Split user-engine implementation planning

docs/responsibility-map.md

@@ -92,6 +92,14 @@ and what NetKingdom is responsible for (meta-orchestration).
 | **Repo owns** | the authorization registry, control plane, and PDP adapters |
 | **NetKingdom orchestrates** | the decision-envelope contract fed by IAM Profile v0.2 claims; platform vs tenant policy boundaries; which protected systems/resources are registered; policy-package import and governance; audit retention; authorization-trust readiness |
 
+### `user-engine` — user-domain/profile service
+
+| | |
+| --- | --- |
+| **Resources held** | user account records, external identity links, profile and preference values, tenant/application/team memberships, application profile catalogs, projections, user-domain audit and lifecycle events |
+| **Repo owns** | the headless user-domain service, profile/catalog resolver, projection APIs, local persistence, outbox events, and implementation tests |
+| **NetKingdom orchestrates** | source-of-truth boundaries with IAM and flex-auth; tenant/platform administration boundaries; application onboarding bindings; membership synchronization rules; projection and claims-enrichment boundaries; audit correlation requirements |
+
 ---
 
 ## Resource Kinds NetKingdom Orchestrates (cross-cutting)
@@ -101,6 +109,9 @@ cross-landscape management of:
 
 - **Identities** — humans, service accounts, agents, groups, tenants,
   and assurance evidence as normalized by the IAM Profile
+- **User-domain facts** — account state, identity links, profile data,
+  preferences, memberships, and application catalog ownership as managed by
+  user-engine
 - **Roles, scopes, and policies** — coarse claims through fine-grained
   authorization
 - **Secrets and credentials** — bootstrap material and runtime secret