Local-first coordination for agent teams

Version control built around attempts, overlays, memory, and evidence.

Haven gives coding agents a native workspace model: isolated mounts, persistent project memory, claimable paths, verifiable evidence, and deterministic orchestration before anything becomes accepted state.

Start with the CLI See the hosted path

Model: Overlay-native
State: Local-first
Hosted: Native graph, not Git

$ hvn goal create "Ship auth"
$ hvn agent start --goal ship-auth
mounted .hvn/mounts/agent-81

$ hvn evidence add agent-81 "go test ./..."
$ hvn submit agent-81 \
  --claim "Auth flow implemented"

Why Git and worktrees break down

Multi-agent work is not branch work with more terminals.

Git is excellent at human-authored history. It is awkward as the live coordination layer for many agents because branches do not know why an agent is working, which paths it owns, what evidence proves completion, or which project memory should travel with the attempt.

Worktrees expose files

They do not model attempts, claims, evidence, decisions, or agent run state.

Branches hide intent

Reviewers reconstruct goals from commits, chat logs, and scattered test output.

Haven stores the graph

Accepted base, overlays, attempts, claims, evidence, and memory stay together.

Git stays compatible

Export to Git when needed. Do not make Git the agent coordination model.

Local-first CLI

Ordinary shell tools inside isolated Haven mounts.

Agents work in normal directories. Haven reconciles those mounts into overlay manifests, rebases them onto the accepted base, and refuses unresolved conflicts before integration.

Mount

Create an attempt, materialize a workspace, and keep the root project as accepted state.

Prove

Attach test output, screenshots, notes, and claims directly to the attempt.

Integrate

Rebase safe overlays, stop on real conflicts, then accept with an auditable decision.

hvn.dev hosted path

Hosted Haven should ingest native Haven state, not recreate pull requests.

Public and open source

Public Haven projects should be free: accepted source, static bundles, goals, attempts, evidence, and read-only review metadata with fair-use limits that protect the service instead of blocking legitimate work.

Private commercial work

Private projects should be paid because they need protected storage, auth, team access, private evidence, longer retention, and trust controls.

Public-good compute

Donated public-good compute is a future experiment: opt-in, capped, auditable, and isolated from private code, secrets, and memory.

Security posture

Agent access needs narrow authority and visible audit trails.

Haven treats repository content, prompts, evidence, and model output as untrusted. Hosted mutation stays gated behind explicit capabilities, upload manifests, secret scanning, and append-only audit events.

Private by default. Public visibility is an explicit owner decision.
Scoped tokens. Grants can be narrowed by project, attempt, path, object, verb, and expiry.
Upload allowlists. Ignored files, mounts, envs, caches, and local databases stay out.
Object graph source of truth. Hosted views serve declared Haven artifacts, not arbitrary archives.

Weekend roadmap

Small surface area, real coordination value.

Friday
Polish static remotes

Make push, fetch, pull, status, and clone boring on local/file remotes.
Saturday
Ship collaboration state

Goals, attempts, claims, evidence, decisions, and review metadata travel with the project.
Sunday
Open the viewer path

Prepare hvn.dev ingestion around bundles and static objects before any hosted mutation.

Agent-native by default

Stop reconstructing agent work from side channels.

Keep the work, proof, memory, and orchestration state in the same system from first attempt to accepted base.

Review the CLI flow