v0.1.12New: Windows ZIP + DataMoat.exe downloads, plus signed macOS DMG.
Back up your AI workflows before they disappear.
Encrypted, local history for Claude CLI, Claude Desktop, Codex CLI, Codex app, OpenClaw, Cursor, and attachments: prompts, transcripts, tool output, locally available reasoning content, metadata, and files.
The people and companies that own their AI data will win the future.
macOS 12+ Apple Silicon DMG
Linux source install
Windows ZIP + DataMoat.exe downloads
# Quick install $ git clone https://github.com/max-ng/datamoat.git $ cd datamoat $ bash install.sh $ datamoat
Windows ZIP + DataMoat.exe packages are full app folders. Unzip the package and run DataMoat.exe from inside the extracted folder; this is not a standalone installer yet.
SearchFilters
refactor auth middleware
127 resultsSort: Newest
Refactor auth middleware to use async/await
import { verifyToken } from "./verify"; export async function auth(req, res, next) { try { const token = req.headers.authorization; const user = await verifyToken(token); req.user = user; return next(); } catch (error) { return res.status(401).json({ error: "Unauthorized" }); } }
auth-middleware.tsv24 - 17 KB
test-output.log104 KB
Supported sources and platforms
Claude CLI
Claude Desktop
Codex CLI
Codex app
OpenClawCursor
macOS
Linux
Why individuals and companies need it
Searchable history
Search across prompts, transcripts, reasoning-visible blocks, tool output, metadata, and attachments without depending on a live app view.
Local attachment capture
Capture files, diffs, logs, images, and supported PDF blocks referenced or produced during AI coding sessions.
Auditability
Tamper-evident audit entries help prove integrity for reviews, restores, incident follow-up, and project handoffs.
Encrypted recovery
AES-256-GCM vault storage with password, optional TOTP, 24-word recovery phrase, one-time codes, and Touch ID on supported Macs.
Security architecture
Built like a local vault, not a cloud sync product.
DataMoat is designed around local ownership: supported source records are captured on your machine, written into encrypted vault storage, and searched only after a local unlock. The website says this carefully because it maps to the implementation, not to a marketing promise.
Background capture can keep saving new supported records while the UI remains locked. Reading, searching, and exporting old vault content still require an approved unlock path.
AES-256-GCMAuthenticated vault, state, raw record, and attachment encryption.
scryptPassword verifier and wrapped vault-key derivation, with timing-safe comparison.
BIP-3924-word recovery phrase plus one-time recovery codes for local recovery.
capture/writeSupported source records are read from local files and written as encrypted vault records.
raw-firstOriginal source lines are stamped with SHA-256 and encrypted before extraction builds searchable views.
unlock/readPassword, optional TOTP, Touch ID on supported Macs, recovery phrase, or one-time code opens a read/search session.
audit/healthAudit entries are hash-chained; diagnostics redact passwords, tokens, recovery material, and vault keys.
Authenticated encryption, not a plain export folder.
Vault JSONL lines, state files, raw records, and attachments are encrypted at rest with AES-256-GCM using 12-byte nonces and 16-byte authentication tags.
Keys are wrapped; passwords are not stored.
Normal unlock uses scrypt-derived material and stores verifiers or wrapped-key records instead of a plaintext password or plaintext vault key.
Recovery works without a cloud account.
The 24-word phrase and one-time codes are local recovery paths. DataMoat stores hashed or wrapped recovery material, not the phrase or codes as readable text.
Capture and reading have separate boundaries.
A background capture session can write new encrypted data and encrypted offset state while the UI stays locked; old search and display remain behind local unlock.
Raw-first storage preserves what the source wrote.
DataMoat saves encrypted raw source records before extractor logic decides what to show, so future extractors can rebuild richer views from the protected copy.
Tamper-evident logs and redacted diagnostics.
The audit log uses a hash chain, and health/crash records redact secret-like values including tokens, mnemonics, recovery codes, passwords, and vault keys.
Raw-first vault
Capture the source record first. Improve the extractor later.
AI tools change their local formats quickly. DataMoat's raw-first path keeps an encrypted copy of the source record before transforming it into a searchable session, which reduces the risk of losing context when a parser gets better later.
local source record
SHA-256 content stamp
AES-256-GCM vault line
searchable local view
Protection model
A local vault should make each boundary visible: what gets read from source files, what is written encrypted, what requires human unlock, and what never leaves the computer.
Local capture boundary
Supported AI tool records are read from local files. Raw source lines are content-stamped before extraction builds a searchable view.
source line -> sha256
Authenticated vault write
Vault lines, raw records, offsets, session state, and attachments are encrypted with AES-256-GCM before they become the protected copy.
nonce(12) + tag(16) + ciphertext
Human-controlled unlock
Password, optional TOTP, 24-word recovery phrase, one-time recovery code, or Touch ID on supported Macs opens read/search.
scrypt verifier + wrapped key
Local-only search session
Old content is decrypted only after local unlock. DataMoat has no cloud account or server-side search path for your vault.
read session -> local UI
source record
hash stamp
AES-GCM seal
encrypted vault
The moving line represents the write boundary: plaintext source record in memory, authenticated encrypted record at rest.
AES-256-GCMVault, raw, state, attachments
scryptPassword verifier and wrapped key
Optional TOTPSecond factor for unlock
24-word recoveryBIP-39 local recovery
One-time codesStored as hashed recovery material
Touch IDSupported Macs only
Tamper-evident audit log - verify local integrity with datamoat audit verify
Supported sources
Claude CLI
Full local transcript capture, including locally written thinking blocks when present.
