@inceptionstack/roundhouse 0.3.17 → 0.3.19

package/src/config.ts

@@ -22,6 +22,7 @@ export const LEGACY_CONFIG_DIR = resolve(homedir(), ".config", "roundhouse");
 export const CONFIG_DIR = ROUNDHOUSE_DIR;
 export const CONFIG_PATH = resolve(ROUNDHOUSE_DIR, "gateway.config.json");
 export const ENV_FILE_PATH = resolve(ROUNDHOUSE_DIR, ".env");
+export const SESSIONS_DIR = resolve(ROUNDHOUSE_DIR, "sessions");
 
 /** Legacy env file name (deprecated) */
 export const LEGACY_ENV_FILE_PATH = resolve(ROUNDHOUSE_DIR, "env");
@@ -181,11 +182,11 @@ export async function loadConfig(): Promise<GatewayConfig> {
         console.error(`[roundhouse] failed to parse config at ${resolved.path}: ${err.message}`);
         process.exit(1);
       }
-      // Try cwd
+      // Try cwd (with security warning)
       try {
         const cwdPath = resolve(process.cwd(), "gateway.config.json");
         const raw = await readFile(cwdPath, "utf8");
-        console.log("[roundhouse] loaded gateway.config.json from cwd");
+        console.warn(`[roundhouse] ⚠️  loaded gateway.config.json from cwd (${cwdPath}) — consider using ~/.roundhouse/gateway.config.json instead`);
         config = JSON.parse(raw) as GatewayConfig;
       } catch (cwdErr: any) {
         if (cwdErr.code !== "ENOENT") {

package/src/cron/runner.ts

@@ -31,19 +31,20 @@ export class CronRunner {
     const threadId = buildCronThreadId(job.id, runId);
     const timeoutMs = job.timeoutMs ?? DEFAULT_TIMEOUT_MS;
 
-    // Render prompt
-    const tz = job.schedule.type === "cron" ? job.schedule.tz : job.schedule.type === "once" ? job.schedule.tz : undefined;
-    const ctx = buildTemplateContext(job.id, job.description, runId, scheduledAt, startedAt, tz, process.cwd(), job.vars ?? {});
-    const prompt = renderTemplate(job.prompt, ctx) + CRON_PROMPT_SUFFIX;
-
-    console.log(`[cron] starting ${job.id} [${runId}] kind=${kind}`);
-
-    // Create fresh agent — use provided config or load dynamically for CLI trigger
+    // Load agent config before rendering prompt (template needs agentCfg.cwd)
     let agentCfg = this.agentConfig;
     if (!agentCfg) {
       const { loadConfig } = await import("../config");
       agentCfg = (await loadConfig()).agent;
     }
+
+    // Render prompt
+    const tz = job.schedule.type === "cron" ? job.schedule.tz : job.schedule.type === "once" ? job.schedule.tz : undefined;
+    const agentCwd = (agentCfg.cwd as string) ?? process.cwd();
+    const ctx = buildTemplateContext(job.id, job.description, runId, scheduledAt, startedAt, tz, agentCwd, job.vars ?? {});
+    const prompt = renderTemplate(job.prompt, ctx) + CRON_PROMPT_SUFFIX;
+
+    console.log(`[cron] starting ${job.id} [${runId}] kind=${kind}`);
     const { type, ...rest } = agentCfg;
     const factory = getAgentFactory(type);
     const agent = factory({ ...rest, sessionDir: undefined });

package/src/gateway.ts

@@ -20,6 +20,7 @@ import { BOT_COMMANDS } from "./commands";
 import { prepareMemoryForTurn, finalizeMemoryForTurn, flushMemoryThenCompact, determineMemoryMode } from "./memory/lifecycle";
 import { maxPressure } from "./memory/policy";
 import type { PressureLevel } from "./memory/types";
+import { readPendingPairing, completePendingPairing, isStartForNonce } from "./pairing";
 
 /** Match a Telegram command, handling optional @botname suffix */
 /** Bot username for command suffix validation (set during gateway init) */
@@ -67,6 +68,33 @@ const ROUNDHOUSE_VERSION: string = (() => {
   catch { return "unknown"; }
 })();
 
