Sovereign encrypted persistent memory for AI agents. 8 MCP tools. GDPR erasure. Apache-2.0.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"io-github-saihm-admin-saihm-mcp": {
"args": [
"-y",
"@saihm/mcp-server"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Sovereign, encrypted, sharable, persistent memory protocol for AI agents.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@saihm/mcp-server' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @saihm/mcp-server against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in ai-ml
Dynamic problem-solving through sequential thought chains
Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.
Persistent memory using a knowledge graph
An autonomous agent that conducts deep research on any data using any LLM providers
MCP Security Weekly
Get CVE alerts and security updates for io.github.SAIHM-Admin/saihm-mcp and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Sovereign, encrypted, sharable, persistent memory protocol for AI agents.
v0.3.4 · Apache-2.0 · COTI V2 mainnet
A Model Context Protocol server that exposes eight tools any MCP-capable AI agent (Claude Code, Claude Desktop, custom agents) can call to gain a persistent, encrypted memory layer the user owns:
saihm_remember — store an encrypted memory cellsaihm_recall — retrieve and decrypt your memoriessaihm_forget — true cryptographic erasure (GDPR Art. 17)saihm_status — your protocol-runtime stats and storage tier dashboardsaihm_share / saihm_revoke_share — selectively share a memory with another agent or usersaihm_governance_propose / saihm_governance_vote — protocol governance via gSAIHMEach tool forwards to a SAIHM operator endpoint that runs the full protocol stack on COTI V2 mainnet. The server itself holds no crypto, no storage, and no protocol runtime — those live behind the operator endpoint.
This package speaks MCP. For production client-side cryptography —
post-quantum sealing, authenticated sharing, and provable erasure performed on
your own machine so the operator stays blind — pair it with
@saihm/client-pro.
Runnable, one-command demos ground a memory you own in every major model — Claude, GPT, DeepSeek, Qwen, Kimi, GLM — then prove you can erase it, alongside drop-in adapters for LangChain, LlamaIndex, CrewAI, AutoGen, and LangGraph. Each runs offline in about a minute; no account needed.
demo-claude-code wires this server into Claude Code and Cursor as an MCP server.Measured — up to ~86% fewer context tokens. Most agents re-send their entire transcript every turn, so context spend grows ~O(N²) over a session; recalling a bounded set of memory cells instead cut input tokens by 62.8%–85.9% across a realistic multi-session coding task. The benchmark is open, offline, and deterministic — reproduce the number rather than trust it:
git clone https://github.com/citw2/saihm-token-benchmark
cd saihm-token-benchmark && npm install && node benchmark.mjs
npm install @saihm/mcp-server
# or run directly without install:
npx @saihm/mcp-server
The server needs two env vars:
SAIHM_ENDPOINT_URL=https://operator.example.com/mcp
SAIHM_AUTH_HEADER=Bearer <token-issued-by-your-operator>
SAIHM_ENDPOINT_URL — the SAIHM operator endpoint. Operators publish
their endpoint URLs at https://saihm.coti.global.SAIHM_AUTH_HEADER — the Authorization header value the operator
expects (typically a Bearer <token> issued to you after key-bound
enrolment). The server is authentication-agnostic and never transmits
raw private keys; the operator's enrolment flow keeps your
signing key on your machine.Place these in a .env file alongside the server (the .gitignore excludes
all .env* files from any future repo).
{
"mcpServers": {
"saihm": {
"command": "npx",
"args": ["@saihm/mcp-server"],
"env": {
"SAIHM_ENDPOINT_URL": "https://operator.example.com/mcp",
"SAIHM_AUTH_HEADER": "Bearer <token>"
}
}
}
}
The server itself persists nothing. The operator endpoint runs the full protocol stack: cells are encrypted under a per-cell DEK, sealed by a per-agent KEK, persisted to the operator's configured durable storage, and audited on COTI V2 mainnet. See the operator's documentation for tier details, and Storage is the operator's responsibility (by design) below.