cogmem

A self-improving, verifiable memory layer for AI coding agents.

cogmem learns how you work across sessions so your agent gets more accurate and more autonomous over time: it stops repeating mistakes, keeps a live model of each project, and surfaces the right lesson at the right moment. Every memory is cryptographically signed and tamper-evident, so a poisoned or altered memory can be detected and rejected before it ever steers the agent.

Developed by WritersLogic — local-first intelligence, no data leaving your machine.

Installation

git clone https://github.com/writerslogic/cogmem.git
cd cogmem
./install.sh

Or in one line:

curl -fsSL https://raw.githubusercontent.com/writerslogic/cogmem/main/install.sh | bash

install.sh is idempotent — run it again any time to upgrade in place. It sets up the code under ~/.claude/cogmem, a self-contained virtualenv with dependencies, the cogmem CLI on your PATH, the Claude Code hooks, and (on macOS) a warm recall daemon. Requires Python 3.12+; semantic recall runs on a local model (fastembed, no external API). Pass --no-daemon or --no-hooks to skip those steps; set COGMEM_HOME to install elsewhere.

Related MCP server: GrantAi

Quick Start

cogmem status           # health check, metrics, agent DID
cogmem recall "..."     # surface relevant past lessons for a task
cogmem note "..."       # record a decision or finding mid-task
cogmem verify           # verify every memory's credential + the transparency log
cogmem receipt <id>     # inclusion proof that a memory is committed in the signed log
cogmem statement <id>   # COSE_Sign1 SCITT signed statement (verifiable by HMS too)
cogmem review list      # approve always-load rules
cogmem mcp              # run the MCP server (stdio) for any MCP client

MCP Integration

Run cogmem as an MCP server and connect any MCP-compatible client:

{
  "mcpServers": {
    "cogmem": { "command": "cogmem", "args": ["mcp"] }
  }
}

Eight tools are exposed: recall, note, status, verify, receipt, tree_head, progress, review_pending, plus read-only resources (the live user model and per-project state).

Claude Code Integration

install.sh wires cogmem into Claude Code automatically (idempotently merged into ~/.claude/settings.json) — no manual invocation required. Five hooks make the memory loop run in the background:

Every hook is strictly fail-open: any error, timeout, or cold daemon injects nothing and never blocks your prompt. The scripts live in ~/.claude/cogmem/hooks/; re-run install.sh (or ./install.sh --no-daemon) to refresh the wiring.

Chat-memory systems (Mem0, Letta, Zep) store and retrieve facts. cogmem is built for coding agents and goes further on three axes:

It learns from outcomes. A feedback loop scores whether a recalled lesson actually helped, refines rules that prove wrong, and retires ones that mislead.

It models its own failure modes. cogmem tracks where the agent tends to go wrong in your work and intercepts known mistakes at the tool-call boundary — before they happen, not afterward.

Its memory is verifiable. Each memory is a W3C Verifiable Credential signed by the agent's did:key, recorded in a tamper-evident, SCITT-style transparency log. Agent memory is an attack surface; cogmem makes it auditable and poison-resistant.

• Two-layer memory: always-loaded directives (scope-gated, human-approved) plus a semantic recall tail (local cross-encoder reranking, no data leaves the machine).

• Outcome feedback and self-refinement: memories earn or lose trust based on whether they actually helped; contradicted rules are corrected through a safe pipeline.

• Self-model and guard: a model of the agent's recurring mistakes, compiled into tripwires that intercept them at the PreToolUse boundary.

• Project-state model: a living per-project state (goal, claims, open questions, blockers) that gives situational continuity and reasons across time.

• Cross-project progress narrative: momentum, stalls, and dependencies across projects, surfaced as alerts.

• Self-regulation: recall thresholds tuned automatically against an eval harness.

• Verifiable Agent Memory: did:key identity, W3C VC-signed memories, COSE_Sign1 SCITT signed statements (byte-compatible with HMS), a hash-chained transparency log with signed Merkle tree head and RFC 6962 inclusion receipts, optional poison-resistance enforcement. See PROVENANCE.md.

cogmem treats every stored memory as a signed artifact:

• did:key identity: each agent gets a persistent Ed25519 identity, exposed as a W3C DID.

• W3C Verifiable Credentials: every memory is signed with eddsa-jcs-2022 Data Integrity proofs.

• COSE_Sign1 / SCITT signed statements: byte-identical to the envelope format used by holographic-memory and crosstalk — independently verifiable by any of the three implementations.

• Hash-chained transparency log: append-only JSONL with SHA-256 chaining, a signed Merkle tree head, and RFC 6962-style inclusion receipts.

• Poison-resistance: altered or injected memories fail verification and are rejected before influencing the agent.

cogmem verify              # check all memories and the log head
cogmem receipt <memory-id> # prove a memory is in the signed log

See PROVENANCE.md for the full specification.

Verify the C2PA sample yourself:

# examples/c2pa-agent-credential/ is a real signed C2PA manifest
# whose agent identity validates in c2patool
./examples/c2pa-agent-credential/verify.sh

This proves the whole chain: agent identity (cawg.ica.credential_valid) bound to real cognition — a signed cogmem memory and a signed crosstalk reasoning audit, each an independently verifiable Ed25519 COSE/SCITT statement.

Privacy

cogmem is local-first by design. Memories, embeddings, and the identity key live on your machine; semantic recall runs on a local model (fastembed). Nothing is sent anywhere.

Part of the Agent-Provenance Stack

cogmem is one component of the WritersLogic verifiable agent-provenance pipeline — agent identity, memory, reasoning, and signed output, cryptographically bound end to end.

All four share one substrate — COSE_Sign1 / SCITT signed statements (Ed25519) and W3C DID identity — specified in UNIFIED-PROVENANCE.md.

License

Apache-2.0 — see LICENSE.