@vellumai/assistant 0.10.3 → 0.10.4-staging.1

package/src/runtime/__tests__/trust-verdict-consumer.test.ts

@@ -4,6 +4,8 @@ import type { TrustVerdict } from "@vellumai/gateway-client";
 
 import { channelStatusToMemberStatus } from "../../contacts/member-status.js";
 import type {
+  ChannelPolicy,
+  ChannelStatus,
   ContactChannel,
   ContactWithChannels,
 } from "../../contacts/types.js";
@@ -11,7 +13,6 @@ import type { ActorTrustContext } from "../actor-trust-resolver.js";
 import { toTrustContext } from "../actor-trust-resolver.js";
 import {
   actorTrustContextFromVerdict,
-  resolvedMemberFromVerdict,
   trustContextFromVerdict,
   verdictHasMemberIdentity,
   verdictMemberFromVerdict,
@@ -288,8 +289,77 @@ describe("actorTrustContextFromVerdict", () => {
     expect(ctx.memberRecord).not.toBeNull();
     expect(ctx.memberRecord!.contact.id).toBe("contact-1");
     expect(ctx.memberRecord!.channel.id).toBe("channel-1");
-    expect(ctx.memberRecord!.channel.status).toBe("blocked");
-    expect(ctx.memberRecord!.channel.policy).toBe("deny");
+    expect(ctx.memberRecord!.status).toBe("blocked");
+    expect(ctx.memberRecord!.policy).toBe("deny");
+  });
+
+  test("memberRecord surfaces channel ACL/identity, info fields null", () => {
+    const verdict = {
+      trustClass: "trusted_contact",
+      canonicalSenderId: "u-1",
+      contactId: "contact-1",
+      channelId: "channel-1",
+      type: "slack",
+      address: "u-1",
+      status: "active",
+      policy: "allow",
+      externalChatId: "chat-1",
+      verifiedAt: 1700000000,
+      verifiedVia: "code",
+      memberDisplayName: "Dora",
+    } satisfies TrustVerdict;
+
+    const { memberRecord } = actorTrustContextFromVerdict(verdict, {
+      sourceChannel: "slack",
+      conversationExternalId: CONV,
+    });
+    expect(memberRecord!.status).toBe("active");
+    expect(memberRecord!.policy).toBe("allow");
+    expect(memberRecord!.channel.externalChatId).toBe("chat-1");
+
+    expect(memberRecord!.contact.displayName).toBe("Dora");
+    expect(memberRecord!.role).toBe("contact");
+    // INFO fields must be null/default placeholders.
+    expect(memberRecord!.contact.notes).toBeNull();
+    expect(memberRecord!.contact.userFile).toBeNull();
+    expect(memberRecord!.contact.interactionCount).toBe(0);
+    expect(memberRecord!.contact.lastInteraction).toBeNull();
+  });
+
+  test("guardian member verdict maps role guardian + principalId", () => {
+    const verdict = {
+      trustClass: "guardian",
+      canonicalSenderId: "u-g",
+      contactId: "contact-g",
+      channelId: "channel-g",
+      guardianPrincipalId: "vellum-principal-g",
+      status: "active",
+      policy: "allow",
+    } satisfies TrustVerdict;
+
+    const ctx = actorTrustContextFromVerdict(verdict, {
+      sourceChannel: "slack",
+      conversationExternalId: CONV,
+    });
+    expect(ctx.memberRecord!.role).toBe("guardian");
+    expect(ctx.guardianPrincipalId).toBe("vellum-principal-g");
+  });
+
+  test("memberRecord null when status missing (fail-closed)", () => {
+    const verdict = {
+      trustClass: "trusted_contact",
+      canonicalSenderId: "u-4",
+      contactId: "contact-4",
+      channelId: "channel-4",
+      policy: "allow",
+    } satisfies TrustVerdict;
+
+    expect(
+      actorTrustContextFromVerdict(verdict, {
+        sourceChannel: "slack",
+        conversationExternalId: CONV,
+      }).memberRecord,
+    ).toBeNull();
   });
 
