From 82beadf5468a7b37cb5a7351675df6b2c41cec1c Mon Sep 17 00:00:00 2001 From: gramps Date: Mon, 13 Jul 2026 16:27:34 -0700 Subject: [PATCH] docs: prioritize Private Chat mode over encryption in B8 --- AGENTS.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/AGENTS.md b/AGENTS.md index cd3b74f..b52397a 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -157,7 +157,8 @@ All streaming endpoints yield `data: {json}\n\n`. Key shapes: - B5 — default model auto-pull on first start - B6 — waterfall direction toggle - B7 — Apple Silicon worker support (gpu.py Metal, hardware.py Darwin) -- B8 — **Encryption & PHI readiness** — spec out encryption at rest (SQLCipher for caic.db, Qdrant payload encryption) and in-transit (TLS for inference, AMQP, RAG). Per-user auth, audit logging, log sanitizer, data lifecycle. Document the "personal LAN HIPAA gap." No implementation yet — capture design decisions. +- B8 — **Encryption & PHI readiness** — spec out encryption at rest (SQLCipher for caic.db, Qdrant payload encryption) and in-transit (TLS for inference, AMQP, RAG). Per-user auth, audit logging, log sanitizer, data lifecycle. Document the "personal LAN HIPAA gap." + - **Preferred approach: Private Chat mode** — a toggle that skips DB persistence, memory/RAG injection, and content logging entirely. Zero stored data = zero data to protect. Simpler, more robust, less code to audit than full encryption. Design this as the primary PHI path before reaching for crypto. ### Key config values (current) - `VERSION = "v0.18.0"` in `config.py`