Skip to content

Richer scopes on Claim/Source: (visibility, project, agent) retrieval filtering (VEP-0005) #189

Description

@jsdevninja

What you're trying to do

When several agents and/or projects share one .vouch/ KB, I want retrieval (kb.search, kb.context, vouch search, vouch context) to return only artifacts meant for my project and agent — because today a single flat scope: project|private|team|public enum can't express which project or which agent owns an artifact.

Concrete example: Agent A on project billing runs vouch context "auth". It should see team-wide and unbound claims, plus billing-scoped claims and its own private scratch notes — but not project checkout's claims or Agent B's private notes.

This matters more now that deterministic KB sync (vouch sync-check / sync-apply) can merge diverged .vouch/ directories from multiple teammates/agents into one shared KB.

What you've tried

  • Flat scope enum on Claim/Source (private / project / team / public) — answers "how widely visible" but not "for whom."
  • VOUCH_AGENT for audit attribution — records who proposed/approved, but does not filter retrieval.
  • tags — untyped; every consumer would reinvent project/agent conventions.
  • Per-project subdirectories under .vouch/ — bigger on-disk layout change; doesn't model visibility tiers cleanly.

Suggested shape

Replace the single scope string with a structured object on Claim and Source:

scope:
  visibility: project   # private | project | team | public
  project: billing      # optional — None = not bound to a project
  agent: claude-cli     # optional — used for private owner binding

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions