Privacy & Security

import { Aside } from ‘@astrojs/starlight/components’;

Cortex is designed for Digital Sovereignty. Your data never leaves your machine unless you explicitly use a cloud-based embedding provider.

Local Storage

All memories are stored in a local SQLite database located at: ~/.cortex/memories.db

Field-Level Encryption

While the database itself is accessible (future versions will use SQLCipher), sensitive fields are encrypted at the library level before storage.

• Encrypted Fields: content, metadata.
• Algorithm: AES-256-GCM.
• Key Management: Keys are derived from your system’s hardware ID or a salt provided in CORTEX_PASSWORD.

Privacy Guard (DLP)

The ContextGuard primitive implements a multi-stage secrets detection pipeline.

Stages:

1. Regex Heuristics: Fast detection of common patterns (API keys, Credit Cards).
2. Entropy Analysis: (Alpha) Identifying high-entropy strings that likely contain cryptographic material.

Future versions will include **Local SLM Filtering**, using small language models like Phi-3 or Gemma to detect PII with higher accuracy than regex alone.