@vellumai/assistant 0.3.27 → 0.4.0

package/src/calls/guardian-dispatch.ts

@@ -7,14 +7,13 @@
  * 3. Records guardian_action_delivery rows from pipeline delivery results
  */
 
-import { getActiveBinding } from '../memory/channel-guardian-store.js';
 import {
-  countPendingRequestsByCallSessionId,
-  createGuardianActionDelivery,
-  createGuardianActionRequest,
-  getGuardianConversationIdForCallSession,
-  updateDeliveryStatus,
-} from '../memory/guardian-action-store.js';
+  createCanonicalGuardianDelivery,
+  createCanonicalGuardianRequest,
+  listCanonicalGuardianDeliveries,
+  listCanonicalGuardianRequests,
+  updateCanonicalGuardianDelivery,
+} from '../memory/canonical-guardian-store.js';
 import { emitNotificationSignal } from '../notifications/emit-signal.js';
 import type { NotificationDeliveryResult } from '../notifications/types.js';
 import { getLogger } from '../util/logger.js';
@@ -41,11 +40,10 @@ export interface GuardianDispatchParams {
 
 function applyDeliveryStatus(deliveryId: string, result: NotificationDeliveryResult): void {
   if (result.status === 'sent') {
-    updateDeliveryStatus(deliveryId, 'sent');
+    updateCanonicalGuardianDelivery(deliveryId, { status: 'sent' });
     return;
   }
-  const errorMessage = result.errorMessage ?? `Notification delivery status: ${result.status}`;
-  updateDeliveryStatus(deliveryId, 'failed', errorMessage);
+  updateCanonicalGuardianDelivery(deliveryId, { status: 'failed' });
 }
 
 /**
@@ -90,36 +88,53 @@ async function dispatchGuardianQuestionInner(params: GuardianDispatchParams): Pr
   try {
     const expiresAt = Date.now() + getUserConsultationTimeoutMs();
 
-    // Create the action request record
-    const request = createGuardianActionRequest({
-      assistantId,
-      kind: 'ask_guardian',
+    // Create the canonical guardian request as the primary record.
+    const request = createCanonicalGuardianRequest({
+      kind: 'pending_question',
+      sourceType: 'voice',
       sourceChannel: 'voice',
-      sourceConversationId: conversationId,
+      conversationId,
       callSessionId,
       pendingQuestionId: pendingQuestion.id,
       questionText: pendingQuestion.questionText,
-      expiresAt,
       toolName,
       inputDigest,
+      expiresAt: new Date(expiresAt).toISOString(),
     });
 
     log.info(
       { requestId: request.id, requestCode: request.requestCode, callSessionId },
-      'Created guardian action request',
+      'Created canonical guardian request for voice dispatch',
     );
 
-    // Count how many guardian requests are already pending for this call.
-    // This count is a candidate-affinity hint: the decision engine uses it
-    // to prefer reusing an existing thread when multiple questions arise
-    // in the same call session.
-    const activeGuardianRequestCount = countPendingRequestsByCallSessionId(callSessionId);
+    // Count how many canonical guardian requests are already pending for
+    // this call session. Used as a candidate-affinity hint so the decision
+    // engine prefers reusing an existing thread.
+    const activeGuardianRequestCount = listCanonicalGuardianRequests({
+      status: 'pending',
+      sourceType: 'voice',
+    }).filter(r => r.callSessionId === callSessionId).length;
 