   test("stranger verdict (no contactId/channelId) leaves memberRecord null", () => {
@@ -347,20 +417,18 @@ describe("actorTrustContextFromVerdict", () => {
       actorTrustContextFromVerdict(verdict, input),
       input.conversationExternalId,
     );
-    const member = resolvedMemberFromVerdict(verdict);
+    const member = verdictMemberFromVerdict(verdict);
     expect(member).not.toBeNull();
-    expected.requesterContactId = member!.contact.id;
-    expected.memberStatus = channelStatusToMemberStatus(member!.channel.status);
-    expected.memberPolicy = member!.channel.policy;
+    expected.requesterContactId = member!.contactId;
+    expected.memberStatus = channelStatusToMemberStatus(member!.status);
+    expected.memberPolicy = member!.policy;
 
     expect(trustContextFromVerdict(verdict, input)).toEqual(expected);
   });
 });
 
 describe("toTrustContext member grounding", () => {
-  function memberChannel(
-    overrides: Partial<ContactChannel> = {},
-  ): ContactChannel {
+  function memberChannel(): ContactChannel {
     return {
       id: "channel-1",
       contactId: "contact-1",
@@ -368,19 +436,12 @@ describe("toTrustContext member grounding", () => {
       address: "+15550100",
       isPrimary: true,
       externalChatId: null,
-      status: "unverified",
-      policy: "escalate",
-      verifiedAt: null,
-      verifiedVia: null,
       inviteId: null,
-      revokedReason: null,
-      blockedReason: null,
       lastSeenAt: null,
       interactionCount: 0,
       lastInteraction: null,
       updatedAt: null,
       createdAt: 0,
-      ...overrides,
     };
   }
 
@@ -389,24 +450,34 @@ describe("toTrustContext member grounding", () => {
       id: "contact-1",
       displayName: "Frank",
       notes: null,
+      role: "contact",
       lastInteraction: null,
       interactionCount: 0,
       createdAt: 0,
       updatedAt: 0,
-      role: "contact",
       contactType: "human",
-      principalId: null,
       userFile: null,
       channels: [memberChannel()],
     };
   }
 
-  function ctxWithMember(channel: ContactChannel): ActorTrustContext {
+  function ctxWithMember(
+    acl: { status: ChannelStatus; policy: ChannelPolicy } = {
+      status: "unverified",
+      policy: "escalate",
+    },
+  ): ActorTrustContext {
     return {
       canonicalSenderId: "+15550100",
       guardianBindingMatch: null,
       guardianPrincipalId: undefined,
-      memberRecord: { contact: memberContact(), channel },
+      memberRecord: {
+        contact: memberContact(),
+        channel: memberChannel(),
+        status: acl.status,
+        policy: acl.policy,
+        role: "contact",
+      },
       trustClass: "trusted_contact",
       actorMetadata: {
         identifier: "+15550100",
@@ -421,7 +492,7 @@ describe("toTrustContext member grounding", () => {
   }
 
   test("populates member fields from memberRecord (voice path)", () => {
-    const context = toTrustContext(ctxWithMember(memberChannel()), CONV);
+    const context = toTrustContext(ctxWithMember(), CONV);
     expect(context.requesterContactId).toBe("contact-1");
     // "unverified" maps to the API-facing "pending" member status.
     expect(context.memberStatus).toBe("pending");
@@ -430,7 +501,7 @@ describe("toTrustContext member grounding", () => {
 
   test("passes through active status + allow policy", () => {
     const context = toTrustContext(
-      ctxWithMember(memberChannel({ status: "active", policy: "allow" })),
+      ctxWithMember({ status: "active", policy: "allow" }),
       CONV,
     );
     expect(context.memberStatus).toBe("active");
@@ -463,151 +534,6 @@ describe("toTrustContext member grounding", () => {
   });
 });
 
-describe("resolvedMemberFromVerdict", () => {
-  test("member verdict surfaces channel ACL/identity, info fields null", () => {
-    const verdict = {
-      trustClass: "trusted_contact",
-      canonicalSenderId: "u-1",
-      contactId: "contact-1",
-      channelId: "channel-1",
-      type: "slack",
-      address: "u-1",
-      status: "active",
-      policy: "allow",
-      externalChatId: "chat-1",
-      verifiedAt: 1700000000,
-      verifiedVia: "code",
-      memberDisplayName: "Dora",
-    } satisfies TrustVerdict;
-
-    const member = resolvedMemberFromVerdict(verdict);
-    expect(member).not.toBeNull();
-    expect(member!.channel.id).toBe("channel-1");
-    expect(member!.channel.status).toBe("active");
-    expect(member!.channel.policy).toBe("allow");
-    expect(member!.channel.verifiedAt).toBe(1700000000);
-    expect(member!.channel.verifiedVia).toBe("code");
-    expect(member!.channel.externalChatId).toBe("chat-1");
-
-    expect(member!.contact.id).toBe("contact-1");
-    expect(member!.contact.displayName).toBe("Dora");
-    expect(member!.contact.role).toBe("contact");
-    // INFO fields must be null/default placeholders.
-    expect(member!.contact.notes).toBeNull();
-    expect(member!.contact.userFile).toBeNull();
-    expect(member!.contact.interactionCount).toBe(0);
-    expect(member!.contact.lastInteraction).toBeNull();
-  });
-
-  test("guardian member verdict maps role guardian + principalId", () => {
-    const verdict = {
-      trustClass: "guardian",
-      canonicalSenderId: "u-g",
-      contactId: "contact-g",
-      channelId: "channel-g",
-      guardianPrincipalId: "vellum-principal-g",
-      status: "active",
-      policy: "allow",
-    } satisfies TrustVerdict;
-
-    const member = resolvedMemberFromVerdict(verdict);
-    expect(member!.contact.role).toBe("guardian");
-    expect(member!.contact.principalId).toBe("vellum-principal-g");
-  });
-
-  test("memberless verdict (no contactId) returns null", () => {
-    const verdict = {
-      trustClass: "unknown",
-      canonicalSenderId: "u-2",
-    } satisfies TrustVerdict;
-
-    expect(resolvedMemberFromVerdict(verdict)).toBeNull();
-  });
-
-  test("member verdict missing status returns null (fail-closed)", () => {
-    const verdict = {
-      trustClass: "trusted_contact",
-      canonicalSenderId: "u-4",
-      contactId: "contact-4",
-      channelId: "channel-4",
-      policy: "allow",
-    } satisfies TrustVerdict;
-
-    expect(resolvedMemberFromVerdict(verdict)).toBeNull();
-  });
-
-  test("member verdict missing policy returns null (fail-closed)", () => {
-    const verdict = {
-      trustClass: "trusted_contact",
-      canonicalSenderId: "u-5",
-      contactId: "contact-5",
-      channelId: "channel-5",
-      status: "active",
-    } satisfies TrustVerdict;
-
-    expect(resolvedMemberFromVerdict(verdict)).toBeNull();
-  });
-
-  test("member verdict with unknown policy returns null (fail-closed)", () => {
-    const verdict = {
-      trustClass: "trusted_contact",
-      canonicalSenderId: "u-6",
-      contactId: "contact-6",
-      channelId: "channel-6",
-      status: "active",
-      policy: "bogus",
-    } satisfies TrustVerdict;
-
-    expect(resolvedMemberFromVerdict(verdict)).toBeNull();
-  });
-
-  test("member verdict with unknown status returns null (fail-closed)", () => {
-    const verdict = {
-      trustClass: "trusted_contact",
-      canonicalSenderId: "u-7",
-      contactId: "contact-7",
-      channelId: "channel-7",
-      status: "quarantined",
-      policy: "allow",
-    } satisfies TrustVerdict;
-
-    expect(resolvedMemberFromVerdict(verdict)).toBeNull();
-  });
-
-  test("member verdict with valid known status+policy returns a member", () => {
-    const verdict = {
-      trustClass: "trusted_contact",
-      canonicalSenderId: "u-8",
-      contactId: "contact-8",
-      channelId: "channel-8",
-      status: "active",
-      policy: "allow",
-    } satisfies TrustVerdict;
-
-    const member = resolvedMemberFromVerdict(verdict);
-    expect(member).not.toBeNull();
-    expect(member!.channel.status).toBe("active");
-    expect(member!.channel.policy).toBe("allow");
-  });
-
-  test("blocked/revoked verdict surfaces channel.status verbatim", () => {
-    for (const status of ["blocked", "revoked"] as const) {
-      const verdict = {
-        trustClass: "unknown",
-        canonicalSenderId: "u-3",
-        contactId: "contact-3",
-        channelId: "channel-3",
-        status,
-        policy: "deny",
-      } satisfies TrustVerdict;
-
-      const member = resolvedMemberFromVerdict(verdict);
-      expect(member!.channel.status).toBe(status);
-      expect(member!.channel.policy).toBe("deny");
-    }
-  });
-});
-
 describe("verdictMemberFromVerdict", () => {
   test("active member verdict yields the narrow ACL view", () => {
     const verdict = {
@@ -684,6 +610,27 @@ describe("verdictMemberFromVerdict", () => {
       } satisfies TrustVerdict),
     ).toBeNull();
   });
+
+  test("missing status or policy returns null (fail-closed)", () => {
+    expect(
+      verdictMemberFromVerdict({
+        trustClass: "trusted_contact",
+        canonicalSenderId: "u-4",
+        contactId: "contact-4",
+        channelId: "channel-4",
+        policy: "allow",
+      } satisfies TrustVerdict),
+    ).toBeNull();
+    expect(
+      verdictMemberFromVerdict({
+        trustClass: "trusted_contact",
+        canonicalSenderId: "u-5",
+        contactId: "contact-5",
+        channelId: "channel-5",
+        status: "active",
+      } satisfies TrustVerdict),
+    ).toBeNull();
+  });
 });
 