Codex CLI
Terminal sessions, transcript text, tool output, timestamps, metadata, and stable attachments.
Codex app
Supported local app sessions, tool output, metadata, and stable image attachments.
Claude Desktop
Supported local-agent sessions on macOS when the desktop app writes them to disk.
OpenClaw
Supported local OpenClaw transcripts plus provider, model, and cost metadata when present.
Cursor
Readable local agent-transcripts JSONL records, including text and tool blocks when present.
Claude CLI attachments
Encrypted image and supported file/PDF blocks.
More coming soon
Additional local sources on the roadmap.
Commands you'll use
datamoat
$ datamoat
Open the DataMoat UI.
datamoat status
$ datamoat status
Check vault and system status.
Vault: Locked Items: 3,246 Index: Up to date Encryption: AES-256-GCM
datamoat scan
$ datamoat scan
Scan for new data to capture.
Sources scanned: 3 New items: 54 Attachments: 6 Duration: 1.23s
datamoat audit verify
$ datamoat audit verify
Verify the audit log integrity.
Entries: 1,842 Status: Verified All good.
datamoat unlock
$ datamoat unlock
Unlock your vault locally.
Vault unlocked. Welcome back.
For individuals and teams
Personal knowledge vault
Never lose important context, decisions, or code again. Your AI work history stays organized and available.
Better handoffs
Share relevant sessions, diffs, and artifacts with teammates for smoother reviews and faster collaboration.
Continuity you can trust
Maintain long-term continuity across projects and machines with an encrypted, verifiable local history.
Protect your AI work. Own your history.
Download DataMoat v0.1.12 and start backing up today.
Download links verify the newest macOS and Windows assets from GitHub Releases.
Download macOS DMG
macOS DMGLinux sourceWindows ZIP + DataMoat.exe
FAQ
Is my AI work ever uploaded to DataMoat?No. The vault, index, attachments, and search flow stay on your own machine.
The landing page may call GitHub Releases to keep the download button current, but DataMoat does not upload your prompts, transcripts, tool output, files, attachments, or search history to a DataMoat cloud service.
How does it save work before compaction or cleanup?A local watcher processes new source records as they are written and stores them into the encrypted vault.
For supported sources, DataMoat watches local transcript files and tracks byte offsets so new records can be captured quickly before compaction, retention cleanup, app format changes, device loss, or server moves make the original history harder to recover.
What exactly is captured today?Claude CLI, Codex CLI, Codex app, Claude Desktop local-agent sessions, OpenClaw, Cursor, and Claude CLI attachments.
DataMoat preserves locally available transcript text, prompts, tool output, timestamps, source metadata, stable image attachments, supported file/PDF blocks, and reasoning-visible content when the source application writes that content to disk.
Why are Claude CLI and Codex CLI/app reasoning records different?Claude CLI can write full local thinking blocks; Codex CLI/app often writes metadata without raw reasoning text.
DataMoat backs up what is locally available. Claude CLI local session records can include full thinking text, while newer Codex CLI/app records often keep reasoning content unavailable or encrypted by the source app, so DataMoat preserves transcript, tool output, timestamps, metadata, and attachments instead.
What makes it safer than a normal export folder?The saved copy is encrypted, searchable, versioned, and backed by a local audit chain.
A plaintext export is easy to leak, modify, lose, or misread later. DataMoat keeps the protected vault as the source of truth, encrypts state and attachment blobs, and lets you verify the hash-chained audit log with datamoat audit verify.
What if somebody copies my DataMoat folder?They get encrypted vault files, not readable transcripts.
Vault records, attachments, offsets, and session index state are encrypted at rest with AES-256-GCM. Passwords are stored as scrypt verifiers, not plaintext, and the UI still requires an approved unlock path before old records can be read or searched.
How do password, TOTP, Touch ID, and recovery fit together?Password and optional TOTP protect normal unlock; recovery material exists for account recovery.
Source installs support password, optional TOTP, a 24-word BIP-39 recovery phrase, and one-time recovery codes. The packaged macOS app adds Touch ID and Secure Enclave-backed daily unlock on supported Macs.
What happens if I forget my password or lose my authenticator?Use the 24-word recovery phrase or one of the one-time recovery codes.
Recovery is designed so you can regain access without storing your password in plaintext or relying on a cloud account. Recovery material is shown locally during setup and should be kept offline by the human user.
Can Claude CLI, Codex CLI, Codex app, or OpenClaw install it for me?They can start the install, but final setup should happen on the protected desktop.
An AI agent can clone the repo, run install.sh, and launch datamoat. Password setup, TOTP enrollment, the 24-word phrase, and recovery codes should be completed by the human user on the machine being protected, not relayed through chat screenshots or remote messages.
Will the download button find the latest version?Yes. It shows the current version number and checks GitHub Releases for the newest release assets.
The page starts with v0.1.12 in the HTML for clarity and then asks GitHub Releases for the current latest release. If the API is blocked, the buttons still open the latest release page or the current known release assets instead of showing an old version.
Is DataMoat open source?The repository is source-available under BUSL-1.1 with an Additional Use Grant.
Personal use and internal company use are allowed by the grant. It is not an OSI-approved open source license, so production, resale, hosting, or other uses outside the grant should be checked against LICENSE.md.