@agenticmail/core 0.9.7 → 0.9.9

package/README.md

@@ -188,6 +188,18 @@ Uses your existing Gmail or Outlook account as a middleman. This is the easiest
 
 **Deduplication:** The system tracks delivered messages by (message_id, agent_name) to prevent the same email from being delivered twice. Sent message tracking keeps up to 10,000 entries in memory for reply routing.
 
+### External inbox exposure — read before enabling the relay
+
+> **The RelayGateway makes every sub-agent publicly reachable from the internet** the moment relay mode is configured (typically via `agenticmail setup-email` or the `gateway/relay` POST). This is by design — agents that can email each other locally aren't very useful for talking to real people — but the implications surprise some operators:
+
+- **Plus-addresses are publicly guessable.** Anyone who knows your relay address can hit `your-relay+secretary@gmail.com`, `your-relay+kepler@gmail.com`, etc. and the corresponding agent's inbox receives the message. The `+sub` part is not a secret.
+- **External mail wakes the dispatcher identically to internal `@localhost` mail.** When an inbound message lands on a watched account, the dispatcher emits an SSE `new-mail` event and the host integration (`@agenticmail/claudecode`, `@agenticmail/codex`) spawns a worker turn. There's no source-based filter — `bob@gmail.com` and `secretary@localhost` are indistinguishable from the wake path's point of view.
+- **The host bridges take a different path.** Mail to `your-relay+claudecode@gmail.com` / `your-relay+codex@gmail.com` routes to `handleBridgeMail`, which uses the host SDK's `resume` option to wake the operator's last session headlessly, falling through to the bridge-escalation email at `setup_operator_email` if resume fails.
+- **Spam = worker turns.** A scraper that guesses a plus-address can drive Claude / Codex invocations at the operator's expense. Throttles in order of escalation:
+  1. The `wake-budget` guard in `dispatcher.handleEvent` (default cap per minute per agent — kicks in automatically).
+  2. Relay-layer spam filtering — the built-in spam filter runs on inbound mail before publishing the SSE event.
+  3. For agents that should be internal-only, set `metadata.host` to a value no dispatcher matches, so the SSE event fires but no host wakes on it.
+
 ### Domain Mode
 
 Full custom domain through Cloudflare. Agents send from `agent@yourdomain.com` with proper email authentication (DKIM, SPF, DMARC).

package/dist/index.cjs

@@ -756,11 +756,13 @@ __export(index_exports, {
   forgetHostSession: () => forgetHostSession,
   getDatabase: () => getDatabase,
   getOperatorEmail: () => getOperatorEmail,
+  getSmsProvider: () => getSmsProvider,
   hostSessionStoragePath: () => hostSessionStoragePath,
   isInternalEmail: () => isInternalEmail,
   isSessionFresh: () => isSessionFresh,
   isValidPhoneNumber: () => isValidPhoneNumber,
   loadHostSession: () => loadHostSession,
+  mapProviderSmsStatus: () => mapProviderSmsStatus,
   normalizeAddress: () => normalizeAddress,
   normalizePhoneNumber: () => normalizePhoneNumber,
   normalizeSubject: () => normalizeSubject,
@@ -770,6 +772,7 @@ __export(index_exports, {
   recordToolCall: () => recordToolCall,
   redactObject: () => redactObject,
   redactSecret: () => redactSecret,
+  redactSmsConfig: () => redactSmsConfig,
   resolveConfig: () => resolveConfig,
   safeJoin: () => safeJoin,
   sanitizeEmail: () => sanitizeEmail,
@@ -969,6 +972,14 @@ var MailReceiver = class {
             name: a.name,
             address: a.address ?? ""
           })),
+          cc: (env.cc ?? []).map((a) => ({
+            name: a.name,
+            address: a.address ?? ""
+          })),
+          bcc: (env.bcc ?? []).map((a) => ({
+            name: a.name,
+            address: a.address ?? ""
+          })),
           date: env.date ?? /* @__PURE__ */ new Date(),
           flags: msg.flags ?? /* @__PURE__ */ new Set(),
           size: msg.size ?? 0
@@ -3871,7 +3882,47 @@ var DomainManager = class {
 
 // src/gateway/manager.ts
 var import_node_path4 = require("path");
+
+// src/crypto/secrets.ts
 var import_node_crypto2 = require("crypto");
+function deriveKey(key, salt) {
+  return (0, import_node_crypto2.scryptSync)(key, salt, 32, { N: 16384, r: 8, p: 1 });
+}
+function encryptSecret(plaintext, key) {
+  const salt = (0, import_node_crypto2.randomBytes)(16);
+  const derivedKey = deriveKey(key, salt);
+  const iv = (0, import_node_crypto2.randomBytes)(12);
+  const cipher = (0, import_node_crypto2.createCipheriv)("aes-256-gcm", derivedKey, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  return `enc2:${salt.toString("hex")}:${iv.toString("hex")}:${authTag.toString("hex")}:${encrypted.toString("hex")}`;
+}
+function decryptSecret(value, key) {
+  if (value.startsWith("enc2:")) {
+    const parts = value.split(":");
+    if (parts.length !== 5) return value;
+    const [, saltHex, ivHex, authTagHex, ciphertextHex] = parts;
+    const derivedKey = deriveKey(key, Buffer.from(saltHex, "hex"));
+    const decipher = (0, import_node_crypto2.createDecipheriv)("aes-256-gcm", derivedKey, Buffer.from(ivHex, "hex"));
+    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
+    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
+  }
+  if (value.startsWith("enc:")) {
+    const parts = value.split(":");
+    if (parts.length !== 4) return value;
+    const [, ivHex, authTagHex, ciphertextHex] = parts;
+    const keyHash = (0, import_node_crypto2.createHash)("sha256").update(key).digest();
+    const decipher = (0, import_node_crypto2.createDecipheriv)("aes-256-gcm", keyHash, Buffer.from(ivHex, "hex"));
+    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
+    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
+  }
+  return value;
+}
+function isEncryptedSecret(value) {
+  return typeof value === "string" && (value.startsWith("enc2:") || value.startsWith("enc:"));
+}
+
+// src/gateway/manager.ts
 var import_nodemailer3 = __toESM(require("nodemailer"), 1);
 
 // src/debug.ts
@@ -5149,6 +5200,130 @@ var import_mail_composer3 = __toESM(require("nodemailer/lib/mail-composer/index.
 init_spam_filter();
 
