semmyt/witness-memory-chain

Summary

witness-memory-chain is a TypeScript library that creates a cryptographically-verifiable append-only memory store for AI agents, using Ed25519 signatures and SHA-256 hash chains to make agent memory tamper-evident. It layers a SQLite+FTS5 retrieval index on top of the chain for fast hybrid search, and optionally anchors memory checkpoints to Bitcoin (via OpenTimestamps) or Base L2 (via a custom WITNESS protocol contract). Think of it as a signed audit log for what an AI agent has experienced, with MCP server integration for direct use with Claude.

Great for

Great for people interested in AI agent identity and memory provenance — specifically building systems where you need cryptographic proof that an agent's memory hasn't been tampered with, or anchoring AI decision logs to public blockchains for compliance or auditability.

Easy wins

• +Add a CI workflow (GitHub Actions) — there's a vitest test suite already wired up via `pnpm test:run`, it just needs a `.github/workflows/test.yml` wrapping it
• +The package.json declares `license: MIT` but the LICENSE file and README badge say Apache-2.0 — a trivial but real inconsistency to fix
• +Write integration tests for the MCP server (src/mcp-server.ts) — the test/ directory covers chain, retrieval, anchor, and cron but has no coverage of the MCP layer at all
• +The src/anchor/base.ts module exists in the public API exports but has no corresponding test file — adding `test/anchor-base.test.ts` would be a well-scoped, self-contained contribution

Red flags

• !MIT vs Apache-2.0 license mismatch between package.json and LICENSE file — could create legal ambiguity for adopters
• !foundry-deploy/lib/openzeppelin-contracts/ appears to be fully vendored (including thousands of lines of test files), making the repo much heavier than necessary and obscuring what's original work
• !Only 1 actual commit despite the last_commit_at date being 2026-03-16 — this looks like work done in a single large push with no commit history to review evolution or intent
• !The WITNESS protocol Base L2 contracts (WitnessRegistry.sol, AgentGrantPool.sol) are deployed and the deploy scripts exist, but there's no test coverage for the Solidity contracts beyond foundry-deploy/test/Counter.t.sol (the Foundry scaffold default) — the actual custom contracts appear untested on-chain
• !src/compression.ts 'summarization' is heuristic sentence scoring with no LLM call, but the README implies intelligent compression — this is a meaningful gap between marketing and implementation

Code quality

The core chain layer (src/chain/crypto.ts, src/chain/index.ts) uses the audited @noble/* libraries correctly and the append-only JSONL design with proper-lockfile for concurrent writes is a solid choice. The public API surface in src/index.ts is large but organized — types, chain ops, index ops, retrieval, and anchoring are all cleanly separated. However, the foundry-deploy/lib/ directory contains the entire OpenZeppelin contracts test suite verbatim (thousands of lines of vendored JS test files visible in the source samples), which is unnecessary bloat that wasn't gitignored. The `src/compression.ts` module does extractive summarization without an LLM, which is a significant limitation the README doesn't call out — 'generateMemorySummary' is basically sentence scoring heuristics.

What makes it unique

The dual-layer architecture (immutable chain for integrity + rebuildable SQLite for retrieval) is a genuinely thoughtful design decision that most 'AI memory' projects skip entirely. The philosophical framing around agent self-verification is unusual and interesting. However, the blockchain anchoring angle (OpenTimestamps + Base) puts this in a niche where it competes with general-purpose audit log solutions — the value proposition is strongest for the MCP/Claude use case, which is still incomplete.