+function telegramChatIdFromThreadId(threadId: unknown): number | null {
+  if (typeof threadId !== "string") return null;
+  const match = threadId.match(/^telegram:(-?\d+)/);
+  if (!match) return null;
+  const parsed = parseInt(match[1], 10);
+  return Number.isNaN(parsed) ? null : parsed;
+}
+
+function getChatId(thread: any, message: any): string {
+  const id = message?.chat?.id ?? message?.chatId ?? thread?.chatId;
+  if (id !== undefined && id !== null) return String(id);
+  return String(thread?.id ?? "unknown");
+}
+
+function resolveAgentThreadId(thread: any, message: any): string {
+  const chatType = String(message?.chat?.type ?? thread?.chat?.type ?? thread?.type ?? "").toLowerCase();
+  if (["private", "dm", "direct", "im"].includes(chatType)) return "main";
+  if (["group", "supergroup", "channel"].includes(chatType)) return `group:${getChatId(thread, message)}`;
+
+  const telegramChatId = telegramChatIdFromThreadId(thread?.id);
+  if (telegramChatId !== null) {
+    return telegramChatId < 0 ? `group:${telegramChatId}` : "main";
+  }
+
+  return String(thread?.id ?? "main");
+}
+
 // ── Chat SDK adapter factories ───────────────────────
 // Lazy-imported so we don't crash if an adapter package isn't installed.
 
@@ -155,7 +183,7 @@ async function saveAttachments(threadId: string, attachments: any[]): Promise<At
   // Per-message directory: <thread>/<timestamp_nonce>/
   const msgDir = join(INCOMING_DIR, threadIdToDir(threadId), `${Date.now()}_${generateAttachmentId()}`);
   try {
-    mkdirSync(msgDir, { recursive: true });
+    mkdirSync(msgDir, { recursive: true, mode: 0o700 });
   } catch (err) {
     console.error(`[roundhouse] failed to create incoming dir ${msgDir}:`, (err as Error).message);
     return { saved: [], skipped: ["Failed to create storage directory"] };
@@ -214,7 +242,7 @@ async function saveAttachments(threadId: string, attachments: any[]): Promise<At
       const fileName = `${i}-${rawName}`;
       const filePath = join(msgDir, fileName);
 
-      await writeFile(filePath, buf);
+      await writeFile(filePath, buf, { mode: 0o600 });
 
       const VALID_MEDIA_TYPES = new Set(["audio", "image", "file", "video"]);
       const mediaType = VALID_MEDIA_TYPES.has(att.type) ? att.type : "file";
@@ -242,6 +270,7 @@ export class Gateway {
   private chat!: Chat;
   private router: AgentRouter;
   private config: GatewayConfig;
+  private pairingComplete = false;
   private sttService: SttService | null = null;
   private cronScheduler: CronSchedulerService | null = null;
 
@@ -251,6 +280,86 @@ export class Gateway {
     _botUsername = config.chat.botUsername || "";
   }
 
