feat: team sync — cross-user observation sharing with author attribution

[Chelu97]

Problem

I work on personal projects with my brother, and we both use Claude Code with engram
as our persistent memory system. We have a shared cloud server syncing our observations,
but each user can only see their own data. There's no way for my AI agent to know what
my brother's agent discovered, decided, or fixed — and vice versa.

This defeats the purpose of having a shared cloud: two developers working on the same
codebase, both using AI agents, but their agents are completely blind to each other's work.

Solution

Team Sync — an opt-in (enabled by default) mechanism that shares observation
memories between users enrolled in the same project, with full author attribution.

How it works

1. Users enroll in projects: engram cloud enroll <project>
2. When pulling mutations, the server checks enrollment overlap — if two users are
   enrolled in the same project, their observations are shared
3. Each cross-user observation carries the author's username, so the AI agent can
   distinguish "this was discovered by fernando" vs "this is my own memory"
4. Personal-scoped observations (scope: personal) are never shared
5. Only observations are shared — sessions and prompts remain private

MCP display

When searching or viewing context, authored observations show attribution:

- [bugfix] Fixed N+1 query in UserList (by fernando)
- [architecture] sdd-init/factuarea

The AI agent sees exactly who wrote each memory and can reason about it accordingly.

Changes

New files

File	Description
internal/cloud/cloudstore/team_sync.go	Server-side enrollment CRUD + cross-user pull query
internal/cloud/cloudstore/team_sync_test.go	16 tests: security boundaries, isolation, author attribution
internal/cloud/remote/team_sync_test.go	12 tests: transport client methods, query params, error handling
cmd/engram/cloud_config_test.go	10 tests: config defaults, env var overrides

Modified files

File	Change
cmd/engram/main.go	TeamSync config field, enrollment push on enroll/unenroll
internal/cloud/autosync/manager.go	Propagate Author from pull to local store
internal/cloud/cloudserver/cloudserver.go	Register enrollment routes
internal/cloud/cloudserver/push_pull.go	team_sync query param + enrollment handlers
internal/cloud/cloudstore/cloudstore.go	Author field on CloudMutation
internal/cloud/cloudstore/schema.go	cloud_project_enrollments table
internal/cloud/remote/transport.go	SetTeamSync(), enrollment client methods
internal/mcp/mcp.go	Author display in search/context/get
internal/store/store.go	Author field across all structs, SQL queries, echo protection
internal/store/store_test.go	Updated legacy test fixtures for author column

Stats

• ~1,600 lines net (including ~1,100 lines of tests)
• 38 test cases covering enrollment CRUD, cross-user visibility, personal scope
  exclusion, project isolation, transport client, config defaults, env var overrides

Backward Compatibility

• Fully backward compatible — Author uses json:"author,omitempty", invisible to older clients
• Safe default — team sync is enabled by default, but requires explicit enrollment
  (engram cloud enroll <project>) to activate. No enrollments = identical behavior to current version
• Schema safe — new table uses CREATE TABLE IF NOT EXISTS, author column uses addColumnIfNotExists
• Opt-out — set "team_sync": false in cloud.json or ENGRAM_TEAM_SYNC=false env var

Security considerations

• Personal-scoped observations are never shared (filtered server-side in SQL)
• Sessions and prompts are never shared (only entity type observation crosses user boundaries)
• Enrollment is bilateral — both users must be enrolled in the same project for sharing to work
• No enrollment = no data leakage, even with team_sync enabled

Test plan

• Enrollment CRUD (enroll, unenroll, sync, list, idempotency)
• Cross-user observation pull with author attribution
• Personal scope exclusion
• Session/prompt entity exclusion
• Project isolation (no leakage between unrelated projects)
• Own-mutation inclusion (user's own data always returned)
• Pagination with cross-user mutations
• Author preservation on re-upsert (echo protection)
• Transport client methods (SyncEnrollments, ListEnrollments, SetTeamSync)
• PullMutations team_sync query param
• CloudConfig.IsTeamSyncEnabled() defaults and env var override

🤖 Generated with Claude Code

[Alan-TheGentleman]

Hey @Chelu97, this is a great feature — team sync with author attribution is exactly the kind of thing we want for cloud sync. However, the cloud packages have been removed from the public repo while we continue development in a separate repository.

When cloud sync ships publicly, team sync will be a priority feature. We'll reference this PR when we get there. Thanks for the thorough implementation and tests!