What Is Memory Sync?
AI agents accumulate knowledge over time — conversation logs, preferences, project context — stored in files like MEMORY.md and memory/*.md. Memory Sync encrypts these files locally and pushes them to a GitHub private repository, so you can pull them on any device.
- 🔐 End-to-end encrypted — files are encrypted before leaving your machine
- 🔄 Cross-device sync — share memory between your laptop, desktop, and CI
- 📦 GitHub-backed — versioned, private, and free
Why Do You Need It?
| Problem | Memory Sync Solution |
|---|---|
| Agent forgets everything on a new machine | Pull encrypted memory and resume |
| Memory files contain sensitive data | age encryption — server never sees the key |
| No backup for agent knowledge | GitHub private repo = automatic backup |
| Multiple devices, fragmented context | One encrypted repo, any device |
Prerequisites
- Node.js 18+
- A GitHub Personal Access Token (PAT) with
reposcope
Quick Start
1. Initialize
npx clawsouls sync init
This will:
- Prompt for your GitHub PAT
- Create a private repo (e.g.
clawsouls-memory-sync) on your GitHub account - Generate an age keypair (X25519) and store it locally
2. Push (Encrypt & Upload)
npx clawsouls sync push
Encrypts your local memory files and pushes the ciphertext to GitHub.
3. Pull (Download & Decrypt)
npx clawsouls sync pull
Pulls encrypted files from GitHub and decrypts them locally.
4. Check Status
npx clawsouls sync status
Shows sync state: last push/pull timestamps, pending local changes, and remote differences.
Key Management
Your encryption key is the only way to decrypt your memory. Treat it like a password.
Export Your Key
npx clawsouls sync export-key
Saves your private key to a file. Store it somewhere safe (password manager, encrypted USB, etc.).
Import a Key (New Device)
npx clawsouls sync import-key
Restores your private key on another machine so you can decrypt synced memory.
⚠️ If you lose your key, your encrypted memory is unrecoverable. There is no server-side backup of your key. Export it immediately after
sync init.
How It Works
Local memory files
│
▼
age encrypt (X25519)
│
▼
GitHub Private Repo (encrypted blobs)
│
▼
age decrypt (local key)
│
▼
Memory restored on new device
Tech stack:
- age — modern file encryption using X25519 key exchange
- GitHub API — private repo creation, push, and pull
- Local keystore — your private key never leaves your machine
FAQ
How do I create a GitHub PAT?
- Go to github.com/settings/tokens
- Click Generate new token (classic)
- Select the
reposcope (full control of private repositories) - Copy the token and use it during
sync init
💡 Fine-grained tokens also work — grant Contents: Read and write permission on the sync repo.
What happens if I lose my key?
Your encrypted data on GitHub becomes permanently unreadable. There is no recovery mechanism. Always export your key right after initialization.
If you lose the key:
- Delete the old sync repo on GitHub
- Run
npx clawsouls sync initto start fresh - Export the new key immediately
Can I sync multiple agents?
Yes. Each agent (or soul) can have its own sync repo. Run sync init in each agent’s working directory — a separate repo and keypair will be created for each.
Is my data safe on GitHub?
GitHub stores only encrypted blobs. Without your local private key, the data is indistinguishable from random bytes. Even if the repo were exposed, the contents remain encrypted.
Can I use this with a team?
Share the exported key with trusted team members via a secure channel. Anyone with the key and GitHub access can push and pull memory.
📚 See also: Full Memory Sync guide on docs.clawsouls.ai