+  /** Handle pending Telegram pairing from headless setup. Returns true if handled. */
+  private async handlePendingPairing(
+    text: string,
+    message: any,
+    thread: any,
+    authorName: string,
+  ): Promise<boolean> {
+    try {
+      const pending = await readPendingPairing();
+      if (!pending || pending.status !== "pending" || !isStartForNonce(text, pending.nonce)) {
+        return false;
+      }
+
+      const fromUser = authorName.toLowerCase();
+      const allowed = pending.allowedUsers.map(u => u.toLowerCase());
+      if (!fromUser || !allowed.includes(fromUser)) {
+        console.log(`[roundhouse] Pairing nonce from unauthorized user @${authorName}`);
+        return false;
+      }
+
+      // Extract IDs from the chat adapter message
+      const chatId = typeof message.chatId === "number"
+        ? message.chatId
+        : typeof thread.id === "string" && thread.id.startsWith("telegram:")
+          ? parseInt(thread.id.split(":")[1], 10)
+          : undefined;
+      // Chat SDK Telegram adapter provides userId (not id)
+      const rawUserId = message.author?.userId ?? message.author?.id ?? message.raw?.from?.id;
+      const userId = typeof rawUserId === "number"
+        ? rawUserId
+        : typeof rawUserId === "string"
+          ? parseInt(rawUserId, 10)
+          : undefined;
+
+      if (chatId == null || Number.isNaN(chatId) || userId == null || Number.isNaN(userId)) {
+        console.error(`[roundhouse] Pairing nonce matched but could not extract IDs: chatId=${chatId} userId=${userId}. Pairing left pending.`);
+        await thread.post("⚠️ Pairing nonce accepted but could not capture your Telegram IDs. Try sending /start again, or run: roundhouse pair");
+        return true;
+      }
+
+      await completePendingPairing({ chatId, userId, username: authorName });
+
+      // Update in-memory config
+      if (!this.config.chat.allowedUserIds) this.config.chat.allowedUserIds = [];
+      if (!this.config.chat.allowedUserIds.includes(userId)) {
+        this.config.chat.allowedUserIds.push(userId);
+      }
+      if (!this.config.chat.notifyChatIds) this.config.chat.notifyChatIds = [];
+      if (!this.config.chat.notifyChatIds.includes(chatId)) {
+        this.config.chat.notifyChatIds.push(chatId);
+      }
+
+      // Atomic config file update
+      try {
+        const { readFile: rf, rename: mvf, writeFile: wf, unlink: ulf } = await import("node:fs/promises");
+        const { randomBytes: rb } = await import("node:crypto");
+        const cfgPath = join(ROUNDHOUSE_DIR, "gateway.config.json");
+        const configRaw = JSON.parse(await rf(cfgPath, "utf8"));
+        if (!configRaw.chat) configRaw.chat = {};
+        if (!configRaw.chat.allowedUserIds) configRaw.chat.allowedUserIds = [];
+        if (!configRaw.chat.allowedUserIds.includes(userId)) configRaw.chat.allowedUserIds.push(userId);
+        if (!configRaw.chat.notifyChatIds) configRaw.chat.notifyChatIds = [];
+        if (!configRaw.chat.notifyChatIds.includes(chatId)) configRaw.chat.notifyChatIds.push(chatId);
+        const tmp = `${cfgPath}.tmp.${rb(4).toString("hex")}`;
+        await wf(tmp, JSON.stringify(configRaw, null, 2) + "\n");
+        await mvf(tmp, cfgPath).catch(async (e) => { try { await ulf(tmp); } catch {} throw e; });
+      } catch (cfgErr) {
+        console.error("[roundhouse] failed to update config after pairing:", cfgErr);
+      }
+
+      console.log(`[roundhouse] Telegram pairing complete: @${authorName} chatId=${chatId} userId=${userId}`);
+      this.pairingComplete = true;
+      await thread.post("✅ Roundhouse paired successfully!\n\nSend /status to verify everything is working.");
+      return true;
+    } catch (err) {
+      console.error("[roundhouse] error checking pending pairing:", err);
+      return false;
+    }
+  }
+
   async start() {
     const chatAdapters = await buildChatAdapters(this.config.chat.adapters);
 
@@ -289,7 +398,17 @@ export class Gateway {
     const allowedUsers = (this.config.chat.allowedUsers ?? []).map((u) =>
       u.toLowerCase()
     );
-    const allowedUserIds = this.config.chat.allowedUserIds ?? [];
+    // Ensure arrays exist on config so pairing hook mutations are visible to isAllowed
+    if (!this.config.chat.allowedUserIds) this.config.chat.allowedUserIds = [];
+    if (!this.config.chat.notifyChatIds) this.config.chat.notifyChatIds = [];
+    const allowedUserIds = this.config.chat.allowedUserIds;
+
+    // SECURITY: Warn (loudly) when no auth allowlist is configured
+    if (allowedUsers.length === 0 && allowedUserIds.length === 0) {
+      console.warn("\n⚠️  WARNING: No allowedUsers or allowedUserIds configured!");
+      console.warn("   Any Telegram user who finds this bot can interact with the agent.");
+      console.warn("   Run: roundhouse setup --telegram --user <your-username>\n");
+    }
 
     // Per-thread verbose toggle (shows tool_start messages)
     const verboseThreads = new Set<string>();
@@ -302,14 +421,21 @@ export class Gateway {
 
     // ── Unified handler ────────────────────────────
     const handle = async (thread: any, message: any) => {
+      const agentThreadId = resolveAgentThreadId(thread, message);
       const userText = message.text ?? "";
       const authorName = message.author?.userName ?? message.author?.userId ?? "?";
       const rawAttachments = message.attachments ?? [];
 
       console.log(
-        `[roundhouse] ${thread.id} @${authorName}: "${userText.slice(0, 120)}"${rawAttachments.length ? ` +${rawAttachments.length} attachment(s)` : ""}`
+        `[roundhouse] ${thread.id} -> ${agentThreadId} @${authorName}: "${userText.slice(0, 120)}"${rawAttachments.length ? ` +${rawAttachments.length} attachment(s)` : ""}`
       );
 
+      // Check for pending Telegram pairing (headless setup)
+      if (userText.trim().startsWith("/start ") && !this.pairingComplete) {
+        const handled = await this.handlePendingPairing(userText.trim(), message, thread, authorName ?? "");
+        if (handled) return;
+      }
+
       if (!isAllowed(message, allowedUsers, allowedUserIds)) {
         console.log(`[roundhouse] blocked @${authorName} (not in allowlist)`);
         return;
@@ -320,14 +446,14 @@ export class Gateway {
 
       // Handle /new command — dispose current session, start fresh
       if (isCommand(userText.trim(), "/new")) {
-        const agent = this.router.resolve(thread.id);
+        const agent = this.router.resolve(agentThreadId);
         if (agent.restart) {
-          await agent.restart(thread.id);
+          await agent.restart(agentThreadId);
           await thread.post("🔄 Session restarted. Send a message to begin a new conversation.");
         } else {
           await thread.post("⚠️ New session not supported for this agent.");
         }
-        console.log(`[roundhouse] /new for thread=${thread.id}`);
+        console.log(`[roundhouse] /new for thread=${thread.id} agentThread=${agentThreadId}`);
         return;
       }
 
@@ -350,13 +476,22 @@ export class Gateway {
       }
 
       // Handle /compact command — flush memory then compact session context
+      // Routed through the per-thread lock to prevent concurrent agent access
       if (isCommand(userText.trim(), "/compact")) {
-        const agent = this.router.resolve(thread.id);
+        const agent = this.router.resolve(agentThreadId);
         if (!agent.compact) {
           await thread.post("⚠️ Compaction not supported for this agent.");
           return;
         }
-        console.log(`[roundhouse] /compact for thread=${thread.id}`);
+        console.log(`[roundhouse] /compact for thread=${thread.id} agentThread=${agentThreadId}`);
+
+        // Acquire per-thread lock (same as normal prompts)
+        const prevLock = threadLocks.get(agentThreadId);
+        let releaseLock: () => void;
+        const lockPromise = new Promise<void>((resolve) => { releaseLock = resolve; });
+        threadLocks.set(agentThreadId, lockPromise);
+        if (prevLock) await prevLock;
+
         await thread.post("📝 Saving memory and compacting...");
         const stopTyping = startTypingLoop(thread);
         try {
@@ -364,7 +499,7 @@ export class Gateway {
           const memoryRoot = this.config.memory?.rootDir ?? agentCwd;
           // If memory is disabled, compact directly without flush
           if (this.config.memory?.enabled === false) {
-            const result = await agent.compact(thread.id);
+            const result = await agent.compact(agentThreadId);
             if (!result) {
               await thread.post("⚠️ No active session to compact. Send a message first.");
             } else {
@@ -372,7 +507,7 @@ export class Gateway {
               await thread.post(`✅ Compaction complete\n\nCompacted ${beforeK}K tokens down to a summary.\nContext usage will update after your next message.`);
             }
           } else {
-            const result = await flushMemoryThenCompact(thread.id, agent, memoryRoot, "manual", this.config.memory);
+            const result = await flushMemoryThenCompact(agentThreadId, agent, memoryRoot, "manual", this.config.memory);
             if (!result) {
               await thread.post("⚠️ No active session to compact. Send a message first.");
             } else {
@@ -385,13 +520,17 @@ export class Gateway {
           await thread.post(`⚠️ Compaction failed: ${msg.slice(0, 200)}`);
         } finally {
           stopTyping();
+          releaseLock!();
+          if (threadLocks.get(agentThreadId) === lockPromise) {
+            threadLocks.delete(agentThreadId);
+          }
         }
         return;
       }
 