 // src/sms/manager.ts
+function asString(value) {
+  return typeof value === "string" ? value.trim() : "";
+}
+function defaultApiUrl(config) {
+  const url = (config.apiUrl || "https://api.46elks.com/a1").replace(/\/+$/, "");
+  if (!/^https:\/\//i.test(url)) {
+    throw new Error("46elks apiUrl must use https:// \u2014 refusing to send credentials over a non-TLS connection");
+  }
+  return url;
+}
+function basicAuth(username, password) {
+  return Buffer.from(`${username}:${password}`, "utf8").toString("base64");
+}
+function redactSmsConfig(config) {
+  return {
+    ...config,
+    forwardingPassword: config.forwardingPassword ? "***" : void 0,
+    password: config.password ? "***" : void 0,
+    webhookSecret: config.webhookSecret ? "***" : void 0
+  };
+}
+var GoogleVoiceSmsProvider = class {
+  id = "google_voice";
+  async sendSms(config, input) {
+    const to = normalizePhoneNumber(input.to);
+    const from = normalizePhoneNumber(config.phoneNumber);
+    if (!to) throw new Error("Invalid recipient phone number");
+    if (!from) throw new Error("Invalid configured Google Voice phone number");
+    return {
+      provider: this.id,
+      status: "pending",
+      from,
+      to,
+      body: input.body,
+      raw: {
+        delivery: "manual_google_voice_web",
+        url: "https://voice.google.com"
+      }
+    };
+  }
+  parseInboundSms() {
+    return null;
+  }
+};
+var FortySixElksSmsProvider = class {
+  id = "46elks";
+  async sendSms(config, input) {
+    const username = asString(config.username);
+    const password = asString(config.password);
+    if (!username || !password) {
+      throw new Error("46elks username and password are required");
+    }
+    const to = normalizePhoneNumber(input.to);
+    const from = normalizePhoneNumber(config.phoneNumber);
+    if (!to) throw new Error("Invalid recipient phone number");
+    if (!from) throw new Error("Invalid configured 46elks phone number");
+    const form = new URLSearchParams();
+    form.set("to", to);
+    form.set("from", from);
+    form.set("message", input.body);
+    if (input.dryRun) form.set("dryrun", "yes");
+    const response = await fetch(`${defaultApiUrl(config)}/sms`, {
+      method: "POST",
+      headers: {
+        "Authorization": `Basic ${basicAuth(username, password)}`,
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: form,
+      signal: AbortSignal.timeout(15e3)
+    });
+    const text = await response.text();
+    let raw = text;
+    try {
+      raw = JSON.parse(text);
+    } catch {
+    }
+    if (!response.ok) {
+      const message = typeof raw === "object" && raw && ("message" in raw || "error" in raw) ? String(raw.message ?? raw.error) : text.slice(0, 200);
+      throw new Error(`46elks SMS failed (${response.status}): ${message}`);
+    }
+    const providerId = typeof raw === "object" && raw && "id" in raw ? String(raw.id) : void 0;
+    const providerStatus = typeof raw === "object" && raw && "status" in raw ? String(raw.status) : "sent";
+    return {
+      provider: this.id,
+      id: providerId,
+      status: providerStatus,
+      from,
+      to,
+      body: input.body,
+      raw
+    };
+  }
+  parseInboundSms(payload) {
+    const direction = asString(payload.direction).toLowerCase();
+    if (direction && direction !== "incoming") return null;
+    const from = normalizePhoneNumber(asString(payload.from));
+    const to = normalizePhoneNumber(asString(payload.to));
+    const body = asString(payload.message);
+    if (!from || !to || !body) return null;
+    return {
+      provider: this.id,
+      id: asString(payload.id) || void 0,
+      from,
+      to,
+      body,
+      timestamp: asString(payload.created) || (/* @__PURE__ */ new Date()).toISOString(),
+      raw: payload
+    };
+  }
+};
+var PROVIDERS = {
+  google_voice: new GoogleVoiceSmsProvider(),
+  "46elks": new FortySixElksSmsProvider()
+};
+function getSmsProvider(provider) {
+  return PROVIDERS[provider];
+}
+function mapProviderSmsStatus(status) {
+  const normalized = status.toLowerCase();
+  if (normalized === "delivered") return "delivered";
+  if (normalized === "failed" || normalized === "error") return "failed";
+  if (normalized === "created" || normalized === "queued" || normalized === "sent") return "sent";
+  return "sent";
+}
 function normalizePhoneNumber(raw) {
   const cleaned = raw.replace(/[^+\d]/g, "");
   if (!cleaned) return null;
@@ -5255,12 +5430,48 @@ function extractVerificationCode(smsBody) {
   }
   return null;
 }
+var SMS_SECRET_FIELDS = ["password", "webhookSecret", "forwardingPassword"];
 var SmsManager = class {
-  constructor(db2) {
+  /**
+   * Optional master key used to encrypt SMS credentials at rest (same
+   * AES-256-GCM scheme GatewayManager uses for relay/domain secrets).
+   * When absent (e.g. tests, or a deployment with no master key) configs
+   * are stored as-is and reads tolerate plaintext — so upgrades and
+   * downgrades both stay safe.
+   */
+  constructor(db2, encryptionKey) {
     this.db = db2;
+    this.encryptionKey = encryptionKey;
     this.ensureTable();
   }
   initialized = false;
+  /** Encrypt the credential fields of an SMS config before persisting. */
+  encryptConfig(config) {
+    if (!this.encryptionKey) return config;
+    const out = { ...config };
+    for (const field of SMS_SECRET_FIELDS) {
+      const value = out[field];
+      if (typeof value === "string" && value && !isEncryptedSecret(value)) {
+        out[field] = encryptSecret(value, this.encryptionKey);
+      }
+    }
+    return out;
+  }
+  /** Decrypt the credential fields of an SMS config after loading. */
+  decryptConfig(config) {
+    if (!this.encryptionKey) return config;
+    const out = { ...config };
+    for (const field of SMS_SECRET_FIELDS) {
+      const value = out[field];
+      if (typeof value === "string" && isEncryptedSecret(value)) {
+        try {
+          out[field] = decryptSecret(value, this.encryptionKey);
+        } catch {
+        }
+      }
+    }
+    return out;
+  }
   ensureTable() {
     if (this.initialized) return;
     try {
@@ -5293,18 +5504,19 @@ var SmsManager = class {
       this.initialized = true;
     }
   }
-  /** Get SMS config from agent metadata */
+  /** Get SMS config from agent metadata (credential fields decrypted). */
   getSmsConfig(agentId) {
     const row = this.db.prepare("SELECT metadata FROM agents WHERE id = ?").get(agentId);
     if (!row) return null;
     try {
       const meta = JSON.parse(row.metadata || "{}");
-      return meta.sms && meta.sms.enabled !== void 0 ? meta.sms : null;
+      if (!meta.sms || meta.sms.enabled === void 0) return null;
+      return this.decryptConfig(meta.sms);
     } catch {
       return null;
     }
   }
-  /** Save SMS config to agent metadata */
+  /** Save SMS config to agent metadata (credential fields encrypted). */
   saveSmsConfig(agentId, config) {
     const row = this.db.prepare("SELECT metadata FROM agents WHERE id = ?").get(agentId);
     if (!row) throw new Error(`Agent ${agentId} not found`);
@@ -5314,7 +5526,7 @@ var SmsManager = class {
     } catch {
       meta = {};
     }
-    meta.sms = config;
+    meta.sms = this.encryptConfig(config);
     this.db.prepare("UPDATE agents SET metadata = ?, updated_at = datetime('now') WHERE id = ?").run(JSON.stringify(meta), agentId);
   }
   /**
@@ -5357,27 +5569,50 @@ var SmsManager = class {
     delete meta.sms;
     this.db.prepare("UPDATE agents SET metadata = ?, updated_at = datetime('now') WHERE id = ?").run(JSON.stringify(meta), agentId);
   }
-  /** Record an inbound SMS (parsed from email) */
-  recordInbound(agentId, parsed) {
+  /** Find the agent whose SMS config owns a phone number. */
+  findAgentBySmsNumber(phoneNumber, provider) {
+    const normalized = normalizePhoneNumber(phoneNumber);
+    if (!normalized) return null;
+    const rows = this.db.prepare("SELECT id, metadata FROM agents").all();
+    for (const row of rows) {
+      try {
+        const meta = JSON.parse(row.metadata || "{}");
+        const cfg = meta.sms;
+        if (!cfg?.enabled) continue;
+        if (provider && cfg.provider !== provider) continue;
+        if (normalizePhoneNumber(cfg.phoneNumber) === normalized) {
+          return { agentId: row.id, config: this.decryptConfig(cfg) };
+        }
+      } catch {
+      }
+    }
+    return null;
+  }
+  /** Record an inbound SMS (parsed from email or provider webhook) */
+  recordInbound(agentId, parsed, metadata) {
     const id = `sms_in_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
     const createdAt = parsed.timestamp || (/* @__PURE__ */ new Date()).toISOString();
     this.db.prepare(
-      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at) VALUES (?, ?, ?, ?, ?, ?, ?)"
-    ).run(id, agentId, "inbound", parsed.from, parsed.body, "received", createdAt);
-    return { id, agentId, direction: "inbound", phoneNumber: parsed.from, body: parsed.body, status: "received", createdAt };
+      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at, metadata) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"
+    ).run(id, agentId, "inbound", parsed.from, parsed.body, "received", createdAt, JSON.stringify(metadata ?? {}));
+    return { id, agentId, direction: "inbound", phoneNumber: parsed.from, body: parsed.body, status: "received", createdAt, metadata };
   }
   /** Record an outbound SMS attempt */
-  recordOutbound(agentId, phoneNumber, body, status = "pending") {
+  recordOutbound(agentId, phoneNumber, body, status = "pending", metadata) {
     const id = `sms_out_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const normalized = normalizePhoneNumber(phoneNumber) || phoneNumber;
     this.db.prepare(
-      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at) VALUES (?, ?, ?, ?, ?, ?, ?)"
-    ).run(id, agentId, "outbound", normalized, body, status, now);
-    return { id, agentId, direction: "outbound", phoneNumber: normalized, body, status, createdAt: now };
-  }
-  /** Update SMS status */
-  updateStatus(id, status) {
+      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at, metadata) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"
+    ).run(id, agentId, "outbound", normalized, body, status, now, JSON.stringify(metadata ?? {}));
+    return { id, agentId, direction: "outbound", phoneNumber: normalized, body, status, createdAt: now, metadata };
+  }
+  /** Update SMS status and optional provider metadata */
+  updateStatus(id, status, metadata) {
+    if (metadata) {
+      this.db.prepare("UPDATE sms_messages SET status = ?, metadata = ? WHERE id = ?").run(status, JSON.stringify(metadata), id);
+      return;
+    }
     this.db.prepare("UPDATE sms_messages SET status = ? WHERE id = ?").run(status, id);
   }
   /** List SMS messages for an agent */
@@ -5577,39 +5812,6 @@ var SmsPoller = class {
 };
 
