Doss
A user-owned, cross-platform vault for long-term personal preferences, synced across devices with owner-controlled public disclosure.
Doss is short for dossier — the file you keep on someone. Here it’s the file you keep on yourself: one place that holds who you are, that you own, and that decides for itself how much of you the outside world gets to see.
The idea in one screen
- For your agent — long-term memory as plain md/yaml files. Remember = write a file, recall = read a file. Zero ceremony.
- For everyone else —
policy.yamlsays which verified groups may see each topic asfull,rough, orno(default: nothing). A host can generate a requester-scopeddoss view, and allowed disclosures are logged. - The other side installs nothing. Useful at n=1 (multi-device memory + disclosure discipline); upgrades when both sides run it.
One vault per machine, synced across your devices with git. Your agents work with plain files on the hot path; a small CLI handles validation, sync, disclosure rules, and the audit log.
Why plain files
Coding agents are already fluent in ls, grep, and editing files. Doss meets them there instead of behind a heavyweight tool API: reading and writing memory is ordinary file I/O, always. The rules for what may leave live in files too — the agent reads them like any other file.
Where to go next
- Getting started — install and set up your vault
- Concepts — the vault, disclosure, device access, multi-device
- Commands — the full CLI reference
- How it works — the detailed mechanics and failure modes
Doss is v0. On a machine where the agent can read your files directly, the
disclosure rules are discipline plus an audit log, not a hard wall. The
hard guarantee needs a serving layer with no raw vault access; doss view
is the local building block for that serving layer. See
How it works.