docs(arch): upstream backend classes + bucket layout, plus wiki + /create-pr conventions#84
Merged
Merged
Conversation
…ate-pr conventions
Adds the exercise-vs-distribution framing as a first-class concept in
arch.md, names the per-data-class bucket layout, pins the project wiki
location, and documents the /create-pr workflow in Claude Code git
worktrees.
Motivation:
Recent discussions surfaced that the §6 STS-to-vault pipeline subsumes
two semantically distinct cases that arch.md did not distinguish:
- Class A (AWS-native, e.g. S3 / SES / future memory storage):
upstream re-authorizes every request; the §6 pipeline IS both
distribution and exercise. Granularity falls out of IAM + JWT
claims.
- Class B (bearer-token, e.g. OpenRouter / Anthropic / Groq):
upstream trusts the bearer once minted; we secure distribution
(per-grant provisioning + vault prefix gating) and accept that
exercise enforcement is provider-bounded.
Operators reading §6 alone could not tell whether the vault payload IS
the action (Class A) or merely enables one out-of-band (Class B). The
two cases differ on revocation, blast radius, and what the provisioner
must do.
Separately, S3 bucket-level configuration (Versioning, Object Lock,
BucketEncryption, Lifecycle, CloudTrail data events) cannot be set
per-prefix, and vault / memory / audit have conflicting requirements
on every dimension. Wallet-as-prefix is sufficient for per-actor
isolation but cannot replace per-data-class bucket separation -- the
two are orthogonal axes, both required.
Changes:
docs/spec/architecture.md
§3a -- new canonical-name rows for vault_bucket, memory_bucket,
audit_bucket; documents the single-bucket-today $BUCKET
alias and the forward fan-out to $VAULT_BUCKET etc.
§4b -- new subsection "Upstream backend classes -- exercise vs
distribution" introducing Class A / Class B with per-class
enforcement story and add-new-upstream guidance. Links
out to the wiki page for full detail.
§7 -- Vault backend row 4 renamed to vault_bucket and cross-linked
to §4b + §7a. Added row 5 "Egress enforcement" so a future
broker-as-egress-proxy has a documented pluggable slot.
§7a -- new subsection "Bucket layout -- data-class buckets, wallet
prefixes" covering the bucket-level config matrix, why each
data class needs its own IAM role, why $BUCKET is a variable,
and the single-bucket-today migration map.
Updates dead reference at §4a from .omc/wiki/ to wiki/.
wiki/upstream-backend-classes-exercise-vs-distribution.md (new)
Full design rationale: two security concerns table, Class A / B
property tables, granularity flow per class, bucket-layout
consequences, design rule for adding a new upstream, open
questions (broker-as-egress-proxy trade-offs, atomic revoke gap,
vault backend swap).
CLAUDE.md
New "Wiki-location policy" section pinning ./wiki/ as the canonical
location for all project wiki pages. .omc/wiki/ is git-ignored and
must not hold durable knowledge; the wiki_add / wiki_ingest MCP
tools default there and lose pages to gitignore, so the rule is to
use Write directly.
New "/create-pr policy" section documenting the hybrid git-commit /
jj-push / gh-pr workflow required inside Claude Code worktrees,
where jj cannot colocate with an existing git worktree. Outside
worktrees the standard jj-only rule still applies.
Follow-ups (not in this PR):
- Fan out $BUCKET -> $VAULT_BUCKET / $MEMORY_BUCKET / $AUDIT_BUCKET in
scripts/operator-workstation.env, scripts/setup-broker-host.sh,
docs/stage7-demo-and-verification.md, and the role-policy templates.
Arch.md documents the migration but the rename across operator
surfaces is its own change.
- The wiki/agent-role-and-usage-hdkd-per-agent-omni.md page referenced
by CLAUDE.md + arch.md §4a does not exist yet in either location.
Pre-existing dead reference; flagged for separate fix.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
bucket = (data class) × (deployment) × (env),prefix = wallet. Documents why one bucket cannot hold vault + memory + audit (bucket-level config matrix), and the$BUCKET→$VAULT_BUCKET/$MEMORY_BUCKET/$AUDIT_BUCKETfan-out.vault_bucket/memory_bucket/audit_bucket.vault_bucket; new row 5 "Egress enforcement" so the future broker-proxy has a documented pluggable slot../wiki/is canonical;.omc/wiki/is gitignored scratch; don't usewiki_add/wiki_ingestMCP tools — they default to the wrong place) + new/create-prpolicy (hybridgit commit/jj git push/gh pr createworkflow inside Claude Code worktrees wherejjcannot colocate; jj-only outside worktrees).Why
Recent design conversations surfaced that the §6 STS-to-vault pipeline subsumes two semantically distinct cases that arch.md did not distinguish:
Operators reading §6 alone could not tell which payload is which. The two cases differ on revocation, blast radius, and what the provisioner must do. Pinning the split as §4b + a wiki page makes the design intent legible.
Separately: S3 bucket-level configuration (Versioning, Object Lock, BucketEncryption, Lifecycle, CloudTrail data events) cannot be set per-prefix, and vault / memory / audit have conflicting requirements on every dimension. Wallet-as-prefix is sufficient for per-actor isolation but cannot replace per-data-class bucket separation. §7a documents this orthogonality.
Test plan
arch.mdrenders cleanly on GitHub (new tables, mermaid unchanged).wiki/upstream-backend-classes-exercise-vs-distribution.mdrenders cleanly on GitHub (relative links resolve to../docs/spec/...,../crates/..., sibling./key-security.md).grep -rn "\.omc/wiki" --include="*.md"returns zero hits (all references migrated towiki/).arch.md§3a + §4b + §7 + §7a cross-link to each other and to the wiki page without dead links.Follow-ups (not in this PR)
$BUCKET→$VAULT_BUCKET/$MEMORY_BUCKET/$AUDIT_BUCKETacrossscripts/operator-workstation.env,scripts/setup-broker-host.sh,docs/stage7-demo-and-verification.md, and the role-policy templates. Arch.md documents the migration; the rename across operator surfaces is its own change.wiki/agent-role-and-usage-hdkd-per-agent-omni.mdis referenced by CLAUDE.md + arch.md §4a but does not exist anywhere yet (pre-existing dead reference).