The one stop location for your StoaChain/Ouronet Codex Management
A cloud-hosted vault for the StoaChain/Ouronet ecosystem. The Codex is your single instrument for managing every cryptographic asset on chain; Mnemosyne is where that Codex lives, syncs across devices, and reaches every Codex Consumer app you use.
Mnemosyne — Greek goddess of memory, mother of the nine Muses.
Secure your cryptographic vault with seed words composed in your own language — your mother tongue, your dialect, your private vocabulary. The first crypto system that doesn't force you to memorize words from someone else's dictionary.
No fixed English wordlist. No 2048 prescribed nouns. Compose your seed from any glyph in any writing system — Latin, Cyrillic, Greek, diacritics, mathematical symbols, anything that lives in the Dalos Character Set. Memorize a phrase that actually means something to you. Keep your vault in your head.
Mnemosyne is a Software-as-a-Service platform (a cloud-hosted service you reach through a web browser) that stores your Codex encrypted-at-rest and serves it to Codex Consumer apps under a unified credential.
Architecturally, Mnemosyne converges on the same zero-knowledge cloud-storage pattern that Bitwarden landed on for password management — encrypted blob server-side, decryption keys never visible to the operator, multi-wrap envelope for credential rotation. Different problem, same shape — and arriving there independently is reassuring: the design space has a clean local optimum and this is it.
The operator cannot decrypt your Codex with anything it holds. Cryptographic impossibility for self-custody modes, documented operator-trust trade-offs for accessibility-first modes.
Pay once to pin your encrypted Codex to Arweave. The StoaChain stores the pointer. Even if Mnemosyne disappears entirely, you recover with just your seed and a chain read.
One Codex, many apps. OuronetUI, AncientHoldings, the upcoming Demiourgos Streaming Platform — every Codex Consumer reads the same Codex. Switch devices freely.
Not a decentralized protocol — v0.1 is a centralized Software-as-a-Service. Decentralization happens in layers (see Storage).
Not a custodial wallet in the regulatory sense. The cryptographic design makes it technically non-custodial.
Not a replacement for
@stoachain/ouronet-codex. It's a new adapter for the existing
package.
Not an identity provider for non-Codex purposes at v0.1. Single sign-on flows and broader identity uses are future possibilities.
The Codex is the single entity that holds everything cryptographic you have on StoaChain and Ouronet. One file. One vault. Encrypted on disk, decrypted only in your browser. Everything an account, key, or identity needs to be controlled lives here.
Store as many seed sets as you need. Koala (24-word), Chainweaver (12-word), and Eckowallet seeds are all supported.
Standard accounts (Ѻ.xxx) and Smart accounts (Σ.xxx)
alike. Mint as many as you need; the Codex tracks them all.
Store any number of StoaChain public keys and
their corresponding k: accounts. You can also observe
any other named StoaChain account
(k:, c:, u:, w:) for
read-only viewing.
Add keys to a seed word set continuously (positions 0, 1, 2, …) or jump straight to any specific position you need. Your seed sets are not fixed-shape — they grow as you do.
Store standalone Stoa keypairs that aren't derived from any seed phrase. The keypair IS the entity — useful for one-off accounts, ephemeral signers, and system keys like the CodexGuard.
As many Ouronet and StoaChain accounts as you want to remember — friends, business contacts, common destinations. Tagged, searchable, ready when you need them.
Each recognised Codex Consumer (OuronetUI, AncientHoldings, future apps) stores its own settings inside your Codex — interface preferences, node choices, feature flags. One Codex, many apps, consistent preferences everywhere.
The Codex is the single entity holding every cryptographic asset you have on StoaChain/Ouronet. Architecturally, the same model could be extended to support any other seed derivation scheme and any other blockchain's address types — but for v0.1 the scope is StoaChain/Ouronet.
Pick your mode at signup. Each higher mode is a strict superset of the lower one — Mode 2 has everything Mode 1 has plus a wallet-signature login; Mode 4 has everything from Modes 1–3 plus phone recovery and personal facts. Switch modes later without re-encrypting the Codex.
Zero personal information, maximum anonymity
The base mode. Sign up with a username and password — no email, no phone, no tracking. Two unwrap paths: your password (daily) and your Codex Identity seed (recovery).
| Login | username + password |
|---|---|
| Recovery | Codex Identity seed |
| Custody | strict self-custody |
| For | crypto-natives, privacy-conscious users |
Sign in with your CodexPrime
Adds wallet-signature login. Type your Ѻ.xxx address; sign a
challenge with your CodexPrime Standard Ouronet
Account's private key; server verifies. No new password to invent if you don't
want one. Mode 1's username + password also remains available.
| Login | Mode 1 or Schnorr signature |
|---|---|
| Recovery | Codex Identity seed |
| Custody | strict self-custody |
| For | users who want their wallet to be their identity |
Email reset that actually works
Adds email-based password reset. At signup, Mnemosyne emails you a one-shot Recovery Email Secret — save it like you'd save any important credential. "Forgot password" works for real.
| Login | Mode 1/2 methods |
|---|---|
| Recovery | seed or email magic link + Email Recovery Secret |
| Custody | hybrid (3 user-held paths) |
| For | power users who want multi-device + reset |
Built for non-technical users
Adds phone identity, SMS Recovery Secret, and personal facts recovery (mother's maiden name, first pet, plus a chosen secret word). The upcoming Demiourgos Streaming Platform's onboarding preset uses this with full autopilot — a user signs up for streaming, gets a fully-functional Codex as a byproduct.