 // src/gateway/manager.ts
-function deriveKey(key, salt) {
-  return (0, import_node_crypto2.scryptSync)(key, salt, 32, { N: 16384, r: 8, p: 1 });
-}
-function encryptSecret(plaintext, key) {
-  const salt = (0, import_node_crypto2.randomBytes)(16);
-  const derivedKey = deriveKey(key, salt);
-  const iv = (0, import_node_crypto2.randomBytes)(12);
-  const cipher = (0, import_node_crypto2.createCipheriv)("aes-256-gcm", derivedKey, iv);
-  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
-  const authTag = cipher.getAuthTag();
-  return `enc2:${salt.toString("hex")}:${iv.toString("hex")}:${authTag.toString("hex")}:${encrypted.toString("hex")}`;
-}
-function decryptSecret(value, key) {
-  if (value.startsWith("enc2:")) {
-    const parts = value.split(":");
-    if (parts.length !== 5) return value;
-    const [, saltHex, ivHex, authTagHex, ciphertextHex] = parts;
-    const derivedKey = deriveKey(key, Buffer.from(saltHex, "hex"));
-    const decipher = (0, import_node_crypto2.createDecipheriv)("aes-256-gcm", derivedKey, Buffer.from(ivHex, "hex"));
-    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
-    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
-  }
-  if (value.startsWith("enc:")) {
-    const parts = value.split(":");
-    if (parts.length !== 4) return value;
-    const [, ivHex, authTagHex, ciphertextHex] = parts;
-    const keyHash = (0, import_node_crypto2.createHash)("sha256").update(key).digest();
-    const decipher = (0, import_node_crypto2.createDecipheriv)("aes-256-gcm", keyHash, Buffer.from(ivHex, "hex"));
-    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
-    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
-  }
-  return value;
-}
 var GatewayManager = class {
   constructor(options) {
     this.options = options;
@@ -8751,11 +8953,13 @@ function parse(raw) {
   forgetHostSession,
   getDatabase,
   getOperatorEmail,
+  getSmsProvider,
   hostSessionStoragePath,
   isInternalEmail,
   isSessionFresh,
   isValidPhoneNumber,
   loadHostSession,
+  mapProviderSmsStatus,
   normalizeAddress,
   normalizePhoneNumber,
   normalizeSubject,
@@ -8765,6 +8969,7 @@ function parse(raw) {
   recordToolCall,
   redactObject,
   redactSecret,
+  redactSmsConfig,
   resolveConfig,
   safeJoin,
   sanitizeEmail,

package/dist/index.d.cts

@@ -37,6 +37,12 @@ interface EmailEnvelope {
     subject: string;
     from: AddressInfo[];
     to: AddressInfo[];
+    /** Cc/Bcc from the IMAP ENVELOPE response. Added so message-view's
+     *  quote-audience backfill can pull the previous rounds' Cc/Bcc
+     *  without a full FETCH BODY round-trip — ENVELOPE already carries
+     *  them, we just weren't surfacing them. */
+    cc?: AddressInfo[];
+    bcc?: AddressInfo[];
     date: Date;
     flags: Set<string>;
     size: number;
@@ -1436,13 +1442,13 @@ declare class RelayBridge {
 declare function startRelayBridge(options: RelayBridgeOptions): RelayBridge;
 
 /**
- * SMS Manager - Google Voice SMS integration
+ * SMS Manager - provider-backed SMS integration
  *
  * How it works:
- * 1. User sets up Google Voice with SMS-to-email forwarding
- * 2. Incoming SMS arrives at Google Voice -> forwarded to email -> lands in agent inbox
- * 3. Agent parses forwarded SMS from email body
- * 4. Outgoing SMS sent via Google Voice web interface (browser automation)
+ * 1. User chooses a provider for the agent phone number
+ * 2. Google Voice uses email forwarding/web instructions
+ * 3. 46elks uses direct API sends and inbound webhooks
+ * 4. All inbound/outbound messages are stored in the SMS table
  *
  * SMS config is stored in agent metadata under the "sms" key.
  */
@@ -1450,16 +1456,24 @@ declare function startRelayBridge(options: RelayBridgeOptions): RelayBridge;
 interface SmsConfig {
     /** Whether SMS is enabled for this agent */
     enabled: boolean;
-    /** Google Voice phone number (e.g. +12125551234) */
+    /** Phone number in E.164 format where possible */
     phoneNumber: string;
     /** The email address Google Voice forwards SMS to (the Gmail used for GV signup) */
-    forwardingEmail: string;
+    forwardingEmail?: string;
     /** App password for forwarding email (only needed if different from relay email) */
     forwardingPassword?: string;
     /** Whether the GV Gmail is the same as the relay email */
     sameAsRelay?: boolean;
-    /** Provider (currently only google_voice) */
-    provider: 'google_voice';
+    /** SMS provider */
+    provider: 'google_voice' | '46elks';
+    /** 46elks API username */
+    username?: string;
+    /** 46elks API password */
+    password?: string;
+    /** Provider API base URL override */
+    apiUrl?: string;
+    /** Secret required on inbound provider webhooks */
+    webhookSecret?: string;
     /** When SMS was configured */
     configuredAt: string;
 }
@@ -1479,6 +1493,37 @@ interface SmsMessage {
     createdAt: string;
     metadata?: Record<string, unknown>;
 }
+interface SendSmsInput {
+    to: string;
+    body: string;
+    dryRun?: boolean;
+}
+interface SendSmsResult {
+    provider: SmsConfig['provider'];
+    id?: string;
+    status: string;
+    from: string;
+    to: string;
+    body: string;
+    raw?: unknown;
+}
+interface InboundSmsEvent {
+    provider: SmsConfig['provider'];
+    id?: string;
+    from: string;
+    to: string;
+    body: string;
+    timestamp: string;
+    raw?: unknown;
+}
+interface SmsProvider {
+    id: SmsConfig['provider'];
+    sendSms(config: SmsConfig, input: SendSmsInput): Promise<SendSmsResult>;
+    parseInboundSms(payload: Record<string, unknown>): InboundSmsEvent | null;
+}
+declare function redactSmsConfig(config: SmsConfig): SmsConfig;
+declare function getSmsProvider(provider: SmsConfig['provider']): SmsProvider;
+declare function mapProviderSmsStatus(status: string): SmsMessage['status'];
 /** Normalize a phone number to E.164-ish format (+1XXXXXXXXXX) */
 declare function normalizePhoneNumber(raw: string): string | null;
 /** Validate a phone number (basic) */
@@ -1500,12 +1545,24 @@ declare function parseGoogleVoiceSms(emailBody: string, emailFrom: string): Pars
 declare function extractVerificationCode(smsBody: string): string | null;
 declare class SmsManager {
     private db;
+    private encryptionKey?;
     private initialized;
-    constructor(db: Database);
+    /**
+     * Optional master key used to encrypt SMS credentials at rest (same
+     * AES-256-GCM scheme GatewayManager uses for relay/domain secrets).
+     * When absent (e.g. tests, or a deployment with no master key) configs
+     * are stored as-is and reads tolerate plaintext — so upgrades and
+     * downgrades both stay safe.
+     */
+    constructor(db: Database, encryptionKey?: string | undefined);
+    /** Encrypt the credential fields of an SMS config before persisting. */
+    private encryptConfig;
+    /** Decrypt the credential fields of an SMS config after loading. */
+    private decryptConfig;
     private ensureTable;
-    /** Get SMS config from agent metadata */
+    /** Get SMS config from agent metadata (credential fields decrypted). */
     getSmsConfig(agentId: string): SmsConfig | null;
-    /** Save SMS config to agent metadata */
+    /** Save SMS config to agent metadata (credential fields encrypted). */
     saveSmsConfig(agentId: string, config: SmsConfig): void;
     /**
      * Resolve the operator's "where do I get pinged" address from an
@@ -1531,12 +1588,17 @@ declare class SmsManager {
     getAlertEmail(agentId: string): string | null;
     /** Remove SMS config from agent metadata */
     removeSmsConfig(agentId: string): void;
-    /** Record an inbound SMS (parsed from email) */
-    recordInbound(agentId: string, parsed: ParsedSms): SmsMessage;
+    /** Find the agent whose SMS config owns a phone number. */
+    findAgentBySmsNumber(phoneNumber: string, provider?: SmsConfig['provider']): {
+        agentId: string;
+        config: SmsConfig;
+    } | null;
+    /** Record an inbound SMS (parsed from email or provider webhook) */
+    recordInbound(agentId: string, parsed: ParsedSms, metadata?: Record<string, unknown>): SmsMessage;
     /** Record an outbound SMS attempt */
-    recordOutbound(agentId: string, phoneNumber: string, body: string, status?: 'pending' | 'sent' | 'failed'): SmsMessage;
-    /** Update SMS status */
-    updateStatus(id: string, status: SmsMessage['status']): void;
+    recordOutbound(agentId: string, phoneNumber: string, body: string, status?: 'pending' | 'sent' | 'failed', metadata?: Record<string, unknown>): SmsMessage;
+    /** Update SMS status and optional provider metadata */
+    updateStatus(id: string, status: SmsMessage['status'], metadata?: Record<string, unknown>): void;
     /** List SMS messages for an agent */
     listMessages(agentId: string, opts?: {
         direction?: 'inbound' | 'outbound';
@@ -2562,4 +2624,4 @@ declare class AgentMemoryStore {
     renderForPrompt(memory: AgentMemoryRead | null): string;
 }
 