 describe("verdict predicates", () => {

package/src/runtime/access-request-helper.ts

@@ -97,11 +97,10 @@ export async function notifyGuardianOfAccessRequest(
 
   // Resolve guardian identity with the assistant-anchored strategy (gateway
   // source-channel match validated against the vellum anchor, else the vellum
-  // anchor), with a LOCAL-store fallback when the gateway read is empty.
+  // anchor).
   const anchored = resolveAnchoredGuardian({
     guardians: await getGuardianDelivery(),
     sourceChannel,
-    useLocalFallback: true,
   });
   const guardianExternalUserId = anchored?.address ?? null;
   const guardianPrincipalId = anchored?.principalId ?? null;

package/src/runtime/actor-trust-resolver.ts

@@ -17,15 +17,23 @@
  */
 
 import type { ChannelId } from "../channels/types.js";
+import { findContactByAddress } from "../contacts/contact-store.js";
 import {
-  findContactByAddress,
-  findGuardianForChannel,
-} from "../contacts/contact-store.js";
+  guardianForChannel,
+  peekCachedGuardianDelivery,
+} from "../contacts/guardian-delivery-reader.js";
 import { channelStatusToMemberStatus } from "../contacts/member-status.js";
-import type { ContactChannel, ContactWithChannels } from "../contacts/types.js";
+import type {
+  ChannelPolicy,
+  ChannelStatus,
+  ContactChannel,
+  ContactRole,
+  ContactWithChannels,
+} from "../contacts/types.js";
 import type { TrustContext } from "../daemon/trust-context.js";
 import { canonicalizeInboundIdentity } from "../util/canonicalize-identity.js";
 import { getLogger } from "../util/logger.js";
+import { getCachedMemberAcl } from "./member-verdict-cache.js";
 
 const log = getLogger("actor-trust-resolver");
 