     // Look up the vellum conversation used for the first guardian question
-    // in this call session. When found, pass it as an affinity hint so the
-    // notification pipeline deterministically routes to the same conversation
-    // instead of letting the LLM choose a different thread.
-    const existingGuardianConversationId = getGuardianConversationIdForCallSession(callSessionId);
+    // delivery in this call session. When found, pass it as an affinity hint
+    // so the notification pipeline deterministically routes to the same
+    // conversation instead of letting the LLM choose a different thread.
+    // Find earlier canonical requests for this call session and check their
+    // deliveries for a vellum destination conversation ID.
+    let existingGuardianConversationId: string | null = null;
+    const priorRequests = listCanonicalGuardianRequests({
+      sourceType: 'voice',
+    }).filter(r => r.callSessionId === callSessionId && r.id !== request.id);
+    for (const priorReq of priorRequests) {
+      const deliveries = listCanonicalGuardianDeliveries(priorReq.id);
+      const vellumDelivery = deliveries.find(
+        d => d.destinationChannel === 'vellum' && d.destinationConversationId,
+      );
+      if (vellumDelivery?.destinationConversationId) {
+        existingGuardianConversationId = vellumDelivery.destinationConversationId;
+        break;
+      }
+    }
     const conversationAffinityHint = existingGuardianConversationId
       ? { vellum: existingGuardianConversationId }
       : undefined;
@@ -158,7 +173,7 @@ async function dispatchGuardianQuestionInner(params: GuardianDispatchParams): Pr
       dedupeKey: `guardian:${request.id}`,
       onThreadCreated: (info) => {
         if (info.sourceEventName !== 'guardian.question' || vellumDeliveryId) return;
-        const delivery = createGuardianActionDelivery({
+        const delivery = createCanonicalGuardianDelivery({
           requestId: request.id,
           destinationChannel: 'vellum',
           destinationConversationId: info.conversationId,
@@ -167,13 +182,10 @@ async function dispatchGuardianQuestionInner(params: GuardianDispatchParams): Pr
       },
     });
 
-    const telegramBinding = getActiveBinding(assistantId, 'telegram');
-    const smsBinding = getActiveBinding(assistantId, 'sms');
-
     for (const result of signalResult.deliveryResults) {
       if (result.channel === 'vellum') {
         if (!vellumDeliveryId) {
-          const delivery = createGuardianActionDelivery({
+          const delivery = createCanonicalGuardianDelivery({
             requestId: request.id,
             destinationChannel: 'vellum',
             destinationConversationId: result.conversationId,
@@ -188,26 +200,20 @@ async function dispatchGuardianQuestionInner(params: GuardianDispatchParams): Pr
         continue;
       }
 
-      const binding = result.channel === 'telegram' ? telegramBinding : smsBinding;
-      const delivery = createGuardianActionDelivery({
+      const delivery = createCanonicalGuardianDelivery({
         requestId: request.id,
         destinationChannel: result.channel,
         destinationChatId: result.destination.length > 0 ? result.destination : undefined,
-        destinationExternalUserId: binding?.guardianExternalUserId,
       });
       applyDeliveryStatus(delivery.id, result);
     }
 
     if (!vellumDeliveryId) {
-      const fallback = createGuardianActionDelivery({
+      const fallback = createCanonicalGuardianDelivery({
         requestId: request.id,
         destinationChannel: 'vellum',
       });
-      updateDeliveryStatus(
-        fallback.id,
-        'failed',
-        `No vellum delivery result from notification pipeline (${signalResult.reason})`,
-      );
+      updateCanonicalGuardianDelivery(fallback.id, { status: 'failed' });
       log.warn(
         { requestId: request.id, reason: signalResult.reason },
         'Notification pipeline did not produce a vellum delivery result',

package/src/calls/relay-server.ts

@@ -10,21 +10,25 @@ import { randomInt } from 'node:crypto';
 
 import type { ServerWebSocket } from 'bun';
 
+import { isAssistantFeatureFlagEnabled } from '../config/assistant-feature-flags.js';
 import { getConfig } from '../config/loader.js';
 import * as conversationStore from '../memory/conversation-store.js';
+import { findActiveVoiceInvites } from '../memory/ingress-invite-store.js';
 import { revokeScopedApprovalGrantsForContext } from '../memory/scoped-approval-grants.js';
+import { notifyGuardianOfAccessRequest } from '../runtime/access-request-helper.js';
+import {
+  resolveActorTrust,
+  toGuardianRuntimeContextFromTrust,
+} from '../runtime/actor-trust-resolver.js';
 import {
   getPendingChallenge,
   validateAndConsumeChallenge,
 } from '../runtime/channel-guardian-service.js';
-import {
-  resolveGuardianContext,
-  toGuardianRuntimeContext,
-} from '../runtime/guardian-context-resolver.js';
 import {
   composeVerificationVoice,
   GUARDIAN_VERIFY_TEMPLATE_KEYS,
 } from '../runtime/guardian-verification-templates.js';
+import { redeemVoiceInviteCode } from '../runtime/ingress-service.js';
 import { parseJsonSafe } from '../util/json.js';
 import { getLogger } from '../util/logger.js';
 import { normalizeAssistantId } from '../util/platform.js';
@@ -171,6 +175,12 @@ export class RelayConnection {
   // Outbound guardian verification state (system calls the guardian)
   private outboundGuardianVerificationSessionId: string | null = null;
 
+  // Inbound voice invite redemption state
+  private inviteRedemptionActive = false;
+  private inviteRedemptionAssistantId: string | null = null;
+  private inviteRedemptionFromNumber: string | null = null;
+  private inviteRedemptionCodeLength = 6;
+
   constructor(ws: ServerWebSocket<RelayWebSocketData>, callSessionId: string) {
     this.ws = ws;
     this.callSessionId = callSessionId;
@@ -426,15 +436,13 @@ export class RelayConnection {
     // calls msg.from is the caller; for outbound calls msg.to is the
     // recipient (msg.from is the assistant's Twilio number).
     const otherPartyNumber = isInbound ? msg.from : msg.to;
-    const initialGuardianContext = toGuardianRuntimeContext(
-      'voice',
-      resolveGuardianContext({
-        assistantId,
-        sourceChannel: 'voice',
-        externalChatId: otherPartyNumber,
-        senderExternalUserId: otherPartyNumber || undefined,
-      }),
-    );
+    const initialActorTrust = resolveActorTrust({
+      assistantId,
+      sourceChannel: 'voice',
+      externalChatId: otherPartyNumber,
+      senderExternalUserId: otherPartyNumber || undefined,
+    });
+    const initialGuardianContext = toGuardianRuntimeContextFromTrust(initialActorTrust, otherPartyNumber);
 
     const controller = new CallController(this.callSessionId, this, session?.task ?? null, {
       broadcast: globalBroadcast,
@@ -471,10 +479,185 @@ export class RelayConnection {
     if (!isInbound && verificationConfig.enabled) {
       await this.startVerification(session, verificationConfig);
     } else if (isInbound) {
-      // For inbound calls, check if there's a pending voice guardian
-      // challenge that the caller needs to complete before proceeding.
+      // ── Trusted-contact ACL enforcement for inbound voice ──
+      // Resolve the caller's trust classification before allowing the call
+      // to proceed. Guardian and trusted-contact callers pass through;
+      // unknown callers are denied with deterministic voice copy and an
+      // access request is created for the guardian — unless there is a
+      // pending voice guardian challenge, in which case the caller is
+      // expected to be unknown (no binding yet) and should enter the
+      // verification flow.
+      const actorTrust = resolveActorTrust({
+        assistantId,
+        sourceChannel: 'voice',
+        externalChatId: msg.from,
+        senderExternalUserId: msg.from || undefined,
+      });
+
+      // Check for a pending voice guardian challenge before the ACL deny
+      // gate. An unknown caller with a pending challenge is expected —
+      // they need to complete verification to establish a binding.
       const pendingChallenge = getPendingChallenge(assistantId, 'voice');
 
+      if (actorTrust.trustClass === 'unknown' && !pendingChallenge) {
+        // Before denying, check if there is an active voice invite bound
+        // to the caller's phone number. If so, enter the invite redemption
+        // subflow instead of denying the call outright.
+        // Gated behind the voice-invite-redemption feature flag (defaults OFF).
+        const voiceInviteEnabled = isAssistantFeatureFlagEnabled(
+          'feature_flags.voice-invite-redemption.enabled',
+          config,
+        );
+
+        if (voiceInviteEnabled) {
+          let voiceInvites: ReturnType<typeof findActiveVoiceInvites> = [];
+          try {
+            voiceInvites = findActiveVoiceInvites({
+              assistantId,
+              expectedExternalUserId: msg.from,
+            });
+          } catch (err) {
+            log.warn({ err, callSessionId: this.callSessionId }, 'Failed to check voice invites for unknown caller');
+          }
+
+          // Exclude invites that are past their expiresAt even if the DB
+          // status hasn't been lazily flipped to 'expired' yet.
+          const now = Date.now();
+          const nonExpiredInvites = voiceInvites.filter(i => !i.expiresAt || i.expiresAt > now);
+
+          if (nonExpiredInvites.length > 0) {
+            log.info(
+              { callSessionId: this.callSessionId, from: msg.from },
+              'Inbound voice ACL: unknown caller has active voice invite — entering redemption flow',
+            );
+            this.startInviteRedemption(assistantId, msg.from);
+            return;
+          }
+        }
+
+        log.info(
+          { callSessionId: this.callSessionId, from: msg.from, trustClass: actorTrust.trustClass },
+          'Inbound voice ACL: unknown caller denied',
+        );
+
+        recordCallEvent(this.callSessionId, 'inbound_acl_denied', {
+          from: msg.from,
+          trustClass: actorTrust.trustClass,
+          denialReason: actorTrust.denialReason,
+        });
+
+        // For revoked/pending members, notify the guardian so they can
+        // re-approve. Blocked members are intentionally excluded — the
+        // guardian already made an explicit decision to block them.
+        let guardianNotified = false;
+        if (actorTrust.memberRecord?.status !== 'blocked') {
+          try {
+            const accessResult = notifyGuardianOfAccessRequest({
+              canonicalAssistantId: assistantId,
+              sourceChannel: 'voice',
+              externalChatId: msg.from,
+              senderExternalUserId: actorTrust.canonicalSenderId ?? msg.from,
+            });
+            guardianNotified = accessResult.notified;
+          } catch (err) {
+            log.error({ err, callSessionId: this.callSessionId }, 'Failed to create access request for denied voice caller');
+          }
+        }
+
+        // Deny with deterministic voice copy and end the call.
+        // Mark as disconnecting so handlePrompt ignores caller input
+        // during the delay before the session ends.
+        const denialMessage = guardianNotified
+          ? 'This number is not authorized. Your request has been forwarded to the account guardian.'
+          : 'This number is not authorized to use this assistant.';
+        this.sendTextToken(denialMessage, true);
+
+        this.connectionState = 'disconnecting';
+
+        updateCallSession(this.callSessionId, {
+          status: 'failed',
+          endedAt: Date.now(),
+          lastError: 'Inbound voice ACL: caller not authorized',
+        });
+
+        setTimeout(() => {
+          this.endSession('Inbound voice ACL denied');
+        }, 3000);
+        return;
+      }
+
+      // Members with policy: 'deny' have status: 'active' so resolveActorTrust
+      // classifies them as trusted_contact, but the guardian has explicitly
+      // denied their access. Block them the same way the text-channel path does.
+      if (actorTrust.memberRecord?.policy === 'deny') {
+        log.info(