-export { AGENT_ROLES, AccountManager, type AddressInfo, type Agent, AgentDeletionService, type AgentMemoryFields, type AgentMemoryOptions, type AgentMemoryRead, AgentMemoryStore, type AgentRole, AgenticMailClient, type AgenticMailClientOptions, type AgenticMailConfig, type ArchiveAndDeleteOptions, type ArchivedEmail, type Attachment, type AttachmentAdvisory, type CachedMessage, CloudflareClient, type CreateAgentOptions, DEFAULT_AGENT_NAME, DEFAULT_AGENT_ROLE, DEFAULT_SESSION_MAX_AGE_MS, DNSConfigurator, type Database, type DeletionReport, type DeletionSummary, DependencyChecker, DependencyInstaller, type DependencyStatus, type DnsRecord, type DnsSetupResult, type DomainInfo, DomainManager, type DomainModeConfig, type DomainPurchaseResult, DomainPurchaser, type DomainSearchResult, type DomainSetupResult, type EmailEnvelope, type EmailRouteAction, type EmailRouteClass, type EmailRouteClassification, type EmailRouteInput, EmailSearchIndex, type FolderInfo, type GatewayConfig, GatewayManager, type GatewayManagerOptions, type GatewayMode, type GatewayStatus, type HostName, type HostSession, type InboundEmail, type InboxEvent, type InboxExpungeEvent, type InboxFlagsEvent, type InboxNewEvent, InboxWatcher, type InboxWatcherOptions, type InstallProgress, type LinkAdvisory, type LocalSmtpConfig, MailReceiver, type MailReceiverOptions, MailSender, type MailSenderOptions, type MailboxInfo, type OutboundCategory, type OutboundScanInput, type OutboundScanResult, type OutboundWarning, type ParsedAttachment, type ParsedEmail, type ParsedSms, PathTraversalError, type PurchasedDomain, REDACTED, RELAY_PRESETS, RelayBridge, type RelayBridgeOptions, type RelayConfig, RelayGateway, type RelayProvider, type RelaySearchResult, SPAM_THRESHOLD, type SafeJoinOptions, type SanitizeDetection, type SanitizeResult, type SearchCriteria, type SearchableEmail, type SecurityAdvisory, type SendMailOptions, type SendResult, type SendResultWithRaw, ServiceManager, type ServiceStatus, type SetupConfig, SetupManager, type SetupResult, type Severity, type SmsConfig, SmsManager, type SmsMessage, SmsPoller, type SpamCategory, type SpamResult, type SpamRuleMatch, StalwartAdmin, type StalwartAdminOptions, type StalwartPrincipal, ThreadCache, type ThreadCacheEntry, type ThreadCacheOptions, type ThreadIdInput, type TunnelConfig, TunnelManager, UnsafeApiUrlError, WARNING_THRESHOLD, type WatcherOptions, assertWithinBase, buildApiUrl, buildInboundSecurityAdvisory, classifyEmailRoute, closeDatabase, createTestDatabase, debug, debugWarn, ensureDataDir, extractVerificationCode, flushTelemetry, forgetHostSession, getDatabase, getOperatorEmail, hostSessionStoragePath, isInternalEmail, isSessionFresh, isValidPhoneNumber, loadHostSession, normalizeAddress, normalizePhoneNumber, normalizeSubject, operatorPrefsStoragePath, parseEmail, parseGoogleVoiceSms, recordToolCall, redactObject, redactSecret, resolveConfig, safeJoin, sanitizeEmail, saveConfig, saveHostSession, scanOutboundEmail, scoreEmail, setOperatorEmail, setTelemetryVersion, startRelayBridge, threadIdFor, tryJoin, validateApiUrl };
+export { AGENT_ROLES, AccountManager, type AddressInfo, type Agent, AgentDeletionService, type AgentMemoryFields, type AgentMemoryOptions, type AgentMemoryRead, AgentMemoryStore, type AgentRole, AgenticMailClient, type AgenticMailClientOptions, type AgenticMailConfig, type ArchiveAndDeleteOptions, type ArchivedEmail, type Attachment, type AttachmentAdvisory, type CachedMessage, CloudflareClient, type CreateAgentOptions, DEFAULT_AGENT_NAME, DEFAULT_AGENT_ROLE, DEFAULT_SESSION_MAX_AGE_MS, DNSConfigurator, type Database, type DeletionReport, type DeletionSummary, DependencyChecker, DependencyInstaller, type DependencyStatus, type DnsRecord, type DnsSetupResult, type DomainInfo, DomainManager, type DomainModeConfig, type DomainPurchaseResult, DomainPurchaser, type DomainSearchResult, type DomainSetupResult, type EmailEnvelope, type EmailRouteAction, type EmailRouteClass, type EmailRouteClassification, type EmailRouteInput, EmailSearchIndex, type FolderInfo, type GatewayConfig, GatewayManager, type GatewayManagerOptions, type GatewayMode, type GatewayStatus, type HostName, type HostSession, type InboundEmail, type InboundSmsEvent, type InboxEvent, type InboxExpungeEvent, type InboxFlagsEvent, type InboxNewEvent, InboxWatcher, type InboxWatcherOptions, type InstallProgress, type LinkAdvisory, type LocalSmtpConfig, MailReceiver, type MailReceiverOptions, MailSender, type MailSenderOptions, type MailboxInfo, type OutboundCategory, type OutboundScanInput, type OutboundScanResult, type OutboundWarning, type ParsedAttachment, type ParsedEmail, type ParsedSms, PathTraversalError, type PurchasedDomain, REDACTED, RELAY_PRESETS, RelayBridge, type RelayBridgeOptions, type RelayConfig, RelayGateway, type RelayProvider, type RelaySearchResult, SPAM_THRESHOLD, type SafeJoinOptions, type SanitizeDetection, type SanitizeResult, type SearchCriteria, type SearchableEmail, type SecurityAdvisory, type SendMailOptions, type SendResult, type SendResultWithRaw, type SendSmsInput, type SendSmsResult, ServiceManager, type ServiceStatus, type SetupConfig, SetupManager, type SetupResult, type Severity, type SmsConfig, SmsManager, type SmsMessage, SmsPoller, type SmsProvider, type SpamCategory, type SpamResult, type SpamRuleMatch, StalwartAdmin, type StalwartAdminOptions, type StalwartPrincipal, ThreadCache, type ThreadCacheEntry, type ThreadCacheOptions, type ThreadIdInput, type TunnelConfig, TunnelManager, UnsafeApiUrlError, WARNING_THRESHOLD, type WatcherOptions, assertWithinBase, buildApiUrl, buildInboundSecurityAdvisory, classifyEmailRoute, closeDatabase, createTestDatabase, debug, debugWarn, ensureDataDir, extractVerificationCode, flushTelemetry, forgetHostSession, getDatabase, getOperatorEmail, getSmsProvider, hostSessionStoragePath, isInternalEmail, isSessionFresh, isValidPhoneNumber, loadHostSession, mapProviderSmsStatus, normalizeAddress, normalizePhoneNumber, normalizeSubject, operatorPrefsStoragePath, parseEmail, parseGoogleVoiceSms, recordToolCall, redactObject, redactSecret, redactSmsConfig, resolveConfig, safeJoin, sanitizeEmail, saveConfig, saveHostSession, scanOutboundEmail, scoreEmail, setOperatorEmail, setTelemetryVersion, startRelayBridge, threadIdFor, tryJoin, validateApiUrl };

