Client tagging on canonical writes — every observation carries the client that produced it, and every canonical entity carries the materialized set of clients that can see it

The canonical layer (persons, organizations, events, locations on SurrealDB main/main) is cross-client by design — one row per real-world entity, deliberately shareable across reach-edu, humain-vc, and any future client. That sharing is the point. But the operator still needs to know, at a glance, *which clients have touched this entity*: who first surfaced them, who's edited them since, who currently has them visible in their workspace. The pattern: every observation carries a `client` field; every entity carries a materialized `client_access` array (sorted by first-touch time). Reads are filtered by `WHERE client_access CONTAINS '<current-workspace-slug>'`. Writes always stamp the current workspace into the observation. Three forms of 'touched' (entered, updated, currently available) all collapse into the observation log — no separate access table, no separate audit table.