AI Vault

A unified memory vault for personal AI agents. The same folder that Claude Code already reads as memory becomes a git repository, pushed to a private GitHub repo, and cloned read-only onto a Hetzner VPS.

The Problem

Claude Code on the Mac remembered things Claude Code on the VPS didn't. A separate personal assistant (Tiger/OpenClaw) had its own brain entirely. Nothing was in version control. A VPS-only memory file list revealed seven notes that existed nowhere else — one disk failure from being gone.

How It Works

Typical sync latency: under a minute (Mac CC Stop hook pushes on session end). Worst case: ~35 min.

Design Choices

• Deploy key, not personal token — read-only SSH key scoped to one repo. If the VPS is compromised, attacker gets read access to one repo, not the whole GitHub account.
• launchd instead of cron — macOS cron doesn't fire during sleep and doesn't retry missed runs. StartInterval + RunAtLoad fires on wake-from-sleep, so closing the laptop at 3 AM doesn't strand commits overnight.
• Idempotent push script — every run reconciles local commits with remote, even when it didn't just create one. Catches the "committed but push failed mid-sleep" failure mode that burned me once.
• Single writer — only the Mac writes. No merge conflicts, no two-way sync, no reconciliation logic.

Build Log

• Giving My AI a Persistent Memory That Syncs Across Three Machines — the full write-up, including the "my laptop went to sleep mid-push" debugging sub-plot

Status

Shipped 2026-04-21 (Jira: KAN-69). Vault repo private on GitHub. Tiger's persona files mirrored inside the Vault as backup; migrating Tiger's runtime onto the Vault directly is a future task.