package/dist/index.d.ts

@@ -37,6 +37,12 @@ interface EmailEnvelope {
     subject: string;
     from: AddressInfo[];
     to: AddressInfo[];
+    /** Cc/Bcc from the IMAP ENVELOPE response. Added so message-view's
+     *  quote-audience backfill can pull the previous rounds' Cc/Bcc
+     *  without a full FETCH BODY round-trip — ENVELOPE already carries
+     *  them, we just weren't surfacing them. */
+    cc?: AddressInfo[];
+    bcc?: AddressInfo[];
     date: Date;
     flags: Set<string>;
     size: number;
@@ -1436,13 +1442,13 @@ declare class RelayBridge {
 declare function startRelayBridge(options: RelayBridgeOptions): RelayBridge;
 
 /**
- * SMS Manager - Google Voice SMS integration
+ * SMS Manager - provider-backed SMS integration
  *
  * How it works:
- * 1. User sets up Google Voice with SMS-to-email forwarding
- * 2. Incoming SMS arrives at Google Voice -> forwarded to email -> lands in agent inbox
- * 3. Agent parses forwarded SMS from email body
- * 4. Outgoing SMS sent via Google Voice web interface (browser automation)
+ * 1. User chooses a provider for the agent phone number
+ * 2. Google Voice uses email forwarding/web instructions
+ * 3. 46elks uses direct API sends and inbound webhooks
+ * 4. All inbound/outbound messages are stored in the SMS table
  *
  * SMS config is stored in agent metadata under the "sms" key.
  */
@@ -1450,16 +1456,24 @@ declare function startRelayBridge(options: RelayBridgeOptions): RelayBridge;
 interface SmsConfig {
     /** Whether SMS is enabled for this agent */
     enabled: boolean;
-    /** Google Voice phone number (e.g. +12125551234) */
+    /** Phone number in E.164 format where possible */
     phoneNumber: string;
     /** The email address Google Voice forwards SMS to (the Gmail used for GV signup) */
-    forwardingEmail: string;
+    forwardingEmail?: string;
     /** App password for forwarding email (only needed if different from relay email) */
     forwardingPassword?: string;
     /** Whether the GV Gmail is the same as the relay email */
     sameAsRelay?: boolean;
-    /** Provider (currently only google_voice) */
-    provider: 'google_voice';
+    /** SMS provider */
+    provider: 'google_voice' | '46elks';
+    /** 46elks API username */
+    username?: string;
+    /** 46elks API password */
+    password?: string;
+    /** Provider API base URL override */
+    apiUrl?: string;
+    /** Secret required on inbound provider webhooks */
+    webhookSecret?: string;
     /** When SMS was configured */
     configuredAt: string;
 }
@@ -1479,6 +1493,37 @@ interface SmsMessage {
     createdAt: string;
     metadata?: Record<string, unknown>;
 }
+interface SendSmsInput {
+    to: string;
+    body: string;
+    dryRun?: boolean;
+}
+interface SendSmsResult {
+    provider: SmsConfig['provider'];
+    id?: string;
+    status: string;
+    from: string;
+    to: string;
+    body: string;
+    raw?: unknown;
+}
+interface InboundSmsEvent {
+    provider: SmsConfig['provider'];
+    id?: string;
+    from: string;
+    to: string;
+    body: string;
+    timestamp: string;
+    raw?: unknown;
+}
+interface SmsProvider {
+    id: SmsConfig['provider'];
+    sendSms(config: SmsConfig, input: SendSmsInput): Promise<SendSmsResult>;
+    parseInboundSms(payload: Record<string, unknown>): InboundSmsEvent | null;
+}
+declare function redactSmsConfig(config: SmsConfig): SmsConfig;
+declare function getSmsProvider(provider: SmsConfig['provider']): SmsProvider;
+declare function mapProviderSmsStatus(status: string): SmsMessage['status'];
 /** Normalize a phone number to E.164-ish format (+1XXXXXXXXXX) */
 declare function normalizePhoneNumber(raw: string): string | null;
 /** Validate a phone number (basic) */
@@ -1500,12 +1545,24 @@ declare function parseGoogleVoiceSms(emailBody: string, emailFrom: string): Pars
 declare function extractVerificationCode(smsBody: string): string | null;
 declare class SmsManager {
     private db;
+    private encryptionKey?;
     private initialized;
-    constructor(db: Database);
+    /**
+     * Optional master key used to encrypt SMS credentials at rest (same
+     * AES-256-GCM scheme GatewayManager uses for relay/domain secrets).
+     * When absent (e.g. tests, or a deployment with no master key) configs
+     * are stored as-is and reads tolerate plaintext — so upgrades and
+     * downgrades both stay safe.
+     */
+    constructor(db: Database, encryptionKey?: string | undefined);
+    /** Encrypt the credential fields of an SMS config before persisting. */
+    private encryptConfig;
+    /** Decrypt the credential fields of an SMS config after loading. */
+    private decryptConfig;
     private ensureTable;
-    /** Get SMS config from agent metadata */
+    /** Get SMS config from agent metadata (credential fields decrypted). */
     getSmsConfig(agentId: string): SmsConfig | null;
-    /** Save SMS config to agent metadata */
+    /** Save SMS config to agent metadata (credential fields encrypted). */
     saveSmsConfig(agentId: string, config: SmsConfig): void;
     /**
      * Resolve the operator's "where do I get pinged" address from an
@@ -1531,12 +1588,17 @@ declare class SmsManager {
     getAlertEmail(agentId: string): string | null;
     /** Remove SMS config from agent metadata */
     removeSmsConfig(agentId: string): void;
-    /** Record an inbound SMS (parsed from email) */
-    recordInbound(agentId: string, parsed: ParsedSms): SmsMessage;
+    /** Find the agent whose SMS config owns a phone number. */
+    findAgentBySmsNumber(phoneNumber: string, provider?: SmsConfig['provider']): {
+        agentId: string;
+        config: SmsConfig;
+    } | null;
+    /** Record an inbound SMS (parsed from email or provider webhook) */
+    recordInbound(agentId: string, parsed: ParsedSms, metadata?: Record<string, unknown>): SmsMessage;
     /** Record an outbound SMS attempt */
-    recordOutbound(agentId: string, phoneNumber: string, body: string, status?: 'pending' | 'sent' | 'failed'): SmsMessage;
-    /** Update SMS status */
-    updateStatus(id: string, status: SmsMessage['status']): void;
+    recordOutbound(agentId: string, phoneNumber: string, body: string, status?: 'pending' | 'sent' | 'failed', metadata?: Record<string, unknown>): SmsMessage;
+    /** Update SMS status and optional provider metadata */
+    updateStatus(id: string, status: SmsMessage['status'], metadata?: Record<string, unknown>): void;
     /** List SMS messages for an agent */
     listMessages(agentId: string, opts?: {
         direction?: 'inbound' | 'outbound';
@@ -2562,4 +2624,4 @@ declare class AgentMemoryStore {
     renderForPrompt(memory: AgentMemoryRead | null): string;
 }
 
