One memory for your AI, across every tool you use — decisions, preferences, project context. It lives in a SQLite file on your machine, so nobody can read it but you. Open source today; end-to-end encrypted sync next.
Or run the open-source engine locally right now — no signup, no server, one SQLite file.
In February 2026, a US federal court ruled that a defendant's AI conversations were not protected — the provider's terms of service said data could be used for training and disclosed to third parties. What you tell an AI is, legally, what you told a company.
Rewind promised local-first privacy, pivoted to the cloud, and was acquired — its users were migrated onto the acquirer's terms overnight. Every startup holding your memories is one term sheet away from being someone else's database.
A model provider cannot end-to-end encrypt memory its own servers must read, and it will never port your memory to a competitor's tool. Native memory features are silos by design.
Your model provider already reads your prompts. There is no reason your memory layer should be a second reader.
# memory in sixty seconds pip install forget-ai[server] uvicorn forget.server:app --port 8000 npx forget-connect # wires Claude Code, Codex, Claude Desktop
Your users' memories are your liability. A memory layer you cryptographically cannot read can't leak and can't be compelled. We're taking design partners.
Talk to us