Stop reintroducing yourself.
Memact is an open identity infrastructure.
Instead of every application maintaining its own user profile, users own an identity address. Applications request user-approved context and contribute new observations through open protocols.
Memact is one implementation of those protocols. Anyone can build another compatible provider.
Every application learns something about its users.
A fitness app learns workout habits.
A music app learns listening preferences.
A learning platform learns interests.
A shopping app learns purchasing patterns.
Today, every application stores that knowledge independently.
Memact gives users a single place to understand, control, and reuse that context across applications.
Every user has an identity address.
alice.memact.com
Applications communicate with the identity address.
The identity provider behind that address is responsible for:
- Handling context requests
- Receiving context contributions
- Asking for user approval
- Enforcing permissions
Applications never communicate directly with each other's user data.
Memact currently defines two protocol families.
| Protocol | Purpose |
|---|---|
| CAP (Context Access Protocol) | Applications request user-approved context. |
| CCP (Context Contribution Protocol) | Applications contribute observations, evidence, and user-declared information. |
The protocols are open and provider-independent.
Applications integrate with the protocol, not with Memact itself.
Applications are not the source of truth.
They contribute observations.
Users decide what becomes part of their identity.
Identity can contain:
- User-declared information
- Verified information
- Application observations
- Supporting evidence
- Confidence
- Freshness
Identity evolves as users do.
alice.memact.com
│
▼
Identity Provider
(Memact or another provider)
│ │
▼ ▼
CAP CCP
│ │
└──────┬───────┘
▼
Applications
Memact is one identity provider.
The protocol allows anyone to build another compatible provider.
Memact does not replace authentication or authorization.
It complements them.
| Technology | Purpose |
|---|---|
| OAuth 2.0 | Authorization |
| OpenID Connect | Authentication |
| WebAuthn / Passkeys | User authentication |
| Verifiable Credentials | Verifiable claims |
| Memact | Portable, user-approved identity context |
A typical application might authenticate users with OpenID Connect, then request user-approved context through CAP.
| Repository | Purpose |
|---|---|
| Protocol | Protocol specifications, RFCs, and interoperability. |
| Access | Reference identity provider implementing CAP and CCP. |
| Context | Context registry, taxonomy, ranking, and sensitivity definitions. |
| Memory | Storage engine for approved identity context, evidence, and history. |
| Contracts | Shared schemas, contracts, and validation. |
| SDK | Libraries for integrating applications with compatible identity providers. |
| Notebook | User dashboard for reviewing, approving, and managing identity context. |
Memact is an Apache 2.0 open source project.
The goal is to build open infrastructure that anyone can implement, extend, or self-host.
Whether you want to improve the protocols, build an identity provider, contribute to the reference implementation, or create SDKs, contributions are welcome.
- Read the project vision.
- Pick an issue labeled
good-first-issue. - Comment on the issue before starting work.
- Open a pull request.
For contribution guidelines, see CONTRIBUTING.md.
Licensed under the Apache License 2.0.