Skip to content

v2.2.0 — Security hardening, privacy opt-in, retrieval quality

Latest
Latest

Choose a tag to compare

View all tags
@alvinttang alvinttang released this 13 Jun 15:07
· 4 commits to main since this release
v2.2.0
6c41b5d

The biggest cycle since 2.0 — a security-hardening series, per-memory privacy with encrypted cross-device sync, and a large retrieval-quality jump. All local-first, zero telemetry.

Highlights

Security & crypto

  • Key rotation with forward secrecy (versioned ENC2 envelopes)
  • HMAC integrity on the manifest and every sync op; plaintext-injection rejection; manifest without integrity refuses to load
  • Encrypted snapshots; corrupt/tampered rows fail gracefully, never panic

Privacy

  • Per-memory privacy opt-in: Private by default; mark shared to sync; demote and it's retracted from other devices
  • Persistent sync (passphrase in OS keychain, never on disk) + auto background pull
  • Deny-by-default MCP capability policy
  • Honest offline mode: CORTEX_NO_EMBEDDINGS=1 for a zero-network build; CI proves it

Retrieval quality

  • Paraphrase recall 40% → ~90% at 5K memories (HNSW ef_search beam fix), latency unchanged
  • Bounded query budget (DoS + timing-channel guard)
  • No silent recall failures: dimension-mismatch rejected loudly; memory_stats shows recall health; memory_context min_confidence floor
  • Contradiction detection from natural language; opt-in semantic near-dedup

Tooling & docs

  • 30 MCP tools; RUST_LOG honored; WASM build
  • New guides (memory tiers, backends comparison); one-command device setup with Claude Code auto-recall hook

Full list in CHANGELOG.md. Install: cargo build --release -p cortex-mcp-server or brew install gambletan/tap/cortex-mcp-server.

What's Changed

  • GitHub presence optimization + adversarial-review fixes by @gambletan in #1
  • fix: namespace recency ordering uses event time (self-evolve iter 2) by @gambletan in #2
  • test: cover apply_op merge semantics (self-evolve iter 3) by @gambletan in #3
  • fix: reject malformed embedding blobs (self-evolve iter 4) by @gambletan in #4
  • ci: enforce zero network/telemetry deps in cortex-core (self-evolve iter 5) by @gambletan in #5
  • feat: encrypt the sync snapshot, not just the oplog (self-evolve iter 6) by @gambletan in #6
  • fix: corrupt/tampered memory rows fail gracefully, not panic (self-evolve iter 7) by @gambletan in #7
  • fix: corrupt people rows fail gracefully, not panic (self-evolve iter 8) by @gambletan in #8
  • fix: PersonUpsert no monotonic-field regression or post-delete resurrection (self-evolve iter 9) by @gambletan in #9
  • fix: bound HTTP API inputs to MCP-layer parity (self-evolve iter 10) by @gambletan in #10
  • docs(guides): add memory-tiers guide by @zsxh1990 in #12

New Contributors

Full Changelog: v2.0.0...v2.2.0

What's Changed

  • GitHub presence optimization + adversarial-review fixes by @gambletan in #1
  • fix: namespace recency ordering uses event time (self-evolve iter 2) by @gambletan in #2
  • test: cover apply_op merge semantics (self-evolve iter 3) by @gambletan in #3
  • fix: reject malformed embedding blobs (self-evolve iter 4) by @gambletan in #4
  • ci: enforce zero network/telemetry deps in cortex-core (self-evolve iter 5) by @gambletan in #5
  • feat: encrypt the sync snapshot, not just the oplog (self-evolve iter 6) by @gambletan in #6
  • fix: corrupt/tampered memory rows fail gracefully, not panic (self-evolve iter 7) by @gambletan in #7
  • fix: corrupt people rows fail gracefully, not panic (self-evolve iter 8) by @gambletan in #8
  • fix: PersonUpsert no monotonic-field regression or post-delete resurrection (self-evolve iter 9) by @gambletan in #9
  • fix: bound HTTP API inputs to MCP-layer parity (self-evolve iter 10) by @gambletan in #10
  • docs(guides): add memory-tiers guide by @zsxh1990 in #12

New Contributors

Full Changelog: v2.0.0...v2.2.0

What's Changed

  • GitHub presence optimization + adversarial-review fixes by @gambletan in #1
  • fix: namespace recency ordering uses event time (self-evolve iter 2) by @gambletan in #2
  • test: cover apply_op merge semantics (self-evolve iter 3) by @gambletan in #3
  • fix: reject malformed embedding blobs (self-evolve iter 4) by @gambletan in #4
  • ci: enforce zero network/telemetry deps in cortex-core (self-evolve iter 5) by @gambletan in #5
  • feat: encrypt the sync snapshot, not just the oplog (self-evolve iter 6) by @gambletan in #6
  • fix: corrupt/tampered memory rows fail gracefully, not panic (self-evolve iter 7) by @gambletan in #7
  • fix: corrupt people rows fail gracefully, not panic (self-evolve iter 8) by @gambletan in #8
  • fix: PersonUpsert no monotonic-field regression or post-delete resurrection (self-evolve iter 9) by @gambletan in #9
  • fix: bound HTTP API inputs to MCP-layer parity (self-evolve iter 10) by @gambletan in #10
  • docs(guides): add memory-tiers guide by @zsxh1990 in #12

New Contributors

Full Changelog: v2.0.0...v2.2.0

What's Changed

  • GitHub presence optimization + adversarial-review fixes by @gambletan in #1
  • fix: namespace recency ordering uses event time (self-evolve iter 2) by @gambletan in #2
  • test: cover apply_op merge semantics (self-evolve iter 3) by @gambletan in #3
  • fix: reject malformed embedding blobs (self-evolve iter 4) by @gambletan in #4
  • ci: enforce zero network/telemetry deps in cortex-core (self-evolve iter 5) by @gambletan in #5
  • feat: encrypt the sync snapshot, not just the oplog (self-evolve iter 6) by @gambletan in #6
  • fix: corrupt/tampered memory rows fail gracefully, not panic (self-evolve iter 7) by @gambletan in #7
  • fix: corrupt people rows fail gracefully, not panic (self-evolve iter 8) by @gambletan in #8
  • fix: PersonUpsert no monotonic-field regression or post-delete resurrection (self-evolve iter 9) by @gambletan in #9
  • fix: bound HTTP API inputs to MCP-layer parity (self-evolve iter 10) by @gambletan in #10
  • docs(guides): add memory-tiers guide by @zsxh1990 in #12

New Contributors

Full Changelog: v2.0.0...v2.2.0

Contributors

gambletan and zsxh1990
Assets 9
Loading