Skip to content
knomit

Security & privacy

Local-first, signed, and yours.

knomit is a plain git repo you control. No vendor lock-in, no data exfiltration, and a history you can verify.

Local-first by default

knomit runs against a plain git repository on your own machine and searches with a local embedding model (EmbeddingGemma over an ONNX runtime). Reading, writing, and searching facts require no external services and no data leaving your host.

Signed, tamper-evident history

Every write is one atomic, Ed25519-signed git commit. Because the whole knowledge graph is a git history, any change is attributable and verifiable, and the integrity of the store can be checked end to end.

Encrypted remote credentials

When you sync a repo to a git remote, auth tokens are never stored in plaintext. They are encrypted with AES-256-GCM using a key derived (HKDF-SHA256) from the agent's SSH private key, and stored base64-encoded in the repo DB.

Guarded remotes

Cloning from a local filesystem path is disabled by default. To allow it, you must explicitly set an allowed root directory; a local origin is accepted only if it resolves to a path inside that root. Network origins always pass. Every clone and fetch path is gated — there is no trusted exemption.

It is just git — review like code

Each machine is the sole writer of its own agent branch. No peer merges another peer's branch directly. Facts land on main through review and merge, exactly like a pull request. You can host the store on any git host and apply the same access controls you already use for code.

Open source and auditable

knomit is open source. The store format is plain markdown in a git repo — you can read every fact, diff every change, and audit the whole system yourself.

For the operational detail — auth methods, the origin record, the local-path gate, and integrity verification — see Remote sync and Configuration.