Consent-First Personal Data Agent System
Your data. Your vault. Your agents.
Hushh is a privacy-first platform where AI agents work for you, not against you. Your data stays encrypted on your terms, and agents need explicit cryptographic consent to access it.
Traditional AI: You → Platform → (Platform owns your data)
Hushh: You → Encrypt → Vault → Agents (with YOUR permission)
| Layer | Technology | Purpose |
|---|---|---|
| Frontend | Next.js 16, React 19 | Chat UI, Dashboard |
| Protocol | HushhMCP (Python) | Consent tokens, TrustLinks |
| Agents | FastAPI | Food, Professional, Orchestrator |
| Storage | PostgreSQL + AES-256 | Encrypted vault |
# Clone
git clone https://github.com/hushh/hushh-research.git
cd hushh-research
# Frontend
cd hushh-webapp && npm install && npm run dev
# Backend (new terminal)
cd consent-protocol && pip install -r requirements.txt
uvicorn server:app --reload --port 8000
# Open http://localhost:3000| Document | Description |
|---|---|
| 🚀 Getting Started | Setup and run locally |
| 📖 Main Docs | Complete documentation hub |
| 🏗️ Architecture | System design & flows |
| 🔐 Consent Protocol | Token lifecycle |
| 🔧 Developer API | External API access |
| 💾 Database Schema | PostgreSQL tables |
# Agent issues token when user confirms "Save"
token = issue_token(user_id, agent_id, scope)
# Vault validates before any write
valid, reason, _ = validate_token(token, expected_scope)Passphrase → PBKDF2 (100k iterations) → AES-256 Key
↓
Stored in browser only
Server NEVER sees it
hushh-research/
├── 🌐 hushh-webapp/ # Next.js Frontend
├── 🐍 consent-protocol/ # Python Agents & Protocol
│ ├── server.py # FastAPI endpoints
│ └── hushh_mcp/
│ ├── agents/ # Food, Professional, Orchestrator
│ ├── consent/ # Token issuance
│ └── vault/ # Encryption
└── 📚 docs/ # Documentation
- Fork & clone
- Create feature branch
- Make changes
- Submit PR
🤫 Because your data should work for you.