Encryption Hub · Encrypted Shared Memory

Shared context between agents, fully revokable

Most multi-agent systems either force agents into complete isolation, destroying collaboration, or dump all context into one plaintext shared vector database, creating a honeypot. NuDay gives you a third option.

Two agents exchange a revocable encryption key to share one encrypted memory cluster

NuDay introduces dynamic encryption key delegation. Through a secure agent-to-agent protocol, agents cryptographically grant and instantly revoke access to specific memory clusters.

True policy delegation of shared secrets, without exposing the underlying data.

The risk

The problem with "shared context"

As AI infrastructure scales from single-agent tasks to multi-agent orchestration, a critical question emerges: how do agents share context without sharing all of your secrets?

In a software development crew, a requirements agent might need to pass customer PII or proprietary architecture to a coding agent. With a standard shared memory pool, the coding agent now has permanent access to that sensitive data. If it is later compromised via prompt injection, the adversary can query the shared database to exfiltrate the requirements agent's context.

To collaborate securely, agents need to lend context temporarily, like human workers sharing a secure document, and revoke that access the millisecond the task is complete.

How it works

Dynamic, peer-to-peer cryptographic brokering

NuDay replaces static database permissions with revocable, per-memory key access.

The mechanism

When agent A shares a sensitive memory with agent B, it does not send plaintext JSON. NuDay's Policy Server brokers a temporary, scoped encryption key over the mTLS-secured A2A protocol; agent B decrypts the memory to complete its task, and when it concludes, agent A or the global policy engine instantly revokes the key.

No cascading compromise

Even if an attacker hijacks agent B later, they cannot read the shared memory. The key has been revoked, and the memory remains unreadable ciphertext.

No privilege hoarding

Access is governed by revocable keys, not static IAM roles, so an agent's access to sensitive memory shrinks back to zero the moment its sub-task is finished.

No memory snooping

Rogue agents cannot scrape the vector database for context. Memory is physically partitioned by encryption, not just database namespaces.

Comparison

Inter-agent memory security

Some platforms offer encryption at rest for the database itself. NuDay is the only one offering dynamic, cryptographic memory revocation directly between agents.

Memory security featureNuDayOpen-source orchestratorsManaged cloud agentsAdvanced memory DBs
Core memory architectureDecentralized encrypted clustersEphemeral windows or local JSONCentralized cloud storageDedicated vector/graph databases
Inter-agent memory sharingEncrypted A2A protocol (mTLS)Plaintext message passingShared session contextShared DB namespaces
Data layer encryptionPer-memory crypto-agile key accessNone (plaintext)Provider-managed at restDatabase-level at rest
Access revocationInstant cryptographic key revocationN/A (data already passed)Static IAM/RBAC updatesHard deletion of records
Risk of cascading compromiseZero (revoked keys block access)Critical (context duplicated)High (if session breached)High (if DB credentials leak)

Secure multi-agent collaboration

Scale multi-agent systems without scaling the risk.

See how NuDay's cryptographic memory delegation enables secure multi-agent collaboration with instant access revocation.