Works across the tools you already use
Shared encrypted memory across Claude, Cursor, Codex, and OpenClaw โ gets smarter with every conversation.
No credit card ยท Zero-knowledge encrypted ยท 5 minutes to set up
Works across the tools you already use
See It In Action
Watch how a decision in one tool becomes available in another โ instantly, encrypted.
You:
Let's use JWT with 15-minute rotation and a 5-minute
grace period. Store refresh tokens in Redis with a
7-day TTL.
Claude:
Got it. I'll implement the token rotation with:
โข 15-min access tokens (RS256)
โข 5-min grace window for in-flight requests
โข Redis-backed refresh tokens, 7-day TTL
โ Stored by Retayn ยท encrypted ยท 3 facts extracted
You:
What was our auth token strategy?
Cursor:
Based on your decision in Claude Code on Monday:
โข JWT with RS256, 15-minute access tokens
โข 5-minute grace period for in-flight requests
โข Refresh tokens in Redis with 7-day TTL
Retrieved from Claude Code session ยท 3 days ago ยท 14ms ยท encrypted
How It Works
Everything is encrypted on your machine before it touches our servers.
One command creates your account, generates your encryption passphrase, and configures your tools. Passphrase never leaves your machine.
Auto-detects Claude Code, VS Code, Cursor, Windsurf, and Codex CLI. Configures MCP connections automatically. Manual setup takes 30 seconds.
Conversations, decisions, and code changes are captured and encrypted automatically. Next session, your AI has the full picture.
Features
AES-256-GCM encryption and blind keyword search. Your passphrase derives all keys locally. The server stores ciphertext it cannot read.
A decision in Claude Code is searchable in Cursor. A bug fixed in Codex is available in VS Code. One memory, all your tools.
Tracks file edits, diffs, commits, and debugging sessions. When the same bug resurfaces, your AI already knows the fix.
Semantic vector search + blind BM25 keyword search, fused with reciprocal rank fusion. Finds the right memory in milliseconds.
Persistent memory lets your AI learn your patterns โ coding style, preferred libraries, project conventions. It adapts without configuration.
Week 1, your AI asks clarifying questions. Month 2, it ships answers in your preferred stack. Memory enables genuine adaptation.
Security
Recent research shows that AI agent memory systems are vulnerable to poisoning attacks. If an attacker can write to your memory, they can manipulate every future response.
arXiv:2503.03704 ยท March 2025
Shows that LLM agent memory banks can be compromised through normal query interaction. Attackers can inject malicious memories that poison future responses.
arXiv:2601.05504 ยท January 2026
Demonstrates practical memory poisoning attacks and evaluates defense mechanisms. Finds that current systems lack adequate protection.
Comparison
Verified against competitor docs and pricing pages. Updated February 2026.
|
Retayn
from $0
|
Mem0
from $0
|
Zep
from $25/mo
|
|
|---|---|---|---|
| Client-side encryption | โ AES-256-GCM | โ | โ |
| Zero-knowledge search | โ Blind BM25 | โ | โ |
| Server can read your data | No | Yes | Yes |
| MCP protocol | โ | โ OpenMemory | โ Graphiti |
| Cross-tool memory | โ 6 tools | โ | โ via MCP |
| Code memory (diffs, commits) | โ | โ | โ |
| Hybrid search (vector + keyword) | โ RRF fusion | โ vector only | โ graph-based |
| Per-user data isolation | โ dedicated index | โ namespace | โ user scoping |
| Free tier | 10K msgs 1K actions/day |
10K memories 1K retrieval/mo |
1K credits/mo |
| Paid plans | $19/mo Pro $49/mo Ultra |
$19/mo Starter $249/mo Pro |
$25/mo Flex Enterprise |
Independent benchmark measuring memory retrieval accuracy across multi-session conversations.
#1 cost-normalized on LoCoMo. Scores measured with identical evaluation framework.
Pricing
Start free. Upgrade when you need more memory.
Messages = conversations stored. Actions = searches + stores per day. Onboarding imports are free and don't count toward limits.
FAQ
Retayn stores your AI tool conversations, decisions, and code changes as encrypted memory segments. Each segment includes the encrypted content (AES-256-GCM), a semantic vector for search, and HMAC-hashed keywords for keyword matching. The server never sees your plaintext.
No. Memory operations happen asynchronously via MCP. Storing a memory takes ~50ms, searching takes ~15ms. Your coding tools remain fully responsive โ Retayn works in the background.
Yes. The dashboard has a wipe function that deletes your entire vector index, all encrypted content, and all keyword indexes. It's irreversible and complete โ nothing remains on our servers.
Your data is permanently inaccessible. This is by design โ zero-knowledge means nobody, including us, can recover your encryption keys. Store your passphrase in a password manager.
Searching and retrieving existing memories still works. Storing new memories is paused until you upgrade or (on free tier) old memories expire. You'll get email warnings at 80% and 95% of your limit.
Correct. Your passphrase never leaves your machine. It derives AES-256 encryption keys (for content) and HMAC keys (for keyword search) via PBKDF2 with 600,000 iterations. The server stores ciphertext, lossy 384-dim vectors, and HMAC-hashed terms โ none of which are reversible to your original text. Even in a full server breach, your data is unreadable.