| Login | Mode 1/2 methods |
|---|---|
| Recovery | seed / email / SMS Recovery Secret / facts |
| Custody | hybrid, accessibility-leaning |
| For | Demiourgos Streaming Platform, non-technical users |
Each mode includes every login + recovery surface of the lower modes. You can add a mode any time (adds new wraps of your Codex Key). You can remove a mode after a 24-hour cooling-off (deletes those wraps). The encrypted Codex blob is byte-identical across all your mode changes.
| Mode | Identifier(s) | Login methods | Recovery surfaces |
|---|---|---|---|
| Ⅰ | username | username+password | seed |
| Ⅱ | username, CodexPrime addr | username+password, wallet-sig | seed |
| Ⅲ | username, addr, email | username+password, wallet-sig | seed, email-secret |
| Ⅳ | username, addr, email, phone | username+password, wallet-sig | seed, email-secret, SMS-secret, facts |
Three paths into Mnemosyne, orthogonal to your mode choice. The wizard adapts.
You have nothing yet. The wizard generates everything from scratch — Codex Identity, CodexPrime Standard Ouronet Account, on-chain registration, the lot.
You already have an OuronetUI Codex in your browser. The wizard reads it, adds the Mnemosyne-only pieces (Codex Identity, CodexGuard), uploads. The hard-cutoff migration preset uses this.
You have a JSON backup of a Codex (OuronetUI export or Mnemosyne export). Upload, decrypt locally, re-encrypt under Mnemosyne, done.
Every Codex creation walks you through these three choices. Each has an "I-don't-care-just-do-it" autopilot variant and a "I-want-to-pick-this-myself" custom variant.
₱.STANDARD:Π.SMART). Autopilot:
24 random Dalos words. Custom: bring your own words, bitstring, bitmap,
base-10 or base-49 scalar.
Mnemosyne separates the storage layer from the trust anchor. Your encrypted Codex lives in the database (always) and optionally on Arweave (opt-in, paid). The StoaChain stores the immutable identity entry plus a pointer to your latest Arweave backup.
The ouronet-ns.CODEX Pact module on StoaChain.
Holds your Codex Identity registration (immutable), your CodexGuard
(rotatable), and pointers to all your Arweave backups (append-only history).
Cost: tiny gas per pointer update. Trust anchor: CodexGuard signs all mutations. Censorship-resistant: any Mnemosyne-compatible client can read.
Per-Codex encrypted blob, paid once via Bundlr/Irys, stored forever. The StoaChain pointer tells the world which Arweave tx-id is canonically yours.
Cost: one-time AR payment per upload, no recurring. Encryption: same Codex Key that wraps L1. Use case: disaster recovery if Mnemosyne ever disappears.
Live encrypted blob, mutated on every Codex change. Server-side PostgreSQL. Single concatenated format: wraps + encrypted Codex in one binary file.
Cost: Mnemosyne operational. Deletable on user request (the European General Data Protection Regulation's "right to be forgotten" actually works here).
The chain pointer is what makes Arweave a backup rather than just another place data sits. Without L3, an attacker could publish decoy blobs and a recovering user would have no way to tell which one was theirs.
Every Codex has a public identity on the StoaChain. It's a pair of Apollo-curve keys — a Standard half for daily operations and a Smart half for sensitive ones.
Standard alone authorizes:
Standard + Smart cosign required:
Apollo signatures are verified off-chain by Mnemosyne's web app and backend. This enables cross-domain identity proofs without chain calls:
wallet.ouro.network) — sign a challenge with Standard, consumer verifies against on-chain pubkey, accepts your Codex Identity.Cryptographic guarantees are real. Operational risks are standard for the zero-knowledge cloud-storage pattern and accepted as part of the trade-off.
| Action | Self-custody modes (1, 2) | Hybrid modes (3, 4) |
|---|---|---|
| Decrypt your Codex from server data alone | Impossible | Impossible (Modes 1–3) / Possible if facts weak (Mode 4) |
| Initiate a password reset on your behalf | Impossible — would require forging a Schnorr signature | Possible if operator controls email or SMS channel |
| Tamper with Codex contents undetectably | Detected on next decrypt (authenticated encryption) | Same |
| Refuse to serve you (denial of service) | Possible — but you have your seed; self-host or migrate | Same |
| Brute-force your password from the verifier | Theoretically — Argon2id makes it slow for weak passwords, infeasible for strong | Same |
| See which Codices exist | Yes — metadata isn't encrypted, only payload | Same |
Authenticated encryption for the Codex blob. Standard. Unbreakable in any relevant time horizon without the Codex Key.
Modern password-hashing function. Tunable to be slow and memory-expensive. Winner of the 2015 Password Hashing Competition.
Our own elliptic curve with Schnorr signatures, verified off-chain. Two halves (Standard + Smart) enable tiered authorization without needing on-chain Apollo verification.
Mnemosyne is in the design-locked phase. Implementation begins after v0.3.0 of
the @stoachain/ouronet-codex package ships.
ouronet-ns.CODEX Pact module