain advantage: the server cannot read memory, recall feels instant, offline memory works, model choice stays open, and retrieval does not spend a model call.

Category context: Zep / Mem0 / Supermemory / ChatGPT Memory-style cloud memory
0 readable bytes

The node holds memory it cannot open.

MemChain stores ciphertext, blind indexes, and opaque relationship edges. The storage node can sync and order memory, but it cannot read or re-sign the facts.

user outcome
AI remembers without server-readable memory
node view
ciphertext, blind index, opaque edges
proof surface
0 readable bytes on storage node
MemChain

Cryptographically unreadable

ciphertext + blind index

Infrastructure lacks the keys, so privacy is enforced by architecture instead of policy.

plaintextciphertext
seal
rank
recall
Typical cloud memory

Readable service memory

plaintext service record

The provider can commonly inspect, rank, migrate, or expose memory because the server owns the readable state.

Pipeline

Remember, store, recall - without readable server memory.

MemChain is designed as a three-stage privacy path: device-side distillation, blind encrypted storage, and local-first recall.

Remember
01

Distill on the device

AI conversations are distilled into self-contained facts, categorized, encrypted, signed, and kept locally before any sync.

  • Conversation sensing is limited to AI memory flows
  • Fact distillation and classification happen client-side
  • AES-256-GCM envelope plus device signature
Store
02

Nodes stay blind

Storage nodes receive ciphertext, blind indexes, client-computed vectors, and opaque relationship edges. They cannot read or re-sign memories.

  • Ciphertext only
  • Keyed blind indexes
  • Content addressing and deduplication
Recall
03

Local-first retrieval

Recall starts from the encrypted local copy, then fuses semantic, keyword, time, and structured search before injecting only the relevant memory.

  • Offline recall when local data is present
  • No LLM call for retrieval
  • Node fallback only when local cache misses
Pillars

Privacy is the architecture, not a policy sentence.

MemChain is built around precise claims the product can defend: node-blind storage, local-first recall, and user-selected AI models.

01

Node-blind

The node stores memory, but cannot read it. This is not a promise to look away; the infrastructure lacks the keys.

Precise claim: AeroNyx storage nodes cannot read memory contents.
02

Local-first

Every memory keeps an encrypted local copy, making recall fast, resilient, and usable offline when the local copy has the answer.

Measured node-side recall is 2-5ms. Local recall is designed for a 15-40ms class path.
03

Bring your own brain

Users can choose DeepSeek, OpenAI, local models, or any OpenAI-compatible model. The memory layer is not locked to one vendor.

If an external AI provider is selected, relevant plaintext is sent to that provider by user choice.
Claim-safe benchmark

Fast, private recall is the wedge.

Measured with our LongMemEval-S internal runs in July 2026. The page states measured results and keeps model-tier projections out of product claims.

retrieval hit rate
95-99%

Measured in our LongMemEval-S runs under end-to-end encrypted memory constraints.

66-68%
economic-brain end-to-end score

Measured with an economical model tier, ahead of GPT-4o reading full history in the same setup baseline.

2-5ms
node-side recall latency

Recall path avoids model inference and stays in the millisecond class.

0
LLM calls for retrieval

Search and ranking do not burn model tokens; models are used for distillation and answers.

Honest boundary: we do not claim accuracy leadership or a formally proven privacy proof system. The differentiation is privacy, speed, cost, offline recall, and user ownership.

Comparison

MemChain vs typical cloud memory services.

The product difference is structural: who can read memory, where recall happens, and whether users can leave with their context.

01

Server can read memory

MemChain

No. Ciphertext plus blind indexes.

Typical cloud memory

Usually yes. Cloud memory is commonly stored in readable form.

02

Primary location

MemChain

User device plus blind encrypted backup.

Typical cloud memory

Provider cloud.

03

Recall latency

MemChain

Millisecond-class local or node recall.

Typical cloud memory

Typically hundreds of milliseconds to seconds.

04

Offline usage

MemChain

Yes, when the local encrypted copy has the memory.

Typical cloud memory

Usually no.

05

AI model choice

MemChain

User selected model or local model.

Typical cloud memory

Platform selected model.

06

Cross-device recovery

MemChain

Identity-derived keys and encrypted sync.

Typical cloud memory

Account-centric cloud sync.

07

Retrieval cost

MemChain

No model inference for retrieval.

Typical cloud memory

Often depends on hosted inference or platform search.

Privacy boundary

The node is blind. The chosen brain still matters.

01

MemChain storage nodes are cryptographically unable to read your memories. They hold only device-encrypted ciphertext and irreversible blind indexes. Encryption, decryption, and search happen on your device, with keys derived from your identity and never uploaded.

02

Important limitation: when you choose an external AI service to distill or answer over memories, the relevant plaintext is sent to that provider of your choosing. With a local AI model, memory can remain on device through the full memory path.

FAQ

Short answers for users, builders, and AI search.

These answers are intentionally direct so product pages, docs, and AI engines can cite them without ambiguity.

01

Can AeroNyx read my memories?

No. MemChain storage nodes hold only device-encrypted ciphertext and irreversible blind indexes. Without your identity-derived keys, the node cannot decrypt memory contents.

02

Where is memory stored?

The primary copy lives on your device in encrypted form. Nodes keep an encrypted backup for cross-device sync and recovery.

03

Can a new device recover memory?

Yes, the new device can refill from the encrypted node backup and rebuild local indexes. If the identity backup is lost, encrypted memories cannot be recovered.

04

Does memory work offline?

Yes. Offline recall works when the relevant memory is already in the local encrypted copy.

05

Is it on by default?

No. Memory should require explicit first-use consent, and users must be able to disable it and delete memory from settings.

Own the memory layer

A private memory system should make AI more useful without making the server more powerful.

MemChain keeps durable context portable, encrypted, and local-first so humans and agents can remember across tools without handing readable memory to infrastructure.