+          { callSessionId: this.callSessionId, from: msg.from, memberId: actorTrust.memberRecord.id, trustClass: actorTrust.trustClass },
+          'Inbound voice ACL: member policy deny',
+        );
+
+        recordCallEvent(this.callSessionId, 'inbound_acl_denied', {
+          from: msg.from,
+          trustClass: actorTrust.trustClass,
+          memberId: actorTrust.memberRecord.id,
+          memberPolicy: actorTrust.memberRecord.policy,
+        });
+
+        this.sendTextToken('This number is not authorized to use this assistant.', true);
+
+        this.connectionState = 'disconnecting';
+
+        updateCallSession(this.callSessionId, {
+          status: 'failed',
+          endedAt: Date.now(),
+          lastError: 'Inbound voice ACL: member policy deny',
+        });
+
+        setTimeout(() => {
+          this.endSession('Inbound voice ACL: member policy deny');
+        }, 3000);
+        return;
+      }
+
+      // Members with policy: 'escalate' require guardian approval, but a live
+      // voice call cannot be paused for async approval. Fail-closed by denying
+      // the call with an appropriate message — mirrors the deny block above.
+      if (actorTrust.memberRecord?.policy === 'escalate') {
+        log.info(
+          { callSessionId: this.callSessionId, from: msg.from, memberId: actorTrust.memberRecord.id, trustClass: actorTrust.trustClass },
+          'Inbound voice ACL: member policy escalate — cannot hold live call for guardian approval',
+        );
+
+        recordCallEvent(this.callSessionId, 'inbound_acl_denied', {
+          from: msg.from,
+          trustClass: actorTrust.trustClass,
+          memberId: actorTrust.memberRecord.id,
+          memberPolicy: actorTrust.memberRecord.policy,
+        });
+
+        this.sendTextToken('This number requires guardian approval for calls. Please have the account guardian update your permissions.', true);
+
+        this.connectionState = 'disconnecting';
+
+        updateCallSession(this.callSessionId, {
+          status: 'failed',
+          endedAt: Date.now(),
+          lastError: 'Inbound voice ACL: member policy escalate — voice calls cannot await guardian approval',
+        });
+
+        setTimeout(() => {
+          this.endSession('Inbound voice ACL: member policy escalate');
+        }, 3000);
+        return;
+      }
+
+      // Guardian and trusted-contact callers proceed normally.
+      // Update the controller's guardian context with the trust-resolved
+      // context so downstream policy gates have accurate actor metadata.
+      if (this.controller && actorTrust.trustClass !== 'unknown') {
+        const resolvedGuardianContext = toGuardianRuntimeContextFromTrust(actorTrust, msg.from);
+        this.controller.setGuardianContext(resolvedGuardianContext);
+      }
+
       if (pendingChallenge) {
         this.startInboundGuardianVerification(assistantId, msg.from);
       } else {
@@ -731,16 +914,14 @@ export class RelayConnection {
       } else {
         // Inbound: proceed to normal call flow
         if (this.controller) {
+          const verifiedActorTrust = resolveActorTrust({
+            assistantId: this.guardianChallengeAssistantId,
+            sourceChannel: 'voice',
+            externalChatId: this.guardianVerificationFromNumber,
+            senderExternalUserId: this.guardianVerificationFromNumber,
+          });
           this.controller.setGuardianContext(
-            toGuardianRuntimeContext(
-              'voice',
-              resolveGuardianContext({
-                assistantId: this.guardianChallengeAssistantId,
-                sourceChannel: 'voice',
-                externalChatId: this.guardianVerificationFromNumber,
-                senderExternalUserId: this.guardianVerificationFromNumber,
-              }),
-            ),
+            toGuardianRuntimeContextFromTrust(verifiedActorTrust, this.guardianVerificationFromNumber),
           );
           this.startNormalCallFlow(this.controller, true);
         }
@@ -815,6 +996,126 @@ export class RelayConnection {
     }
   }
 
+  /**
+   * Enter the invite redemption subflow for an inbound unknown caller
+   * who has an active voice invite. Prompts the caller to enter their
+   * invite code via DTMF or speech.
+   */
+  private startInviteRedemption(assistantId: string, fromNumber: string): void {
+    this.inviteRedemptionActive = true;
+    this.inviteRedemptionAssistantId = assistantId;
+    this.inviteRedemptionFromNumber = fromNumber;
+    this.connectionState = 'verification_pending';
+    this.verificationAttempts = 0;
+    this.verificationMaxAttempts = 3;
+    this.inviteRedemptionCodeLength = 6;
+    this.dtmfBuffer = '';
+
+    recordCallEvent(this.callSessionId, 'invite_redemption_started', {
+      assistantId,
+      codeLength: 6,
+      maxAttempts: this.verificationMaxAttempts,
+    });
+
+    this.sendTextToken(
+      'Please enter your 6-digit invite code using your keypad, or speak the digits now.',
+      true,
+    );
+
+    log.info(
+      { callSessionId: this.callSessionId, assistantId },
+      'Inbound voice invite redemption started',
+    );
+  }
+
+  /**
+   * Validate an entered invite code against active voice invites for the
+   * caller. On success, create/activate the ingress member and transition
+   * to the normal call flow. On failure, allow retries up to max attempts.
+   */
+  private attemptInviteCodeRedemption(enteredCode: string): void {
+    if (!this.inviteRedemptionAssistantId || !this.inviteRedemptionFromNumber) {
+      return;
+    }
+
+    const result = redeemVoiceInviteCode({
+      assistantId: this.inviteRedemptionAssistantId,
+      callerExternalUserId: this.inviteRedemptionFromNumber,
+      sourceChannel: 'voice',
+      code: enteredCode,
+    });
+
+    if (result.ok) {
+      this.connectionState = 'connected';
+      this.inviteRedemptionActive = false;
+      this.verificationAttempts = 0;
+      this.dtmfBuffer = '';
+
+      recordCallEvent(this.callSessionId, 'invite_redemption_succeeded', {
+        memberId: result.memberId,
+        ...(result.type === 'redeemed' ? { inviteId: result.inviteId } : {}),
+      });
+      log.info(
+        { callSessionId: this.callSessionId, memberId: result.memberId, type: result.type },
+        'Voice invite redemption succeeded',
+      );
+
+      if (this.controller) {
+        const redeemedActorTrust = resolveActorTrust({
+          assistantId: this.inviteRedemptionAssistantId,
+          sourceChannel: 'voice',
+          externalChatId: this.inviteRedemptionFromNumber,
+          senderExternalUserId: this.inviteRedemptionFromNumber,
+        });
+        this.controller.setGuardianContext(
+          toGuardianRuntimeContextFromTrust(redeemedActorTrust, this.inviteRedemptionFromNumber),
+        );
+        this.startNormalCallFlow(this.controller, true);
+      }
+    } else {
+      this.verificationAttempts++;
+
+      if (this.verificationAttempts >= this.verificationMaxAttempts) {
+        this.inviteRedemptionActive = false;
+
+        recordCallEvent(this.callSessionId, 'invite_redemption_failed', {
+          attempts: this.verificationAttempts,
+        });
+        log.warn(
+          { callSessionId: this.callSessionId, attempts: this.verificationAttempts },
+          'Voice invite redemption failed — max attempts reached',
+        );
+
+        this.sendTextToken('Too many invalid attempts. Goodbye.', true);
+
+        updateCallSession(this.callSessionId, {
+          status: 'failed',
+          endedAt: Date.now(),
+          lastError: 'Voice invite redemption failed — max attempts exceeded',
+        });
+
+        const failSession = getCallSession(this.callSessionId);
+        if (failSession) {
+          expirePendingQuestions(this.callSessionId);
+          persistCallCompletionMessage(failSession.conversationId, this.callSessionId).catch((err) => {
+            log.error({ err, conversationId: failSession.conversationId, callSessionId: this.callSessionId }, 'Failed to persist call completion message');
+          });
+          fireCallCompletionNotifier(failSession.conversationId, this.callSessionId);
+        }
+
+        setTimeout(() => {
+          this.endSession('Invite redemption failed');
+        }, 2000);
+      } else {
+        log.info(
+          { callSessionId: this.callSessionId, attempt: this.verificationAttempts, maxAttempts: this.verificationMaxAttempts },
+          'Voice invite redemption attempt failed — retrying',
+        );
+        this.sendTextToken('Invalid code. Please try again.', true);
+      }
+    }
+  }
+
   private async handlePrompt(msg: RelayPromptMessage): Promise<void> {
     if (this.connectionState === 'disconnecting') {
       return;
@@ -845,6 +1146,26 @@ export class RelayConnection {
       return;
     }
 
