Encryption Hub · Encrypted Shared Memory
Shared context between agents, fully revokable
Most multi-agent systems either force agents into complete isolation, destroying collaboration, or dump all context into one plaintext shared vector database, creating a honeypot. NuDay gives you a third option.
NuDay introduces dynamic encryption key delegation. Through a secure agent-to-agent protocol, agents cryptographically grant and instantly revoke access to specific memory clusters.
True policy delegation of shared secrets, without exposing the underlying data.
The risk
The problem with "shared context"
As AI infrastructure scales from single-agent tasks to multi-agent orchestration, a critical question emerges: how do agents share context without sharing all of your secrets?
In a software development crew, a requirements agent might need to pass customer PII or proprietary architecture to a coding agent. With a standard shared memory pool, the coding agent now has permanent access to that sensitive data. If it is later compromised via prompt injection, the adversary can query the shared database to exfiltrate the requirements agent's context.
To collaborate securely, agents need to lend context temporarily, like human workers sharing a secure document, and revoke that access the millisecond the task is complete.
How it works
Dynamic, peer-to-peer cryptographic brokering
NuDay replaces static database permissions with revocable, per-memory key access.
The mechanism
When agent A shares a sensitive memory with agent B, it does not send plaintext JSON. NuDay's Policy Server brokers a temporary, scoped encryption key over the mTLS-secured A2A protocol; agent B decrypts the memory to complete its task, and when it concludes, agent A or the global policy engine instantly revokes the key.
No cascading compromise
Even if an attacker hijacks agent B later, they cannot read the shared memory. The key has been revoked, and the memory remains unreadable ciphertext.
No privilege hoarding
Access is governed by revocable keys, not static IAM roles, so an agent's access to sensitive memory shrinks back to zero the moment its sub-task is finished.
No memory snooping
Rogue agents cannot scrape the vector database for context. Memory is physically partitioned by encryption, not just database namespaces.
Comparison
Inter-agent memory security
Some platforms offer encryption at rest for the database itself. NuDay is the only one offering dynamic, cryptographic memory revocation directly between agents.
| Memory security feature | NuDay | Open-source orchestrators | Managed cloud agents | Advanced memory DBs |
|---|---|---|---|---|
| Core memory architecture | Decentralized encrypted clusters | Ephemeral windows or local JSON | Centralized cloud storage | Dedicated vector/graph databases |
| Inter-agent memory sharing | Encrypted A2A protocol (mTLS) | Plaintext message passing | Shared session context | Shared DB namespaces |
| Data layer encryption | Per-memory crypto-agile key access | None (plaintext) | Provider-managed at rest | Database-level at rest |
| Access revocation | Instant cryptographic key revocation | N/A (data already passed) | Static IAM/RBAC updates | Hard deletion of records |
| Risk of cascading compromise | Zero (revoked keys block access) | Critical (context duplicated) | High (if session breached) | High (if DB credentials leak) |
Secure multi-agent collaboration
Scale multi-agent systems without scaling the risk.
See how NuDay's cryptographic memory delegation enables secure multi-agent collaboration with instant access revocation.