@@ -78,10 +86,18 @@ export interface ActorTrustContext {
   } | null;
   /** Canonical principal ID from the guardian binding. */
   guardianPrincipalId?: string;
-  /** Resolved contact + channel for this sender, if any. */
+  /**
+   * Resolved contact + channel for this sender, if any. The ACL view
+   * (status/policy/role) is carried here rather than on the contact/channel
+   * objects, sourced from the gateway verdict — the verdict path reads it
+   * inline, the sync fallback from the in-memory member-verdict cache.
+   */
   memberRecord: {
     contact: ContactWithChannels;
     channel: ContactChannel;
+    status: ChannelStatus;
+    policy: ChannelPolicy;
+    role: ContactRole;
   } | null;
   /** Trust classification. */
   trustClass: TrustClass;
@@ -175,21 +191,27 @@ export function resolveActorTrust(
   }
 
   // --- Guardian lookup ---
-  const guardianResult = findGuardianForChannel(input.sourceChannel);
+  // Sync read of the gateway guardian delivery from the IO-free cache snapshot
+  // (kept warm by the async hot paths + daemon-startup warm). A cold cache
+  // yields no guardian match, the same outcome as no binding.
+  const cachedGuardians = peekCachedGuardianDelivery({
+    channelTypes: [input.sourceChannel],
+  });
+  const guardianDelivery = cachedGuardians
+    ? guardianForChannel(cachedGuardians, input.sourceChannel)
+    : undefined;
   let guardianBindingMatch: ActorTrustContext["guardianBindingMatch"] = null;
   let guardianPrincipalId: string | undefined;
   let isGuardian = false;
 
-  if (guardianResult) {
-    const { contact: guardianContact, channel: guardianChannel } =
-      guardianResult;
+  if (guardianDelivery) {
     guardianBindingMatch = {
-      guardianExternalUserId: guardianChannel.address,
-      guardianDeliveryChatId: guardianChannel.externalChatId,
+      guardianExternalUserId: guardianDelivery.address,
+      guardianDeliveryChatId: guardianDelivery.externalChatId ?? null,
     };
-    guardianPrincipalId = guardianContact.principalId ?? undefined;
+    guardianPrincipalId = guardianDelivery.principalId ?? undefined;
     isGuardian =
-      guardianChannel.address.toLowerCase() === canonicalSenderId.toLowerCase();
+      guardianDelivery.address.toLowerCase() === canonicalSenderId.toLowerCase();
   }
 
   log.debug(
@@ -213,7 +235,12 @@ export function resolveActorTrust(
       ch.address.toLowerCase() === canonicalSenderId.toLowerCase(),
   );
   if (byAddress && byAddressChannel) {
-    memberRecord = { contact: byAddress, channel: byAddressChannel };
+    const acl = getCachedMemberAcl(input.sourceChannel, canonicalSenderId);
+    if (acl) {
+      memberRecord = { contact: byAddress, channel: byAddressChannel, ...acl };
+    }
+    // Fail-closed: already in the sync fallback (no live verdict) and no cached
+    // verdict → leave memberRecord null so trustClass resolves to unknown.
   }
 
   log.debug(
@@ -252,7 +279,7 @@ export function resolveActorTrust(
   if (isGuardian) {
     trustClass = "guardian";
   } else if (memberMatchesSender && memberRecord) {
-    const status = memberRecord.channel.status;
+    const status = memberRecord.status;
     if (status === "active") {
       trustClass = "trusted_contact";
     } else if (status === "unverified" || status === "pending") {
@@ -327,8 +354,8 @@ export function toTrustContext(
     // both populate it).
     requesterContactId: ctx.memberRecord?.contact.id,
     memberStatus: ctx.memberRecord
-      ? channelStatusToMemberStatus(ctx.memberRecord.channel.status)
+      ? channelStatusToMemberStatus(ctx.memberRecord.status)
       : undefined,
-    memberPolicy: ctx.memberRecord?.channel.policy,
+    memberPolicy: ctx.memberRecord?.policy,
   };
 }