-export { AGENT_ROLES, AccountManager, type AddressInfo, type Agent, AgentDeletionService, type AgentMemoryFields, type AgentMemoryOptions, type AgentMemoryRead, AgentMemoryStore, type AgentRole, AgenticMailClient, type AgenticMailClientOptions, type AgenticMailConfig, type ArchiveAndDeleteOptions, type ArchivedEmail, type Attachment, type AttachmentAdvisory, type CachedMessage, CloudflareClient, type CreateAgentOptions, DEFAULT_AGENT_NAME, DEFAULT_AGENT_ROLE, DEFAULT_SESSION_MAX_AGE_MS, DNSConfigurator, type Database, type DeletionReport, type DeletionSummary, DependencyChecker, DependencyInstaller, type DependencyStatus, type DnsRecord, type DnsSetupResult, type DomainInfo, DomainManager, type DomainModeConfig, type DomainPurchaseResult, DomainPurchaser, type DomainSearchResult, type DomainSetupResult, type EmailEnvelope, type EmailRouteAction, type EmailRouteClass, type EmailRouteClassification, type EmailRouteInput, EmailSearchIndex, type FolderInfo, type GatewayConfig, GatewayManager, type GatewayManagerOptions, type GatewayMode, type GatewayStatus, type HostName, type HostSession, type InboundEmail, type InboxEvent, type InboxExpungeEvent, type InboxFlagsEvent, type InboxNewEvent, InboxWatcher, type InboxWatcherOptions, type InstallProgress, type LinkAdvisory, type LocalSmtpConfig, MailReceiver, type MailReceiverOptions, MailSender, type MailSenderOptions, type MailboxInfo, type OutboundCategory, type OutboundScanInput, type OutboundScanResult, type OutboundWarning, type ParsedAttachment, type ParsedEmail, type ParsedSms, PathTraversalError, type PurchasedDomain, REDACTED, RELAY_PRESETS, RelayBridge, type RelayBridgeOptions, type RelayConfig, RelayGateway, type RelayProvider, type RelaySearchResult, SPAM_THRESHOLD, type SafeJoinOptions, type SanitizeDetection, type SanitizeResult, type SearchCriteria, type SearchableEmail, type SecurityAdvisory, type SendMailOptions, type SendResult, type SendResultWithRaw, ServiceManager, type ServiceStatus, type SetupConfig, SetupManager, type SetupResult, type Severity, type SmsConfig, SmsManager, type SmsMessage, SmsPoller, type SpamCategory, type SpamResult, type SpamRuleMatch, StalwartAdmin, type StalwartAdminOptions, type StalwartPrincipal, ThreadCache, type ThreadCacheEntry, type ThreadCacheOptions, type ThreadIdInput, type TunnelConfig, TunnelManager, UnsafeApiUrlError, WARNING_THRESHOLD, type WatcherOptions, assertWithinBase, buildApiUrl, buildInboundSecurityAdvisory, classifyEmailRoute, closeDatabase, createTestDatabase, debug, debugWarn, ensureDataDir, extractVerificationCode, flushTelemetry, forgetHostSession, getDatabase, getOperatorEmail, hostSessionStoragePath, isInternalEmail, isSessionFresh, isValidPhoneNumber, loadHostSession, normalizeAddress, normalizePhoneNumber, normalizeSubject, operatorPrefsStoragePath, parseEmail, parseGoogleVoiceSms, recordToolCall, redactObject, redactSecret, resolveConfig, safeJoin, sanitizeEmail, saveConfig, saveHostSession, scanOutboundEmail, scoreEmail, setOperatorEmail, setTelemetryVersion, startRelayBridge, threadIdFor, tryJoin, validateApiUrl };
+export { AGENT_ROLES, AccountManager, type AddressInfo, type Agent, AgentDeletionService, type AgentMemoryFields, type AgentMemoryOptions, type AgentMemoryRead, AgentMemoryStore, type AgentRole, AgenticMailClient, type AgenticMailClientOptions, type AgenticMailConfig, type ArchiveAndDeleteOptions, type ArchivedEmail, type Attachment, type AttachmentAdvisory, type CachedMessage, CloudflareClient, type CreateAgentOptions, DEFAULT_AGENT_NAME, DEFAULT_AGENT_ROLE, DEFAULT_SESSION_MAX_AGE_MS, DNSConfigurator, type Database, type DeletionReport, type DeletionSummary, DependencyChecker, DependencyInstaller, type DependencyStatus, type DnsRecord, type DnsSetupResult, type DomainInfo, DomainManager, type DomainModeConfig, type DomainPurchaseResult, DomainPurchaser, type DomainSearchResult, type DomainSetupResult, type EmailEnvelope, type EmailRouteAction, type EmailRouteClass, type EmailRouteClassification, type EmailRouteInput, EmailSearchIndex, type FolderInfo, type GatewayConfig, GatewayManager, type GatewayManagerOptions, type GatewayMode, type GatewayStatus, type HostName, type HostSession, type InboundEmail, type InboundSmsEvent, type InboxEvent, type InboxExpungeEvent, type InboxFlagsEvent, type InboxNewEvent, InboxWatcher, type InboxWatcherOptions, type InstallProgress, type LinkAdvisory, type LocalSmtpConfig, MailReceiver, type MailReceiverOptions, MailSender, type MailSenderOptions, type MailboxInfo, type OutboundCategory, type OutboundScanInput, type OutboundScanResult, type OutboundWarning, type ParsedAttachment, type ParsedEmail, type ParsedSms, PathTraversalError, type PurchasedDomain, REDACTED, RELAY_PRESETS, RelayBridge, type RelayBridgeOptions, type RelayConfig, RelayGateway, type RelayProvider, type RelaySearchResult, SPAM_THRESHOLD, type SafeJoinOptions, type SanitizeDetection, type SanitizeResult, type SearchCriteria, type SearchableEmail, type SecurityAdvisory, type SendMailOptions, type SendResult, type SendResultWithRaw, type SendSmsInput, type SendSmsResult, ServiceManager, type ServiceStatus, type SetupConfig, SetupManager, type SetupResult, type Severity, type SmsConfig, SmsManager, type SmsMessage, SmsPoller, type SmsProvider, type SpamCategory, type SpamResult, type SpamRuleMatch, StalwartAdmin, type StalwartAdminOptions, type StalwartPrincipal, ThreadCache, type ThreadCacheEntry, type ThreadCacheOptions, type ThreadIdInput, type TunnelConfig, TunnelManager, UnsafeApiUrlError, WARNING_THRESHOLD, type WatcherOptions, assertWithinBase, buildApiUrl, buildInboundSecurityAdvisory, classifyEmailRoute, closeDatabase, createTestDatabase, debug, debugWarn, ensureDataDir, extractVerificationCode, flushTelemetry, forgetHostSession, getDatabase, getOperatorEmail, getSmsProvider, hostSessionStoragePath, isInternalEmail, isSessionFresh, isValidPhoneNumber, loadHostSession, mapProviderSmsStatus, normalizeAddress, normalizePhoneNumber, normalizeSubject, operatorPrefsStoragePath, parseEmail, parseGoogleVoiceSms, recordToolCall, redactObject, redactSecret, redactSmsConfig, resolveConfig, safeJoin, sanitizeEmail, saveConfig, saveHostSession, scanOutboundEmail, scoreEmail, setOperatorEmail, setTelemetryVersion, startRelayBridge, threadIdFor, tryJoin, validateApiUrl };

package/dist/index.js

@@ -191,6 +191,14 @@ var MailReceiver = class {
             name: a.name,
             address: a.address ?? ""
           })),
+          cc: (env.cc ?? []).map((a) => ({
+            name: a.name,
+            address: a.address ?? ""
+          })),
+          bcc: (env.bcc ?? []).map((a) => ({
+            name: a.name,
+            address: a.address ?? ""
+          })),
           date: env.date ?? /* @__PURE__ */ new Date(),
           flags: msg.flags ?? /* @__PURE__ */ new Set(),
           size: msg.size ?? 0
@@ -3089,7 +3097,47 @@ var DomainManager = class {
 