       // Handle /status command — show gateway details
       if (isCommand(userText.trim(), "/status")) {
-        const agent = this.router.resolve(thread.id);
+        const agent = this.router.resolve(agentThreadId);
         const uptimeSec = process.uptime();
         const uptimeStr = uptimeSec < 3600
           ? `${Math.floor(uptimeSec / 60)}m ${Math.floor(uptimeSec % 60)}s`
@@ -401,7 +540,7 @@ export class Gateway {
         const nodeVer = process.version;
         const memMB = (process.memoryUsage.rss() / 1024 / 1024).toFixed(1);
 
-        const info = agent.getInfo ? agent.getInfo(thread.id) : {};
+        const info = agent.getInfo ? agent.getInfo(agentThreadId) : {};
         const agentVersion = info.version ? `v${info.version}` : "";
         const agentLabel = agentVersion ? `\`${agent.name}\` (${agentVersion})` : `\`${agent.name}\``;
 
@@ -422,7 +561,7 @@ export class Gateway {
           `💾 Memory: ${memMB} MB`,
           `🟢 Node: ${nodeVer}`,
           `🔧 Debug stream: ${debugStream ? "on" : "off"}`,
-          `📢 Verbose: ${verboseThreads.has(thread.id) ? "on" : "off"}`,
+          `📢 Verbose: ${verboseThreads.has(agentThreadId) ? "on" : "off"}`,
         );
 
         const allowedCount = allowedUsers.length;
@@ -464,14 +603,14 @@ export class Gateway {
         }
 
         await thread.post({ markdown: lines.join("\n") });
-        console.log(`[roundhouse] /status for thread=${thread.id}`);
+        console.log(`[roundhouse] /status for thread=${thread.id} agentThread=${agentThreadId}`);
         return;
       }
 
       // Save any attachments (voice messages, images, files, etc.)
       let attachmentResult: AttachmentResult = { saved: [], skipped: [] };
       try {
-        attachmentResult = await saveAttachments(thread.id, rawAttachments);
+        attachmentResult = await saveAttachments(agentThreadId, rawAttachments);
       } catch (err) {
         console.error(`[roundhouse] saveAttachments error:`, (err as Error).message);
         if (!userText.trim()) {
@@ -501,16 +640,16 @@ export class Gateway {
         return;
       }
 
-      const agent = this.router.resolve(thread.id);
+      const agent = this.router.resolve(agentThreadId);
 
       // Serialize prompts per-thread (concurrent mode allows /stop to bypass)
-      const prevLock = threadLocks.get(thread.id);
+      const prevLock = threadLocks.get(agentThreadId);
       let releaseLock: () => void;
       const lockPromise = new Promise<void>((resolve) => { releaseLock = resolve; });
-      threadLocks.set(thread.id, lockPromise);
+      threadLocks.set(agentThreadId, lockPromise);
       if (prevLock) await prevLock;
 
-      console.log(`[roundhouse] → ${agent.name} | thread=${thread.id}`);
+      console.log(`[roundhouse] → ${agent.name} | thread=${agentThreadId}`);
 
       // Enrich audio attachments with transcripts (STT) — inside thread lock to prevent stampede
       if (this.sttService && agentMessage.attachments?.length) {
@@ -537,7 +676,7 @@ export class Gateway {
       const memoryRoot = this.config.memory?.rootDir ?? agentCwd;
       let memoryPrepared: Awaited<ReturnType<typeof prepareMemoryForTurn>> | undefined;
       try {
-        memoryPrepared = await prepareMemoryForTurn(thread.id, agentMessage, agent, memoryRoot, this.config.memory);
+        memoryPrepared = await prepareMemoryForTurn(agentThreadId, agentMessage, agent, memoryRoot, this.config.memory);
         agentMessage = memoryPrepared.message;
       } catch (err) {
         console.error(`[roundhouse] memory prepare error:`, (err as Error).message);
@@ -548,15 +687,15 @@ export class Gateway {
       try {
         if (agent.promptStream) {
           const ac = new AbortController();
-          abortControllers.set(thread.id, ac);
+          abortControllers.set(agentThreadId, ac);
           try {
-            await this.handleStreaming(thread, agent.promptStream(thread.id, agentMessage), verboseThreads.has(thread.id), ac.signal);
+            await this.handleStreaming(thread, agent.promptStream(agentThreadId, agentMessage), verboseThreads.has(agentThreadId), ac.signal);
           } finally {
-            abortControllers.delete(thread.id);
+            abortControllers.delete(agentThreadId);
           }
         } else {
           // Fallback: non-streaming prompt
-          const reply = await agent.prompt(thread.id, agentMessage);
+          const reply = await agent.prompt(agentThreadId, agentMessage);
           if (reply.text) {
             await this.postWithFallback(thread, reply.text);
           }
@@ -565,7 +704,7 @@ export class Gateway {
         // ── Memory: post-turn finalize + pressure check ───
         try {
           const pressure = await finalizeMemoryForTurn(
-            thread.id,
+            agentThreadId,
             memoryPrepared?.beforeDigest ?? null,
             agent, memoryRoot, this.config.memory,
           );
@@ -574,7 +713,7 @@ export class Gateway {
           if (effectivePressure !== "none") {
             // Run flush/compact INSIDE the thread lock to prevent race with next user message
             try {
-              await this.handleContextPressure(thread, agent, memoryRoot, effectivePressure);
+              await this.handleContextPressure(thread, agentThreadId, agent, memoryRoot, effectivePressure);
             } catch (err) {
               console.error(`[roundhouse] context pressure handler error:`, (err as Error).message);
             }
@@ -592,34 +731,35 @@ export class Gateway {
       } finally {
         stopTyping();
         releaseLock!();
-        if (threadLocks.get(thread.id) === lockPromise) {
-          threadLocks.delete(thread.id);
+        if (threadLocks.get(agentThreadId) === lockPromise) {
+          threadLocks.delete(agentThreadId);
         }
       }
     };
 
     // ── Wire Chat SDK events ───────────────────────
     const handleOrAbort = async (thread: any, message: any) => {
+      const agentThreadId = resolveAgentThreadId(thread, message);
       const text = (message.text ?? "").trim();
       // /stop is handled immediately — abort the in-flight agent run
       // without waiting for the current handler to finish
       if (isCommand(text, "/stop")) {
         if (!isAllowed(message, allowedUsers, allowedUserIds)) return;
-        const agent = this.router.resolve(thread.id);
+        const agent = this.router.resolve(agentThreadId);
         if (agent.abort) {
-          await agent.abort(thread.id);
-          abortControllers.get(thread.id)?.abort();
+          await agent.abort(agentThreadId);
+          abortControllers.get(agentThreadId)?.abort();
           try { await thread.post("⏹️ Stopped."); } catch {}
         } else {
           try { await thread.post("⚠️ Abort not supported for this agent."); } catch {}
         }
-        console.log(`[roundhouse] /stop for thread=${thread.id}`);
+        console.log(`[roundhouse] /stop for thread=${thread.id} agentThread=${agentThreadId}`);
         return;
       }
       // /verbose is a gateway toggle — runs immediately, no queuing
       if (isCommand(text, "/verbose")) {
         if (!isAllowed(message, allowedUsers, allowedUserIds)) return;
-        const threadId = thread.id;
+        const threadId = agentThreadId;
         if (verboseThreads.has(threadId)) {
           verboseThreads.delete(threadId);
           try { await thread.post("🔇 Verbose mode OFF — tool status messages hidden."); } catch {}
@@ -627,7 +767,7 @@ export class Gateway {
           verboseThreads.add(threadId);
           try { await thread.post("📢 Verbose mode ON — showing tool calls."); } catch {}
         }
-        console.log(`[roundhouse] /verbose for thread=${threadId} -> ${verboseThreads.has(threadId) ? "on" : "off"}`);
+        console.log(`[roundhouse] /verbose for thread=${thread.id} agentThread=${threadId} -> ${verboseThreads.has(threadId) ? "on" : "off"}`);
         return;
       }
       // /doctor runs health checks immediately — no agent access needed
@@ -747,16 +887,16 @@ export class Gateway {
    * Handle context pressure — flush memory and/or compact.
    * Runs inside the thread lock after a turn completes.
    */
-  private async handleContextPressure(thread: any, agent: AgentAdapter, memoryRoot: string, pressure: PressureLevel) {
+  private async handleContextPressure(thread: any, agentThreadId: string, agent: AgentAdapter, memoryRoot: string, pressure: PressureLevel) {
     if (pressure === "none") return;
 
