Security | Crew One

The Problem With AI Memory

Every AI tool you use builds a dossier on your business. ChatGPT knows your strategy. Notion AI has your roadmap. Your "AI assistant" has seen your cap table, your investor conversations, your hiring plans.

For Crew One, it's even more sensitive: we store compounding memory—decisions made, relationships tracked, patterns learned over time. A breach isn't one conversation. It's your complete business intelligence layer.

We believe that data should be readable only by you.

Our Approach: Encryption at Rest

Crew One is implementing client-side encryption for all business memory. Your encryption keys are derived from your passphrase—we never see them.

Client-Side Key Generation

Your encryption keys are generated on your device. We never have access to them.

AES-256-GCM Encryption

Industry-standard encryption for all stored memories, decisions, and relationships.

Zero-Knowledge Storage

We store your encrypted data. We cannot decrypt it—literally.

True Deletion

When you delete, it's gone. Cryptographically. No 30-day retention, no soft deletes.

How It Works

┌─────────────────────────────────────┐

│ YOUR DEVICE │

├─────────────────────────────────────┤

│ 1. Generate key pair on first login │

│ 2. Derive key from your passphrase │

│ 3. Encrypt before sending to server │

│ 4. Decrypt locally after retrieval │

└─────────────────────────────────────┘

↓ Encrypted Only ↓

┌─────────────────────────────────────┐

│ CREW ONE SERVERS │

├─────────────────────────────────────┤

│ Stores: │

│ • Encrypted memories (ciphertext) │

│ • Encrypted decisions & patterns │

│ • Your public key (for encrypting) │

│ │

│ Cannot decrypt without passphrase │

└─────────────────────────────────────┘

Your passphrase never leaves your device. The encryption key is derived using Argon2id—the same key derivation function used by password managers and security-critical applications.

How We Compare

Most AI tools say "secure." We show the receipts.

Feature	Crew One	Others*
Encryption at rest
Client-side keys
You control decryption
Published architecture
True deletion

*Based on publicly available documentation from major AI assistant tools. "Unknown" means no clear documentation found.

What We Protect (And What We Don't)

"Military-grade encryption" marketing is bullshit. Here's exactly what protection you get.

Encryption at Rest Protects Against:

Database breaches — Attackers get ciphertext, not your data
Stolen backups — Useless without your passphrase
Rogue employees — We can't read stored data
Cloud provider compromise — Encrypted at our layer
Long-term exposure — Historical data stays protected

What It Doesn't Protect:

Processing — Memories must be decrypted for agents to reason over them. During active sessions, data exists in server memory.
Compromised credentials — If someone gets your passphrase, they can decrypt everything.
AI model providers — When we route to Claude for skills execution, the provider sees the context.
Legal compulsion — We can be compelled to hand over encrypted data. We can't be compelled to decrypt it (we can't).

Technical Specifications

Symmetric Encryption	AES-256-GCM
Key Derivation	Argon2id
Asymmetric Keys	X25519
Passphrase Requirement	12+ characters (not 6-digit PIN)
Recovery	Recovery key backup + optional hardware key

Implementation Status

We're being transparent: this encryption architecture is currently in development. We're publishing our design now because we believe in building trust through honesty, not vague "enterprise-grade security" claims.

Want to follow our progress? Join the waitlist and we'll share updates as we ship.

Security Roadmap

Architecture design publishedComplete

Core encryption implementationIn progress

Security whitepaperPlanned

Independent security auditPlanned

SOC 2 Type I certificationPlanned

Questions?

We welcome scrutiny. If you're a security researcher or have questions about our approach, we'd love to hear from you.

Contact Security Team Read Privacy Policy

Your Memory. Your Keys.