package/src/runtime/anchored-guardian.test.ts

@@ -2,24 +2,14 @@
  * Unit tests for `resolveAnchoredGuardian`.
  *
  * Covers the gateway arms (source-channel match validated against the vellum
- * anchor, vellum-anchor fallback), the LOCAL-store fallback when the gateway
- * list is empty, and the cosmetic `requireAnchorPrincipal` guard.
+ * anchor, vellum-anchor fallback) and the cosmetic `requireAnchorPrincipal`
+ * guard.
  */
-import { afterEach, describe, expect, mock, test } from "bun:test";
+import { describe, expect, test } from "bun:test";
 
 import type { GuardianDelivery } from "@vellumai/gateway-client";
 
-// Local store fallback is mocked so we can drive both arms deterministically.
-let localGuardians: Record<
-  string,
-  { contact: { principalId: string | null; displayName: string }; channel: { address: string; type: string } } | null
-> = {};
-mock.module("../contacts/contact-store.js", () => ({
-  findGuardianForChannel: (channelType: string) =>
-    localGuardians[channelType] ?? null,
-}));
-
-const { resolveAnchoredGuardian } = await import("./anchored-guardian.js");
+import { resolveAnchoredGuardian } from "./anchored-guardian.js";
 
 function gw(g: Partial<GuardianDelivery> & { channelType: string; address: string }): GuardianDelivery {
   return {
@@ -29,10 +19,6 @@ function gw(g: Partial<GuardianDelivery> & { channelType: string; address: strin
   };
 }
 
-afterEach(() => {
-  localGuardians = {};
-});
-
 describe("resolveAnchoredGuardian — gateway arm", () => {
   test("source-channel guardian matching the anchor wins", () => {
     const result = resolveAnchoredGuardian({
@@ -80,40 +66,8 @@ describe("resolveAnchoredGuardian — gateway arm", () => {
   });
 });
 
-describe("resolveAnchoredGuardian — local fallback", () => {
-  test("gateway empty + local source-channel match returns the local record", () => {
-    localGuardians = {
-      vellum: { contact: { principalId: "p-local", displayName: "LocalVellum" }, channel: { address: "lv-addr", type: "vellum" } },
-      telegram: { contact: { principalId: "p-local", displayName: "LocalAlice" }, channel: { address: "ltg-addr", type: "telegram" } },
-    };
-    const result = resolveAnchoredGuardian({
-      guardians: null,
-      sourceChannel: "telegram",
-      useLocalFallback: true,
-    });
-    expect(result).toEqual({
-      principalId: "p-local",
-      address: "ltg-addr",
-      displayName: "LocalAlice",
-      channelType: "telegram",
-      source: "source-channel-contact",
-    });
-  });
-
-  test("gateway empty + only local vellum returns the local vellum-anchor", () => {
-    localGuardians = {
-      vellum: { contact: { principalId: "p-local", displayName: "LocalVellum" }, channel: { address: "lv-addr", type: "vellum" } },
-    };
-    const result = resolveAnchoredGuardian({
-      guardians: null,
-      sourceChannel: "telegram",
-      useLocalFallback: true,
-    });
-    expect(result?.source).toBe("vellum-anchor");
-    expect(result?.address).toBe("lv-addr");
-  });
-
-  test("gateway empty + no local + fallback disabled returns null", () => {
+describe("resolveAnchoredGuardian — gateway empty", () => {
+  test("null gateway list returns null", () => {
     const result = resolveAnchoredGuardian({
       guardians: null,
       sourceChannel: "telegram",
@@ -121,11 +75,10 @@ describe("resolveAnchoredGuardian — local fallback", () => {
     expect(result).toBeNull();
   });
 