-    console.log(`[roundhouse] context pressure: ${pressure} for thread=${thread.id}`);
+    console.log(`[roundhouse] context pressure: ${pressure} for thread=${thread.id} agentThread=${agentThreadId}`);
 
     if (pressure === "soft") {
       // Soft: prompt agent to save facts, no compact
       // Cooldown is checked inside flushMemoryThenCompact (returns null if skipped)
       try {
-        await flushMemoryThenCompact(thread.id, agent, memoryRoot, "soft", this.config.memory);
+        await flushMemoryThenCompact(agentThreadId, agent, memoryRoot, "soft", this.config.memory);
       } catch (err) {
         console.error(`[roundhouse] soft flush error:`, (err as Error).message);
       }
@@ -766,7 +906,7 @@ export class Gateway {
     // Hard or emergency: flush + compact
     try {
       await thread.post(`📝 ${pressure === "emergency" ? "⚠️ Context nearly full! " : ""}Saving memory and compacting...`);
-      const result = await flushMemoryThenCompact(thread.id, agent, memoryRoot, pressure, this.config.memory);
+      const result = await flushMemoryThenCompact(agentThreadId, agent, memoryRoot, pressure, this.config.memory);
       if (result) {
         const beforeK = (result.tokensBefore / 1000).toFixed(1);
         await thread.post(`✅ Auto-compacted: ${beforeK}K tokens → summary.`);

package/src/memory/state.ts

@@ -9,7 +9,7 @@ import { readFile, writeFile, mkdir, rename, unlink } from "node:fs/promises";
 import { resolve, dirname } from "node:path";
 import { randomBytes } from "node:crypto";
 import { ROUNDHOUSE_DIR } from "../config";
-import { threadIdToDir, threadIdToDirLegacy } from "../util";
+import { threadIdToDir } from "../util";
 import type { ThreadMemoryState } from "./types";
 
 const STATE_DIR = resolve(ROUNDHOUSE_DIR, "memory-state");
@@ -18,24 +18,12 @@ function stateFilePath(threadId: string): string {
   return resolve(STATE_DIR, `${threadIdToDir(threadId)}.json`);
 }
 
-function legacyStateFilePath(threadId: string): string {
-  return resolve(STATE_DIR, `${threadIdToDirLegacy(threadId)}.json`);
-}
-
 /** Load per-thread memory state (returns empty state if none exists) */
 export async function loadThreadMemoryState(threadId: string): Promise<ThreadMemoryState> {
   try {
     const raw = await readFile(stateFilePath(threadId), "utf8");
     return JSON.parse(raw) as ThreadMemoryState;
   } catch {
-    // Fallback to legacy encoding for pre-v0.4 state files
-    try {
-      const legacyPath = legacyStateFilePath(threadId);
-      if (legacyPath !== stateFilePath(threadId)) {
-        const raw = await readFile(legacyPath, "utf8");
-        return JSON.parse(raw) as ThreadMemoryState;
-      }
-    } catch {}
     return {};
   }
 }
@@ -43,10 +31,10 @@ export async function loadThreadMemoryState(threadId: string): Promise<ThreadMem
 /** Save per-thread memory state (atomic write to prevent corruption) */
 export async function saveThreadMemoryState(threadId: string, state: ThreadMemoryState): Promise<void> {
   const path = stateFilePath(threadId);
-  await mkdir(dirname(path), { recursive: true });
+  await mkdir(dirname(path), { recursive: true, mode: 0o700 });
   const tmp = `${path}.tmp.${randomBytes(4).toString("hex")}`;
   try {
-    await writeFile(tmp, JSON.stringify(state, null, 2) + "\n");
+    await writeFile(tmp, JSON.stringify(state, null, 2) + "\n", { mode: 0o600 });
     await rename(tmp, path);
   } catch (err) {
     try { await unlink(tmp); } catch {}

package/src/pairing.ts

@@ -0,0 +1,112 @@
+/**
+ * pairing.ts — Persistent pending-pairing state for Telegram.
+ *
+ * Used by:
+ * - setup --telegram --headless: writes pending pairing before starting gateway
+ * - gateway.ts: detects pending pairing and completes on /start <nonce>
+ */
+import { readFile, writeFile, rename, unlink, mkdir } from "node:fs/promises";
+import { dirname, resolve } from "node:path";
+import { randomBytes } from "node:crypto";
+import { ROUNDHOUSE_DIR } from "./config";
+
+export interface PendingPairing {
+  version: 1;
+  nonce: string;
+  botUsername: string;
+  allowedUsers: string[];
+  createdAt: string;
+  status: "pending" | "paired";
+  pairedAt?: string;
+  chatId?: number;
+  userId?: number;
+  username?: string;
+}
+
+export const PAIRING_PATH = resolve(ROUNDHOUSE_DIR, "telegram-pairing.json");
+
+/**
+ * Generate a pairing nonce: "rh-" + 8 random hex bytes.
+ */
+export function createPairingNonce(): string {
+  return `rh-${randomBytes(8).toString("hex")}`;
+}
+
+/**
+ * Build the Telegram deep link for pairing.
+ */
+export function createPairingLink(botUsername: string, nonce: string): string {
+  return `https://t.me/${botUsername}?start=${nonce}`;
+}
+
+/**
+ * Check if a message text matches /start <nonce>.
+ */
+export function isStartForNonce(text: string, nonce: string): boolean {
+  const trimmed = text.trim();
+  return trimmed === `/start ${nonce}` || trimmed === nonce;
+}
+
+/**
+ * Read the pending pairing file. Returns null if not found or invalid.
+ */
+export async function readPendingPairing(): Promise<PendingPairing | null> {
+  try {
+    const raw = await readFile(PAIRING_PATH, "utf8");
+    const data = JSON.parse(raw);
+    if (data?.version === 1 && data?.nonce && data?.status) {
+      return data as PendingPairing;
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Write pending pairing state (atomic, mode 0600).
+ */
+export async function writePendingPairing(state: PendingPairing): Promise<void> {
+  await mkdir(dirname(PAIRING_PATH), { recursive: true });
+  const tmp = `${PAIRING_PATH}.tmp.${randomBytes(4).toString("hex")}`;
+  try {
+    await writeFile(tmp, JSON.stringify(state, null, 2) + "\n", { mode: 0o600 });
+    await rename(tmp, PAIRING_PATH);
+  } catch (err) {
+    try { await unlink(tmp); } catch {}
+    throw err;
+  }
+}
+
+/**
+ * Mark pairing as complete — merges result into existing pending state.
+ */
+export async function completePendingPairing(result: {
+  chatId: number;
+  userId: number;
+  username: string;
+}): Promise<PendingPairing | null> {
+  const existing = await readPendingPairing();
+  if (!existing || existing.status !== "pending") return null;
+
+  const completed: PendingPairing = {
+    ...existing,
+    status: "paired",
+    pairedAt: new Date().toISOString(),
+    chatId: result.chatId,
+    userId: result.userId,
+    username: result.username,
+  };
+
+  await writePendingPairing(completed);
+  return completed;
+}
+
+/**
+ * Clear the pairing file.
+ */
+export async function clearPendingPairing(): Promise<void> {
+  try {
+    await unlink(PAIRING_PATH);
+  } catch {}
+}