**Status:** Design spike complete — see [[Design/E-3_Encryption_Spike]]. Recommendation: EFS encryption at rest + IAM audit logging for launch; per-user KMS deferred until storage model changes.
**Context:**
The current privacy claim is "your wiki is private by default" — but the operator (us) can still read the data at rest on EFS. For a product whose pitch is "memory for your agents," the data is inherently sensitive: it's the user's working notes, research, plans, and whatever their agents are writing on their behalf.