 // src/gateway/manager.ts
 import { join as join4 } from "path";
+
+// src/crypto/secrets.ts
 import { createCipheriv, createDecipheriv, randomBytes as randomBytes2, createHash, scryptSync } from "crypto";
+function deriveKey(key, salt) {
+  return scryptSync(key, salt, 32, { N: 16384, r: 8, p: 1 });
+}
+function encryptSecret(plaintext, key) {
+  const salt = randomBytes2(16);
+  const derivedKey = deriveKey(key, salt);
+  const iv = randomBytes2(12);
+  const cipher = createCipheriv("aes-256-gcm", derivedKey, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  return `enc2:${salt.toString("hex")}:${iv.toString("hex")}:${authTag.toString("hex")}:${encrypted.toString("hex")}`;
+}
+function decryptSecret(value, key) {
+  if (value.startsWith("enc2:")) {
+    const parts = value.split(":");
+    if (parts.length !== 5) return value;
+    const [, saltHex, ivHex, authTagHex, ciphertextHex] = parts;
+    const derivedKey = deriveKey(key, Buffer.from(saltHex, "hex"));
+    const decipher = createDecipheriv("aes-256-gcm", derivedKey, Buffer.from(ivHex, "hex"));
+    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
+    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
+  }
+  if (value.startsWith("enc:")) {
+    const parts = value.split(":");
+    if (parts.length !== 4) return value;
+    const [, ivHex, authTagHex, ciphertextHex] = parts;
+    const keyHash = createHash("sha256").update(key).digest();
+    const decipher = createDecipheriv("aes-256-gcm", keyHash, Buffer.from(ivHex, "hex"));
+    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
+    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
+  }
+  return value;
+}
+function isEncryptedSecret(value) {
+  return typeof value === "string" && (value.startsWith("enc2:") || value.startsWith("enc:"));
+}
+
+// src/gateway/manager.ts
 import nodemailer3 from "nodemailer";
 
 // src/debug.ts
@@ -4366,6 +4414,130 @@ var TunnelManager = class {
 import MailComposer3 from "nodemailer/lib/mail-composer/index.js";
 
 // src/sms/manager.ts
+function asString(value) {
+  return typeof value === "string" ? value.trim() : "";
+}
+function defaultApiUrl(config) {
+  const url = (config.apiUrl || "https://api.46elks.com/a1").replace(/\/+$/, "");
+  if (!/^https:\/\//i.test(url)) {
+    throw new Error("46elks apiUrl must use https:// \u2014 refusing to send credentials over a non-TLS connection");
+  }
+  return url;
+}
+function basicAuth(username, password) {
+  return Buffer.from(`${username}:${password}`, "utf8").toString("base64");
+}
+function redactSmsConfig(config) {
+  return {
+    ...config,
+    forwardingPassword: config.forwardingPassword ? "***" : void 0,
+    password: config.password ? "***" : void 0,
+    webhookSecret: config.webhookSecret ? "***" : void 0
+  };
+}
+var GoogleVoiceSmsProvider = class {
+  id = "google_voice";
+  async sendSms(config, input) {
+    const to = normalizePhoneNumber(input.to);
+    const from = normalizePhoneNumber(config.phoneNumber);
+    if (!to) throw new Error("Invalid recipient phone number");
+    if (!from) throw new Error("Invalid configured Google Voice phone number");
+    return {
+      provider: this.id,
+      status: "pending",
+      from,
+      to,
+      body: input.body,
+      raw: {
+        delivery: "manual_google_voice_web",
+        url: "https://voice.google.com"
+      }
+    };
+  }
+  parseInboundSms() {
+    return null;
+  }
+};
+var FortySixElksSmsProvider = class {
+  id = "46elks";
+  async sendSms(config, input) {
+    const username = asString(config.username);
+    const password = asString(config.password);
+    if (!username || !password) {
+      throw new Error("46elks username and password are required");
+    }
+    const to = normalizePhoneNumber(input.to);
+    const from = normalizePhoneNumber(config.phoneNumber);
+    if (!to) throw new Error("Invalid recipient phone number");
+    if (!from) throw new Error("Invalid configured 46elks phone number");
+    const form = new URLSearchParams();
+    form.set("to", to);
+    form.set("from", from);
+    form.set("message", input.body);
+    if (input.dryRun) form.set("dryrun", "yes");
+    const response = await fetch(`${defaultApiUrl(config)}/sms`, {
+      method: "POST",
+      headers: {
+        "Authorization": `Basic ${basicAuth(username, password)}`,
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: form,
+      signal: AbortSignal.timeout(15e3)
+    });
+    const text = await response.text();
+    let raw = text;
+    try {
+      raw = JSON.parse(text);
+    } catch {
+    }
+    if (!response.ok) {
+      const message = typeof raw === "object" && raw && ("message" in raw || "error" in raw) ? String(raw.message ?? raw.error) : text.slice(0, 200);
+      throw new Error(`46elks SMS failed (${response.status}): ${message}`);
+    }
+    const providerId = typeof raw === "object" && raw && "id" in raw ? String(raw.id) : void 0;
+    const providerStatus = typeof raw === "object" && raw && "status" in raw ? String(raw.status) : "sent";
+    return {
+      provider: this.id,
+      id: providerId,
+      status: providerStatus,
+      from,
+      to,
+      body: input.body,
+      raw
+    };
+  }
+  parseInboundSms(payload) {
+    const direction = asString(payload.direction).toLowerCase();
+    if (direction && direction !== "incoming") return null;
+    const from = normalizePhoneNumber(asString(payload.from));
+    const to = normalizePhoneNumber(asString(payload.to));
+    const body = asString(payload.message);
+    if (!from || !to || !body) return null;
+    return {
+      provider: this.id,
+      id: asString(payload.id) || void 0,
+      from,
+      to,
+      body,
+      timestamp: asString(payload.created) || (/* @__PURE__ */ new Date()).toISOString(),
+      raw: payload
+    };
+  }
+};
+var PROVIDERS = {
+  google_voice: new GoogleVoiceSmsProvider(),
+  "46elks": new FortySixElksSmsProvider()
+};
+function getSmsProvider(provider) {
+  return PROVIDERS[provider];
+}
+function mapProviderSmsStatus(status) {
+  const normalized = status.toLowerCase();
+  if (normalized === "delivered") return "delivered";
+  if (normalized === "failed" || normalized === "error") return "failed";
+  if (normalized === "created" || normalized === "queued" || normalized === "sent") return "sent";
+  return "sent";
+}
 function normalizePhoneNumber(raw) {
   const cleaned = raw.replace(/[^+\d]/g, "");
   if (!cleaned) return null;
@@ -4472,12 +4644,48 @@ function extractVerificationCode(smsBody) {
   }
   return null;
 }
+var SMS_SECRET_FIELDS = ["password", "webhookSecret", "forwardingPassword"];
 var SmsManager = class {
-  constructor(db2) {
+  /**
+   * Optional master key used to encrypt SMS credentials at rest (same
+   * AES-256-GCM scheme GatewayManager uses for relay/domain secrets).
+   * When absent (e.g. tests, or a deployment with no master key) configs
+   * are stored as-is and reads tolerate plaintext — so upgrades and
+   * downgrades both stay safe.
+   */
+  constructor(db2, encryptionKey) {
     this.db = db2;
+    this.encryptionKey = encryptionKey;
     this.ensureTable();
   }
   initialized = false;
+  /** Encrypt the credential fields of an SMS config before persisting. */
+  encryptConfig(config) {
+    if (!this.encryptionKey) return config;
+    const out = { ...config };
+    for (const field of SMS_SECRET_FIELDS) {
+      const value = out[field];
+      if (typeof value === "string" && value && !isEncryptedSecret(value)) {
+        out[field] = encryptSecret(value, this.encryptionKey);
+      }
+    }
+    return out;
+  }
+  /** Decrypt the credential fields of an SMS config after loading. */
+  decryptConfig(config) {
+    if (!this.encryptionKey) return config;
+    const out = { ...config };
+    for (const field of SMS_SECRET_FIELDS) {
+      const value = out[field];
+      if (typeof value === "string" && isEncryptedSecret(value)) {
+        try {
+          out[field] = decryptSecret(value, this.encryptionKey);
+        } catch {
+        }
+      }
+    }
+    return out;
+  }
   ensureTable() {
     if (this.initialized) return;
     try {
@@ -4510,18 +4718,19 @@ var SmsManager = class {
       this.initialized = true;
     }
   }
-  /** Get SMS config from agent metadata */
+  /** Get SMS config from agent metadata (credential fields decrypted). */
   getSmsConfig(agentId) {
     const row = this.db.prepare("SELECT metadata FROM agents WHERE id = ?").get(agentId);
     if (!row) return null;
     try {
       const meta = JSON.parse(row.metadata || "{}");
-      return meta.sms && meta.sms.enabled !== void 0 ? meta.sms : null;
+      if (!meta.sms || meta.sms.enabled === void 0) return null;
+      return this.decryptConfig(meta.sms);
     } catch {
       return null;
     }
   }
-  /** Save SMS config to agent metadata */
+  /** Save SMS config to agent metadata (credential fields encrypted). */
   saveSmsConfig(agentId, config) {
     const row = this.db.prepare("SELECT metadata FROM agents WHERE id = ?").get(agentId);
     if (!row) throw new Error(`Agent ${agentId} not found`);
@@ -4531,7 +4740,7 @@ var SmsManager = class {
     } catch {
       meta = {};
     }
-    meta.sms = config;
+    meta.sms = this.encryptConfig(config);
     this.db.prepare("UPDATE agents SET metadata = ?, updated_at = datetime('now') WHERE id = ?").run(JSON.stringify(meta), agentId);
   }
   /**
@@ -4574,27 +4783,50 @@ var SmsManager = class {
     delete meta.sms;
     this.db.prepare("UPDATE agents SET metadata = ?, updated_at = datetime('now') WHERE id = ?").run(JSON.stringify(meta), agentId);
   }
-  /** Record an inbound SMS (parsed from email) */
-  recordInbound(agentId, parsed) {
+  /** Find the agent whose SMS config owns a phone number. */
+  findAgentBySmsNumber(phoneNumber, provider) {
+    const normalized = normalizePhoneNumber(phoneNumber);
+    if (!normalized) return null;
+    const rows = this.db.prepare("SELECT id, metadata FROM agents").all();
+    for (const row of rows) {
+      try {
+        const meta = JSON.parse(row.metadata || "{}");
+        const cfg = meta.sms;
+        if (!cfg?.enabled) continue;
+        if (provider && cfg.provider !== provider) continue;
+        if (normalizePhoneNumber(cfg.phoneNumber) === normalized) {
+          return { agentId: row.id, config: this.decryptConfig(cfg) };
+        }
+      } catch {
+      }
+    }
+    return null;
+  }
+  /** Record an inbound SMS (parsed from email or provider webhook) */
+  recordInbound(agentId, parsed, metadata) {
     const id = `sms_in_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
     const createdAt = parsed.timestamp || (/* @__PURE__ */ new Date()).toISOString();
     this.db.prepare(
-      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at) VALUES (?, ?, ?, ?, ?, ?, ?)"
-    ).run(id, agentId, "inbound", parsed.from, parsed.body, "received", createdAt);
-    return { id, agentId, direction: "inbound", phoneNumber: parsed.from, body: parsed.body, status: "received", createdAt };
+      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at, metadata) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"
+    ).run(id, agentId, "inbound", parsed.from, parsed.body, "received", createdAt, JSON.stringify(metadata ?? {}));
+    return { id, agentId, direction: "inbound", phoneNumber: parsed.from, body: parsed.body, status: "received", createdAt, metadata };
   }
   /** Record an outbound SMS attempt */
-  recordOutbound(agentId, phoneNumber, body, status = "pending") {
+  recordOutbound(agentId, phoneNumber, body, status = "pending", metadata) {
     const id = `sms_out_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const normalized = normalizePhoneNumber(phoneNumber) || phoneNumber;
     this.db.prepare(
-      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at) VALUES (?, ?, ?, ?, ?, ?, ?)"
-    ).run(id, agentId, "outbound", normalized, body, status, now);
-    return { id, agentId, direction: "outbound", phoneNumber: normalized, body, status, createdAt: now };
-  }
-  /** Update SMS status */
-  updateStatus(id, status) {
+      "INSERT INTO sms_messages (id, agent_id, direction, phone_number, body, status, created_at, metadata) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"
+    ).run(id, agentId, "outbound", normalized, body, status, now, JSON.stringify(metadata ?? {}));
+    return { id, agentId, direction: "outbound", phoneNumber: normalized, body, status, createdAt: now, metadata };
+  }
+  /** Update SMS status and optional provider metadata */
+  updateStatus(id, status, metadata) {
+    if (metadata) {
+      this.db.prepare("UPDATE sms_messages SET status = ?, metadata = ? WHERE id = ?").run(status, JSON.stringify(metadata), id);
+      return;
+    }
     this.db.prepare("UPDATE sms_messages SET status = ? WHERE id = ?").run(status, id);
   }
   /** List SMS messages for an agent */
@@ -4794,39 +5026,6 @@ var SmsPoller = class {
 };
 