-  test("nothing anywhere returns null", () => {
+  test("empty gateway list returns null", () => {
     const result = resolveAnchoredGuardian({
       guardians: [],
       sourceChannel: "telegram",
-      useLocalFallback: true,
     });
     expect(result).toBeNull();
   });

package/src/runtime/anchored-guardian.ts

@@ -7,16 +7,13 @@
  * anchor identity is used. This blocks stale or cross-assistant contacts from
  * being bound to a request.
  *
- * Gateway-first: resolves from the gateway delivery list, then falls back to
- * the LOCAL dual-written binding when the gateway read is empty/unavailable
- * (restart, timeout, malformed IPC). The local fallback is transitional and is
- * removed in a later step.
+ * Resolves from the gateway delivery list, the source of truth for guardian
+ * principals.
  */
 
 import type { GuardianDelivery } from "@vellumai/gateway-client";
 
 import type { ChannelId } from "../channels/types.js";
-import { findGuardianForChannel } from "../contacts/contact-store.js";
 import { guardianForChannel } from "../contacts/guardian-delivery-reader.js";
 import type { GuardianResolutionSource } from "../notifications/signal.js";
 
@@ -33,13 +30,6 @@ export interface ResolveAnchoredGuardianInput {
   /** Gateway delivery list; `null` when the gateway read failed/was empty. */
   guardians: GuardianDelivery[] | null;
   sourceChannel: ChannelId;
-  /**
-   * Fall back to the LOCAL dual-written binding when the gateway arm resolves
-   * nothing. Access-request enables this to avoid an undecidable request; the
-   * cosmetic guardian-label path leaves it off so a missing gateway read
-   * degrades gracefully to the default reference.
-   */
-  useLocalFallback?: boolean;
   /**
    * Require a non-null anchor principal for the vellum-anchor arm. When the
    * vellum guardian has no principal, return `null` instead of a vellum-anchor
@@ -52,12 +42,12 @@ export interface ResolveAnchoredGuardianInput {
 /**
  * Resolve the anchored guardian for `sourceChannel`, or `null` when none can be
  * resolved. Gateway source-channel match → that record; gateway anchor-only →
- * vellum-anchor; gateway empty + local has it → local fallback record.
+ * vellum-anchor.
  */
 export function resolveAnchoredGuardian(
   input: ResolveAnchoredGuardianInput,
 ): AnchoredGuardian | null {
-  const { sourceChannel, useLocalFallback, requireAnchorPrincipal } = input;
+  const { sourceChannel, requireAnchorPrincipal } = input;
   const guardians = input.guardians ?? [];
 
   const vellumGuardian = guardianForChannel(guardians, "vellum");
@@ -92,44 +82,5 @@ export function resolveAnchoredGuardian(
     };
   }
 
-  // Gateway resolved a principal — done.
-  if (resolved?.principalId) {
-    return resolved;
-  }
-
-  if (!useLocalFallback) {
-    return resolved;
-  }
-
-  // Fallback: gateway read was empty/unavailable (or carried no principal), so
-  // resolve from the LOCAL dual-written binding to avoid an undecidable
-  // request. A local match overwrites the principal-less gateway record; with
-  // no local match the gateway record (if any) is retained.
-  const localVellum = findGuardianForChannel("vellum");
-  const localAnchorPrincipalId = localVellum?.contact.principalId;
-  const localSource = findGuardianForChannel(sourceChannel);
-  if (
-    localAnchorPrincipalId &&
-    localSource &&
-    localSource.contact.principalId === localAnchorPrincipalId
-  ) {
-    return {
-      principalId: localSource.contact.principalId,
-      address: localSource.channel.address,
-      displayName: localSource.contact.displayName,
-      channelType: localSource.channel.type,
-      source: "source-channel-contact",
-    };
-  }
-  if (localVellum) {
-    return {
-      principalId: localAnchorPrincipalId ?? null,
-      address: localVellum.channel.address,
-      displayName: localVellum.contact.displayName,
-      channelType: "vellum",
-      source: "vellum-anchor",
-    };
-  }
-
   return resolved;
 }