Feature Description
~/.engram/engram.db is a plaintext SQLite database. Anyone with filesystem access can read all stored decisions, architectural secrets, API patterns, bug details, and potentially sensitive context. This is a concern for:
- Shared machines (offices, labs, pair programming stations)
- Git sync — pushing
engram.db to a repo exposes everything in commit history
- Laptop theft/loss — full disk encryption isn't always enabled
- Compliance — some organizations require encryption at rest for developer tools
Proposal
Optional encryption at rest using SQLCipher (drop-in SQLite replacement) or application-level AES-256 encryption.
Configuration:
# engram.toml
[security]
encrypt = true
key_source = "keyring" # options: "keyring", "env:ENGRAM_KEY", "prompt"
Implementation options (in order of preference):
- SQLCipher — transparent, encrypts the entire database file. Go bindings exist (
github.com/mutecomm/go-sqlcipher). Most robust.
- Application-level encryption — encrypt
content and title fields before writing, decrypt on read. Simpler to implement, but FTS5 can't index encrypted content (would need a separate plaintext FTS index that's rebuilt on startup).
- Hybrid — encrypt the entire DB with SQLCipher for storage, but this is the recommended approach.
Key management:
- Keyring (default): OS credential store (Windows Credential Manager, macOS Keychain, Linux Secret Service)
- Environment variable:
ENGRAM_KEY=... for CI/automated environments
- Interactive prompt: Asked once per session, kept in memory
Migration path:
engram encrypt — encrypts an existing plaintext database (creates backup first)engram decrypt — decrypts back to plaintext (for migration/debugging)- New installations with
encrypt = true start encrypted from day one
Design principles
- Opt-in: Zero cost when disabled. Default remains plaintext for simplicity
- Transparent: Once configured, all MCP tools, CLI, and TUI work identically
- Recoverable: Backup before encryption, decrypt command available
- Git sync compatible: Encrypted DB syncs normally (opaque blob)
Affected Area
Store (SQLite driver), CLI (new commands), Configuration
Feature Description
~/.engram/engram.dbis a plaintext SQLite database. Anyone with filesystem access can read all stored decisions, architectural secrets, API patterns, bug details, and potentially sensitive context. This is a concern for:engram.dbto a repo exposes everything in commit historyProposal
Optional encryption at rest using SQLCipher (drop-in SQLite replacement) or application-level AES-256 encryption.
Configuration:
Implementation options (in order of preference):
github.com/mutecomm/go-sqlcipher). Most robust.contentandtitlefields before writing, decrypt on read. Simpler to implement, but FTS5 can't index encrypted content (would need a separate plaintext FTS index that's rebuilt on startup).Key management:
ENGRAM_KEY=...for CI/automated environmentsMigration path:
engram encrypt— encrypts an existing plaintext database (creates backup first)engram decrypt— decrypts back to plaintext (for migration/debugging)encrypt = truestart encrypted from day oneDesign principles
Affected Area
Store (SQLite driver), CLI (new commands), Configuration