 // src/gateway/manager.ts
-function deriveKey(key, salt) {
-  return scryptSync(key, salt, 32, { N: 16384, r: 8, p: 1 });
-}
-function encryptSecret(plaintext, key) {
-  const salt = randomBytes2(16);
-  const derivedKey = deriveKey(key, salt);
-  const iv = randomBytes2(12);
-  const cipher = createCipheriv("aes-256-gcm", derivedKey, iv);
-  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
-  const authTag = cipher.getAuthTag();
-  return `enc2:${salt.toString("hex")}:${iv.toString("hex")}:${authTag.toString("hex")}:${encrypted.toString("hex")}`;
-}
-function decryptSecret(value, key) {
-  if (value.startsWith("enc2:")) {
-    const parts = value.split(":");
-    if (parts.length !== 5) return value;
-    const [, saltHex, ivHex, authTagHex, ciphertextHex] = parts;
-    const derivedKey = deriveKey(key, Buffer.from(saltHex, "hex"));
-    const decipher = createDecipheriv("aes-256-gcm", derivedKey, Buffer.from(ivHex, "hex"));
-    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
-    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
-  }
-  if (value.startsWith("enc:")) {
-    const parts = value.split(":");
-    if (parts.length !== 4) return value;
-    const [, ivHex, authTagHex, ciphertextHex] = parts;
-    const keyHash = createHash("sha256").update(key).digest();
-    const decipher = createDecipheriv("aes-256-gcm", keyHash, Buffer.from(ivHex, "hex"));
-    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
-    return Buffer.concat([decipher.update(Buffer.from(ciphertextHex, "hex")), decipher.final()]).toString("utf8");
-  }
-  return value;
-}
 var GatewayManager = class {
   constructor(options) {
     this.options = options;
@@ -7982,11 +8181,13 @@ export {
   forgetHostSession,
   getDatabase,
   getOperatorEmail,
+  getSmsProvider,
   hostSessionStoragePath,
   isInternalEmail,
   isSessionFresh,
   isValidPhoneNumber,
   loadHostSession,
+  mapProviderSmsStatus,
   normalizeAddress,
   normalizePhoneNumber,
   normalizeSubject,
@@ -7996,6 +8197,7 @@ export {
   recordToolCall,
   redactObject,
   redactSecret,
+  redactSmsConfig,
   resolveConfig,
   safeJoin,
   sanitizeEmail,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agenticmail/core",
-  "version": "0.9.7",
+  "version": "0.9.9",
   "description": "Core SDK for AgenticMail — email, SMS, and phone number access for AI agents",
   "type": "module",
   "main": "dist/index.js",