Skip to content

Add privacy-preserving search receipts#406

Open
HarperZ9 wants to merge 1 commit into
zilliztech:masterfrom
HarperZ9:telos-search-receipt
Open

Add privacy-preserving search receipts#406
HarperZ9 wants to merge 1 commit into
zilliztech:masterfrom
HarperZ9:telos-search-receipt

Conversation

@HarperZ9

@HarperZ9 HarperZ9 commented Jun 29, 2026

Copy link
Copy Markdown

Summary

Refs #382.

This adds an optional includeReceipt flag to the MCP search_code tool. When enabled, the existing search response is preserved and a privacy-preserving JSON receipt is appended with:

  • receipt_id, query_hash, codebase_path_hash, and index_snapshot_id
  • result_count
  • per-result rank, score bucket, source range, source path hash, chunk hash, and dedupe key

The receipt intentionally avoids raw query text, raw code content, raw local codebase paths, and raw relative file paths.

Why

Issue #382 proposes a retrieval-boundary receipt that lets downstream clients or eval harnesses correlate returned search results with later loaded context chunks without requiring Claude Context to own full agent telemetry.

Validation

Current local validation on Windows, 2026-07-02:

  • pnpm install --frozen-lockfile --config.dangerouslyAllowAllBuilds=true
  • pnpm --filter @zilliz/claude-context-core build
  • pnpm --filter @zilliz/claude-context-mcp exec node --import tsx --test src/handlers.search-receipt.test.ts
  • pnpm --filter @zilliz/claude-context-mcp test
  • pnpm --filter @zilliz/claude-context-mcp typecheck

All of the above pass. The install flag is only to make pnpm 11's build-script approval gate non-interactive in local verification; it does not change the package code.

@HarperZ9 HarperZ9 marked this pull request as ready for review June 29, 2026 17:22
@Necmttn

Necmttn commented Jun 30, 2026

Copy link
Copy Markdown

Did a focused pass on this first slice against the receipt shape discussed in #382.

Local validation from a temp checkout of the PR head:

  • corepack pnpm install --frozen-lockfile
  • PATH="/tmp/ax-bin:$PATH" corepack pnpm --filter @zilliz/claude-context-core build
  • PATH="/tmp/ax-bin:$PATH" corepack pnpm --filter @zilliz/claude-context-mcp exec node --import tsx --test src/handlers.search-receipt.test.ts
  • PATH="/tmp/ax-bin:$PATH" corepack pnpm --filter @zilliz/claude-context-mcp typecheck

The focused receipt test passes, and MCP typecheck passes. I do not see a blocker from this pass. The narrow includeReceipt seam keeps the normal search result path opt-in, and the test covers the main privacy boundary I cared about: raw query, chunk content, relative path, and codebase path do not appear in the receipt JSON.

Generated with ax.

@HarperZ9

HarperZ9 commented Jul 2, 2026

Copy link
Copy Markdown
Author

Fresh local verification from a Windows checkout of this PR head (8f6758617bfcc0387179febf99098d358a30a680):

  • pnpm install --frozen-lockfile --config.dangerouslyAllowAllBuilds=true
  • pnpm --filter @zilliz/claude-context-core build
  • pnpm --filter @zilliz/claude-context-mcp exec node --import tsx --test src/handlers.search-receipt.test.ts
  • pnpm --filter @zilliz/claude-context-mcp test
  • pnpm --filter @zilliz/claude-context-mcp typecheck

All passed. The install flag is just to make pnpm 11's build-script approval gate non-interactive locally; it does not require or imply a code change.

The focused receipt test also verifies the key privacy boundary: the receipt includes hashes/ranks/ranges, while raw query text, raw chunk content, raw relative path, and raw codebase path are absent from the receipt JSON.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants