@vellumai/assistant 0.10.1 → 0.10.2-dev.202606241651.2d2b40d

package/src/runtime/routes/conversation-cli-routes.ts

@@ -9,10 +9,10 @@
 import { v4 as uuid } from "uuid";
 import { z } from "zod";
 
-import { findConversation } from "../../daemon/conversation-registry.js";
 import { clearAllConversations as clearAllActive } from "../../daemon/handlers/conversations.js";
 import { formatJson, formatMarkdown } from "../../export/formatter.js";
 import { ipcCall as ipcCallGateway } from "../../ipc/gateway-client.js";
+import { isConversationProcessing } from "../../memory/conversation-crud.js";
 import {
   addMessage,
   createConversation,
@@ -53,10 +53,9 @@ function handleListCli({ body = {} }: RouteHandlerArgs) {
       id: c.id,
       title: c.title,
       updatedAt: c.updatedAt,
-      // `isProcessing` mirrors `Conversation.isProcessing()` from the
-      // in-memory daemon store — true when the agent loop is mid-turn.
-      // Rows not currently in memory (cold / evicted) report `false`.
-      isProcessing: findConversation(c.id)?.isProcessing() ?? false,
+      // Checks in-memory flag first (hot path), falls back to the
+      // persisted `processing_started_at` column for cold conversations.
+      isProcessing: isConversationProcessing(c.id),
     })),
   };
 }

package/src/runtime/routes/conversation-list-routes.ts

@@ -10,7 +10,6 @@
 
 import { z } from "zod";
 
-import { findConversation } from "../../daemon/conversation-registry.js";
 import {
   type Confidence,
   getAttentionStateByConversationIds,
@@ -18,6 +17,7 @@ import {
   recordConversationSeenSignal,
   type SignalType,
 } from "../../memory/conversation-attention-store.js";
+import { isConversationProcessing } from "../../memory/conversation-crud.js";
 import {
   type ConversationRow,
   getDisplayMetaForConversations,
@@ -270,12 +270,9 @@ function handleListConversations({ queryParams = {} }: RouteHandlerArgs) {
         attentionState: attentionStates.get(conversation.id),
         displayMeta: displayMeta.get(conversation.id),
         parentCache,
-        // Cold (evicted / never-loaded) rows aren't in the in-memory
-        // store, so `findConversation` returns `undefined` and they
-        // report `isProcessing: false` — by definition they aren't
-        // mid-turn since the agent loop only runs on resident convs.
-        isProcessing:
-          findConversation(conversation.id)?.isProcessing() ?? false,
+        // Checks in-memory flag first (hot path), falls back to the
+        // persisted `processing_started_at` column for cold conversations.
+        isProcessing: isConversationProcessing(conversation.id),
       }),
     ),
     nextOffset,

package/src/runtime/routes/conversation-routes.ts

@@ -50,6 +50,7 @@ import {
   getCannedFirstGreeting,
   isWakeUpGreeting,
 } from "../../daemon/first-greeting.js";
+import { supersedePendingInteractionsOnEnqueue } from "../../daemon/handlers/conversations.js";
 import {
   collectAttachmentRefs,
   type HistoryAttachmentRef,
@@ -67,6 +68,7 @@ import type {
   HostProxyTransportMetadata,
   NonHostProxyTransportMetadata,
 } from "../../daemon/message-types/conversations.js";
+import type { TrustContext } from "../../daemon/trust-context.js";
 import { HeartbeatService } from "../../heartbeat/heartbeat-service.js";
 import {
   writeOnboardingSidecar,
@@ -120,30 +122,27 @@ import {
 } from "../../util/platform.js";
 import { silentlyWithLog } from "../../util/silently.js";
 import { assistantEventHub, broadcastMessage } from "../assistant-event-hub.js";
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
 import { getPersistedSeq } from "../assistant-stream-state.js";
 import { ACTOR_PRINCIPALS } from "../auth/route-policy.js";
 import {
   type GuardianPendingScope,
   routeGuardianReply,
 } from "../guardian-reply-router.js";
-import { healGuardianBindingDrift } from "../guardian-vellum-migration.js";
+import { reResolveTrustOnResetDrift } from "../guardian-vellum-migration.js";
 import type {
   ApprovalConversationGenerator,
   RuntimeAttachmentMetadata,
   RuntimeMessagePayload,
   SendMessageDeps,
 } from "../http-types.js";
-import { resolveLocalTrustContext } from "../local-actor-identity.js";
+import { findLocalGuardianPrincipalId } from "../local-actor-identity.js";
+import { resolveLocalPrincipalTrustContext } from "../local-principal-trust.js";
 import * as pendingInteractions from "../pending-interactions.js";
 import {
   publishConversationListAndMetadataChanged,
   publishConversationMessagesChanged,
 } from "../sync/resource-sync-events.js";
-import {
-  resolveTrustContext,
-  withSourceChannel,
-} from "../trust-context-resolver.js";
+import { withSourceChannel } from "../trust-context-resolver.js";
 import {
   BadRequestError,
   InternalError,
@@ -946,25 +945,28 @@ export function handleListMessages({
         .filter((block) => block.type !== "text" || block.text.length > 0);
     }
 
-  // Ensure every hydrated attachment has a corresponding content block.
-  // renderHistoryContent inlines attachment blocks only when it has
-  // file-block refs with matching DB rows; directives (assistant-authored
-  // <vellum-attachment/> tags) don't leave a file block after stripping,
-  // so their attachments end up in the flat `attachments` array but not in
-  // `contentBlocks`. Append any that are missing so the canonical
-  // projection is complete.
-  const existingAttachmentIds = new Set(
-    contentBlocks
-      .filter((b): b is Extract<ConversationContentBlock, { type: "attachment" }> => b.type === "attachment")
-      .map((b) => b.attachment.id),
-  );
-  for (const att of msgAttachments) {
-    if (!existingAttachmentIds.has(att.id)) {
-      contentBlocks.push({ type: "attachment", attachment: att });
+    // Ensure every hydrated attachment has a corresponding content block.
+    // renderHistoryContent inlines attachment blocks only when it has
+    // file-block refs with matching DB rows; directives (assistant-authored
+    // <vellum-attachment/> tags) don't leave a file block after stripping,
+    // so their attachments end up in the flat `attachments` array but not in
+    // `contentBlocks`. Append any that are missing so the canonical
+    // projection is complete.
+    const existingAttachmentIds = new Set(
+      contentBlocks
+        .filter(
+          (b): b is Extract<ConversationContentBlock, { type: "attachment" }> =>
+            b.type === "attachment",
+        )
+        .map((b) => b.attachment.id),
+    );
+    for (const att of msgAttachments) {
+      if (!existingAttachmentIds.has(att.id)) {
+        contentBlocks.push({ type: "attachment", attachment: att });
+      }
     }
-  }
 
-  const alignedContentOrder = aligned.rewriteContentOrder(contentOrder);
+    const alignedContentOrder = aligned.rewriteContentOrder(contentOrder);
 
     // Use sentAt (actual event time) for the display timestamp when available,
     // falling back to createdAt (persistence time). Clients use this display
@@ -1440,56 +1442,65 @@ export async function handleSendMessage(
     conversation.setOnboardingContext(body.onboarding!);
   }
 
-  // Resolve guardian context from the AuthContext's actorPrincipalId.
-  // The JWT-verified principal is used as the sender identity through
-  // the same trust resolution pipeline that channel ingress uses.
+  // Resolve guardian context from the AuthContext's actorPrincipalId via the
+  // gateway guardian binding: a vellum principal is the guardian or nobody.
   if (actorPrincipalId) {
     // Dev bypass (HTTP auth disabled): the synthetic "dev-bypass" principal
-    // won't match any guardian binding. Resolve from the local guardian
-    // binding instead, which produces the correct guardian trust context.
+    // won't match any guardian binding. Resolve the real guardian principal and
+    // map that through, failing closed to unknown on an empty gateway.
     if (isHttpAuthDisabled() && actorPrincipalId === "dev-bypass") {
-      conversation.setTrustContext(resolveLocalTrustContext(sourceChannel));
+      const guardianPrincipalId = await findLocalGuardianPrincipalId();
+      let trustCtx: TrustContext = guardianPrincipalId
+        ? withSourceChannel(
+            sourceChannel,
+            await resolveLocalPrincipalTrustContext({
+              actorPrincipalId: guardianPrincipalId,
+              sourceChannel: "vellum",
+              conversationExternalId: "local",
+            }),
+          )
+        : { trustClass: "unknown", sourceChannel };
+      if (guardianPrincipalId && trustCtx.trustClass === "unknown") {
+        const healed = await reResolveTrustOnResetDrift(
+          guardianPrincipalId,
+          sourceChannel,
+        );
+        if (healed) trustCtx = healed;
+      }
+      conversation.setTrustContext(trustCtx);
     } else {
-      const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
-      let trustCtx = resolveTrustContext({
-        assistantId,
-        sourceChannel: "vellum",
-        conversationExternalId: "local",
-        actorExternalId: actorPrincipalId,
-      });
+      let trustCtx = withSourceChannel(
+        sourceChannel,
+        await resolveLocalPrincipalTrustContext({
+          actorPrincipalId,
+          sourceChannel: "vellum",
+          conversationExternalId: "local",
+        }),
+      );
       if (trustCtx.trustClass === "unknown") {
-        // Attempt to heal guardian binding drift: after a DB reset the
-        // guardian binding gets a new vellum-principal-* UUID while the
-        // client still holds a valid JWT with the old one. The signing
-        // key survives the reset, so the JWT is authentic — just stale.
-        const healed = healGuardianBindingDrift(actorPrincipalId);
-        if (healed) {
-          trustCtx = resolveTrustContext({
-            assistantId,
-            sourceChannel: "vellum",
-            conversationExternalId: "local",
-            actorExternalId: actorPrincipalId,
-          });
+        const healed = await reResolveTrustOnResetDrift(
+          actorPrincipalId,
+          sourceChannel,
+        );
+        if (healed && healed.trustClass !== "unknown") {
+          trustCtx = healed;
           log.info(
-            {
-              actorPrincipalId: actorPrincipalId,
-              trustClass: trustCtx.trustClass,
-            },
-            "Trust re-resolved after guardian binding drift heal",
+            { actorPrincipalId, trustClass: trustCtx.trustClass },
+            "Trust re-resolved from local mirror after gateway returned unknown",
           );
         } else {
           log.warn(
             {
-              actorPrincipalId: actorPrincipalId,
+              actorPrincipalId,
               sourceChannel,
-              trustClass: trustCtx.trustClass,
-              principalType: principalType,
+              trustClass: "unknown",
+              principalType,
             },
             "JWT-verified actor resolved to unknown trust class — possible guardian binding drift (e.g. DB reset without re-bootstrap)",
           );
         }
       }
-      conversation.setTrustContext(withSourceChannel(sourceChannel, trustCtx));
+      conversation.setTrustContext(trustCtx);
     }
   } else {
     // Service principals (svc_gateway) or tokens without an actor ID
@@ -1814,29 +1825,11 @@ export async function handleSendMessage(
     // the client showing "Failed to send" for a message the daemon will
     // process from the queue.
     try {
-      if (conversation.hasAnyPendingConfirmation()) {
-        // Emit authoritative denial state for each pending request.
-        // sendToClient (wired to the SSE hub) delivers these to the client.
-        for (const interaction of pendingInteractions.getByConversation(
-          mapping.conversationId,
-        )) {
-          if (interaction.kind === "confirmation") {
-            conversation.emitConfirmationStateChanged({
-              conversationId: mapping.conversationId,
-              requestId: interaction.requestId,
-              state: "denied" as const,
-              source: "auto_deny" as const,
-            });
-            // Sync canonical guardian request status so stale "pending" DB
-            // records don't get matched by later guardian reply routing.
-            resolveCanonicalGuardianRequest(interaction.requestId, "pending", {
-              status: "denied",
-            });
-          }
-        }
-        conversation.denyAllPendingConfirmations();
-        pendingInteractions.removeByConversation(mapping.conversationId);
-      }
+      // Supersede interactions left pending by the in-flight turn: auto-deny
+      // confirmations (with canonical/client sync) and steer to the enqueued
+      // message if an ask_question is parked. Centralized so the CLI signal
+      // path (signals/user-message.ts) gets identical handling.
+      supersedePendingInteractionsOnEnqueue(mapping.conversationId, requestId);
 
       // Expire any orphaned canonical requests that survived without a
       // matching in-memory pending interaction (e.g. prompter timeouts).

package/src/runtime/routes/events-routes.ts

@@ -43,7 +43,7 @@ import type { ReplaySubscriber } from "../assistant-stream-state.js";
 import { getReplayWindow } from "../assistant-stream-state.js";
 import { ACTOR_PRINCIPALS, GATEWAY_PRINCIPALS } from "../auth/route-policy.js";
 import { DEFAULT_HEARTBEAT_INTERVAL_MS } from "../client-health.js";
-import { resolveActorPrincipalIdForLocalGuardian } from "../local-actor-identity.js";
+import { resolveActorPrincipalIdForLocalGuardianSync } from "../local-actor-identity.js";
 import {
   BadRequestError,
   NotFoundError,
@@ -311,7 +311,7 @@ export function handleSubscribeAssistantEvents(
   // bearer token's AuthContext. May be absent for legacy / service-token
   // connections that have no principal. See `resolveActorPrincipalId` for the
   // dev-bypass translation rationale.
-  const actorPrincipalId = resolveActorPrincipalIdForLocalGuardian(
+  const actorPrincipalId = resolveActorPrincipalIdForLocalGuardianSync(
     rawActorPrincipalId?.trim() || undefined,
   );
 

package/src/runtime/routes/global-search-routes.ts

@@ -263,7 +263,9 @@ async function handleGlobalSearch({
       id: c.id,
       displayName: c.displayName,
       notes: c.notes,
-      lastInteraction: c.lastInteraction,
+      // Daemon-native search has no gateway-relayed read; recency orders on
+      // contacts.updatedAt, not the channel-derived lastInteraction column.
+      lastInteraction: c.updatedAt,
     }));
   }
 

package/src/runtime/routes/guardian-action-routes.ts

@@ -14,7 +14,6 @@
 import { z } from "zod";
 
 import { isHttpAuthDisabled } from "../../config/env.js";
-import { findGuardianForChannel } from "../../contacts/contact-store.js";
 import {
   type CanonicalGuardianRequest,
   listPendingRequestsByConversationScope,
@@ -23,6 +22,7 @@ import { ACTOR_PRINCIPALS } from "../auth/route-policy.js";
 import { processGuardianDecision } from "../guardian-action-service.js";
 import type { GuardianDecisionPrompt } from "../guardian-decision-types.js";
 import { buildOneTimeDecisionActions } from "../guardian-decision-types.js";
+import { findLocalGuardianPrincipalId } from "../local-actor-identity.js";
 import { BadRequestError, NotFoundError } from "./errors.js";
 import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
 
@@ -73,16 +73,15 @@ async function handleGuardianActionDecision({
   // Resolve the actor's guardian principal ID. The HTTP adapter injects it
   // from the AuthContext via the x-vellum-actor-principal-id header.
   // For dev bypass (HTTP auth disabled) the synthetic "dev-bypass" principal
-  // won't match the real guardian binding, so fall back to the local guardian
-  // binding to avoid identity_mismatch.
+  // won't match the real guardian binding, so resolve the local guardian
+  // principal to avoid identity_mismatch.
   let guardianPrincipalId: string | undefined =
     headers["x-vellum-actor-principal-id"] ?? undefined;
   if (
     isHttpAuthDisabled() &&
     headers["x-vellum-actor-principal-id"] === "dev-bypass"
   ) {
-    const binding = findGuardianForChannel("vellum");
-    guardianPrincipalId = binding?.contact.principalId ?? undefined;
+    guardianPrincipalId = (await findLocalGuardianPrincipalId()) ?? undefined;
   }
 
   const result = await processGuardianDecision({

package/src/runtime/routes/host-app-control-routes.ts

@@ -39,7 +39,7 @@ const VALID_STATES: ReadonlySet<HostAppControlState> = new Set([
 // POST /v1/host-app-control-result
 // ---------------------------------------------------------------------------
 
-function handleHostAppControlResult({ body, headers }: RouteHandlerArgs) {
+async function handleHostAppControlResult({ body, headers }: RouteHandlerArgs) {
   if (!body || typeof body !== "object") {
     throw new BadRequestError("Request body is required");
   }
@@ -95,9 +95,10 @@ function handleHostAppControlResult({ body, headers }: RouteHandlerArgs) {
         `Client "${submittingClientId}" is not the target for this request (expected "${peeked.targetClientId}"). The targeted client must submit the result.`,
       );
     }
-    const submittingActorPrincipalId = resolveActorPrincipalIdForLocalGuardian(
-      headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
-    );
+    const submittingActorPrincipalId =
+      await resolveActorPrincipalIdForLocalGuardian(
+        headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
+      );
     enforceSameActorOrThrow({
       sourceActorPrincipalId: submittingActorPrincipalId,
       targetActorPrincipalId: peeked.targetActorPrincipalId,

package/src/runtime/routes/host-bash-routes.ts

@@ -26,7 +26,7 @@ import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
 // POST /v1/host-bash-result
 // ---------------------------------------------------------------------------
 
-function handleHostBashResult({ body, headers }: RouteHandlerArgs) {
+async function handleHostBashResult({ body, headers }: RouteHandlerArgs) {
   if (!body || typeof body !== "object") {
     throw new BadRequestError("Request body is required");
   }
@@ -45,9 +45,10 @@ function handleHostBashResult({ body, headers }: RouteHandlerArgs) {
 
   const submittingClientId =
     headers?.["x-vellum-client-id"]?.trim() || undefined;
-  const submittingActorPrincipalId = resolveActorPrincipalIdForLocalGuardian(
-    headers?.["x-vellum-actor-principal-id"]?.trim() || undefined,
-  );
+  const submittingActorPrincipalId =
+    await resolveActorPrincipalIdForLocalGuardian(
+      headers?.["x-vellum-actor-principal-id"]?.trim() || undefined,
+    );
 
   const peeked = pendingInteractions.get(requestId);
   if (!peeked) {

package/src/runtime/routes/host-browser-routes.ts

@@ -61,14 +61,14 @@ export type HostBrowserResultResolution =
  * already authenticated the caller (the HTTP route uses
  * `requireBoundGuardian`).
  */
-export function resolveHostBrowserResultByRequestId(
+export async function resolveHostBrowserResultByRequestId(
   frame: {
     requestId?: unknown;
     content?: unknown;
     isError?: unknown;
   },
   headers?: Record<string, string | undefined>,
-): HostBrowserResultResolution {
+): Promise<HostBrowserResultResolution> {
   const { requestId, content, isError } = frame;
 
   if (!requestId || typeof requestId !== "string") {
@@ -127,9 +127,10 @@ export function resolveHostBrowserResultByRequestId(
     // stream. This prevents a different authenticated user with knowledge of
     // both the requestId and target clientId from submitting a result on
     // behalf of the targeted client.
-    const submittingActorPrincipalId = resolveActorPrincipalIdForLocalGuardian(
-      headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
-    );
+    const submittingActorPrincipalId =
+      await resolveActorPrincipalIdForLocalGuardian(
+        headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
+      );
     try {
       enforceSameActorOrThrow({
         sourceActorPrincipalId: submittingActorPrincipalId,
@@ -260,12 +261,12 @@ export function resolveHostBrowserSessionInvalidated(frame: {
 // POST /v1/host-browser-result
 // ---------------------------------------------------------------------------
 
-function handleHostBrowserResult({ body, headers }: RouteHandlerArgs) {
+async function handleHostBrowserResult({ body, headers }: RouteHandlerArgs) {
   if (!body || typeof body !== "object") {
     throw new BadRequestError("Request body is required");
   }
 
-  const resolution = resolveHostBrowserResultByRequestId(
+  const resolution = await resolveHostBrowserResultByRequestId(
     body,
     headers as Record<string, string | undefined> | undefined,
   );
@@ -399,10 +400,7 @@ export const ROUTES: RouteDefinition[] = [
       "Marks the target as invalidated in the runtime-side browser session registry.",
     tags: ["host"],
     requestBody: z.object({
-      targetId: z
-        .string()
-        .optional()
-        .describe("CDP target that was detached"),
+      targetId: z.string().optional().describe("CDP target that was detached"),
       reason: z.string().optional().describe("Detach reason"),
       clientId: z
         .string()

package/src/runtime/routes/host-cu-routes.ts

@@ -26,7 +26,7 @@ import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
 // POST /v1/host-cu-result
 // ---------------------------------------------------------------------------
 
-function handleHostCuResult({ body, headers }: RouteHandlerArgs) {
+async function handleHostCuResult({ body, headers }: RouteHandlerArgs) {
   if (!body || typeof body !== "object") {
     throw new BadRequestError("Request body is required");
   }
@@ -95,9 +95,10 @@ function handleHostCuResult({ body, headers }: RouteHandlerArgs) {
     // stream. This prevents a different authenticated user with knowledge of
     // both the requestId and target clientId from submitting a result on
     // behalf of the targeted client.
-    const submittingActorPrincipalId = resolveActorPrincipalIdForLocalGuardian(
-      headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
-    );
+    const submittingActorPrincipalId =
+      await resolveActorPrincipalIdForLocalGuardian(
+        headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
+      );
     enforceSameActorOrThrow({
       sourceActorPrincipalId: submittingActorPrincipalId,
       targetActorPrincipalId: peeked.targetActorPrincipalId,

package/src/runtime/routes/host-file-routes.ts

@@ -26,7 +26,7 @@ import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
 // POST /v1/host-file-result
 // ---------------------------------------------------------------------------
 
-function handleHostFileResult({ body, headers }: RouteHandlerArgs) {
+async function handleHostFileResult({ body, headers }: RouteHandlerArgs) {
   if (!body || typeof body !== "object") {
     throw new BadRequestError("Request body is required");
   }
@@ -76,9 +76,10 @@ function handleHostFileResult({ body, headers }: RouteHandlerArgs) {
     // match the actor that opened the target client's SSE stream. This blocks
     // cross-user submissions even if a different user somehow obtains the
     // target client id.
-    const submittingActorPrincipalId = resolveActorPrincipalIdForLocalGuardian(
-      headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
-    );
+    const submittingActorPrincipalId =
+      await resolveActorPrincipalIdForLocalGuardian(
+        headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
+      );
     enforceSameActorOrThrow({
       sourceActorPrincipalId: submittingActorPrincipalId,
       targetActorPrincipalId: peeked.targetActorPrincipalId,

package/src/runtime/routes/host-transfer-routes.ts

@@ -39,10 +39,10 @@ function findProxyByTransferId(transferId: string) {
 // GET /v1/transfers/:transferId/content
 // ---------------------------------------------------------------------------
 
-function handleTransferContentGet({
+async function handleTransferContentGet({
   pathParams = {},
   headers = {},
-}: RouteHandlerArgs): Uint8Array {
+}: RouteHandlerArgs): Promise<Uint8Array> {
   const transferId = pathParams.transferId;
   if (!transferId) {
     throw new BadRequestError("transferId path parameter is required");
@@ -72,7 +72,7 @@ function handleTransferContentGet({
     // the value persisted at registration time so a brief reconnect does
     // not 403 a legitimate fetch.
     enforceSameActorOrThrow({
-      sourceActorPrincipalId: resolveActorPrincipalIdForLocalGuardian(
+      sourceActorPrincipalId: await resolveActorPrincipalIdForLocalGuardian(
         headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
       ),
       targetActorPrincipalId:
@@ -151,7 +151,7 @@ async function handleTransferContentPut({
       );
 
     enforceSameActorOrThrow({
-      sourceActorPrincipalId: resolveActorPrincipalIdForLocalGuardian(
+      sourceActorPrincipalId: await resolveActorPrincipalIdForLocalGuardian(
         headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
       ),
       targetActorPrincipalId:
@@ -181,7 +181,7 @@ async function handleTransferContentPut({
 // POST /v1/host-transfer-result
 // ---------------------------------------------------------------------------
 
-function handleTransferResult({ body, headers }: RouteHandlerArgs) {
+async function handleTransferResult({ body, headers }: RouteHandlerArgs) {
   if (!body || typeof body !== "object") {
     throw new BadRequestError("Request body is required");
   }
@@ -222,7 +222,7 @@ function handleTransferResult({ body, headers }: RouteHandlerArgs) {
       );
 
     enforceSameActorOrThrow({
-      sourceActorPrincipalId: resolveActorPrincipalIdForLocalGuardian(
+      sourceActorPrincipalId: await resolveActorPrincipalIdForLocalGuardian(
         headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
       ),
       targetActorPrincipalId: peeked.targetActorPrincipalId,

package/src/runtime/routes/http-adapter.ts

@@ -51,7 +51,7 @@ export function routeDefinitionsToHTTPRoutes(
     handler: async ({ req, url, params, authContext }) => {
       try {
         if (r.requireGuardian) {
-          const guardianError = requireBoundGuardian(authContext);
+          const guardianError = await requireBoundGuardian(authContext);
           if (guardianError) return guardianError;
         }
 

package/src/runtime/routes/identity-routes.ts

@@ -10,7 +10,8 @@ import { z } from "zod";
 import { getCpuLimit, getIsPlatform } from "../../config/env-registry.js";
 import { parseIdentityFields } from "../../daemon/handlers/identity.js";
 import { getProfilerRuntimeStatus } from "../../daemon/profiler-run-store.js";
-import { getMaxMigrationVersion } from "../../memory/migrations/registry.js";
+import { getMaxRollbackVersion } from "../../memory/migrations/run-migrations.js";
+import { migrationSteps } from "../../memory/steps.js";
 import { getCesClient } from "../../security/secure-keys.js";
 import {
   getDiskUsageInfo,
@@ -335,7 +336,7 @@ function getDetailedHealth() {
     memory: getMemoryInfo(),
     cpu: getCpuInfo(),
     migrations: {
-      dbVersion: getMaxMigrationVersion(),
+      dbVersion: getMaxRollbackVersion(migrationSteps),
       lastWorkspaceMigrationId:
         getLastWorkspaceMigrationId(WORKSPACE_MIGRATIONS),
     },

package/src/runtime/routes/inbound-message-handler.ts

@@ -680,7 +680,7 @@ export async function handleChannelInbound({
       canonicalAssistantId,
       assistantId,
       content,
-      channelId: resolvedMember?.channel.id,
+      channelId: resolvedMember?.channelId,
     });
   }
 
@@ -761,7 +761,7 @@ export async function handleChannelInbound({
       : enforceAdmissionPolicy({
           sourceChannel,
           trustClass: trustCtx.trustClass,
-          memberStatus: resolvedMember?.channel.status,
+          memberStatus: resolvedMember?.status,
           policy: admissionPolicyFromGateway,
         });
   if (!admissionResult.admitted) {
@@ -801,7 +801,7 @@ export async function handleChannelInbound({
     // guardian sees "previously pending" etc.
     let guardianNotified = false;
     try {
-      const accessResult = notifyGuardianOfAccessRequest({
+      const accessResult = await notifyGuardianOfAccessRequest({
         canonicalAssistantId,
         sourceChannel,
         conversationExternalId,
@@ -811,7 +811,7 @@ export async function handleChannelInbound({
         ...(resolvedMember
           ? {
               previousMemberStatus: channelStatusToMemberStatus(
-                resolvedMember.channel.status,
+                resolvedMember.status,
               ),
             }
           : {}),
@@ -935,7 +935,7 @@ export async function handleChannelInbound({
   }
 
   // ── Ingress escalation ──
-  const escalationResponse = handleEscalationIntercept({
+  const escalationResponse = await handleEscalationIntercept({
     resolvedMember,
     canonicalAssistantId,
     sourceChannel,