+    // During invite redemption, attempt to parse spoken digits from the
+    // transcript and validate against the caller's active voice invite.
+    if (this.connectionState === 'verification_pending' && this.inviteRedemptionActive) {
+      const spokenDigits = RelayConnection.parseDigitsFromSpeech(msg.voicePrompt);
+      log.info(
+        { callSessionId: this.callSessionId, transcript: msg.voicePrompt, spokenDigits },
+        'Speech received during invite redemption',
+      );
+      if (spokenDigits.length >= this.inviteRedemptionCodeLength) {
+        const enteredCode = spokenDigits.slice(0, this.inviteRedemptionCodeLength);
+        this.attemptInviteCodeRedemption(enteredCode);
+      } else if (spokenDigits.length > 0) {
+        this.sendTextToken(
+          `I heard ${spokenDigits.length} digits. Please enter all ${this.inviteRedemptionCodeLength} digits of your code.`,
+          true,
+        );
+      }
+      return;
+    }
+
     // During outbound callee verification, ignore voice prompts — the callee
     // should be entering DTMF digits, not speaking.
     if (this.connectionState === 'verification_pending') {
@@ -957,6 +1278,19 @@ export class RelayConnection {
       return;
     }
 
+    // If invite redemption is pending, accumulate digits and validate
+    // the code against the caller's active voice invite.
+    if (this.connectionState === 'verification_pending' && this.inviteRedemptionActive) {
+      this.dtmfBuffer += msg.digit;
+
+      if (this.dtmfBuffer.length >= this.inviteRedemptionCodeLength) {
+        const enteredCode = this.dtmfBuffer.slice(0, this.inviteRedemptionCodeLength);
+        this.dtmfBuffer = '';
+        this.attemptInviteCodeRedemption(enteredCode);
+      }
+      return;
+    }
+
     // If outbound callee verification is pending, accumulate digits and check the code
     if (this.connectionState === 'verification_pending' && this.verificationCode) {
       this.dtmfBuffer += msg.digit;

package/src/calls/types.ts

@@ -1,5 +1,5 @@
 export type CallStatus = 'initiated' | 'ringing' | 'in_progress' | 'waiting_on_user' | 'completed' | 'failed' | 'cancelled';
-export type CallEventType = 'call_started' | 'call_connected' | 'caller_spoke' | 'assistant_spoke' | 'user_question_asked' | 'user_answered' | 'user_instruction_relayed' | 'call_ended' | 'call_failed' | 'callee_verification_started' | 'callee_verification_succeeded' | 'callee_verification_failed' | 'guardian_voice_verification_started' | 'guardian_voice_verification_succeeded' | 'guardian_voice_verification_failed' | 'outbound_guardian_voice_verification_started' | 'outbound_guardian_voice_verification_succeeded' | 'outbound_guardian_voice_verification_failed' | 'guardian_consultation_timed_out' | 'guardian_unavailable_skipped' | 'guardian_consult_deferred' | 'guardian_consult_coalesced';
+export type CallEventType = 'call_started' | 'call_connected' | 'caller_spoke' | 'assistant_spoke' | 'user_question_asked' | 'user_answered' | 'user_instruction_relayed' | 'call_ended' | 'call_failed' | 'callee_verification_started' | 'callee_verification_succeeded' | 'callee_verification_failed' | 'guardian_voice_verification_started' | 'guardian_voice_verification_succeeded' | 'guardian_voice_verification_failed' | 'outbound_guardian_voice_verification_started' | 'outbound_guardian_voice_verification_succeeded' | 'outbound_guardian_voice_verification_failed' | 'guardian_consultation_timed_out' | 'guardian_unavailable_skipped' | 'guardian_consult_deferred' | 'guardian_consult_coalesced' | 'inbound_acl_denied' | 'invite_redemption_started' | 'invite_redemption_succeeded' | 'invite_redemption_failed';
 export type PendingQuestionStatus = 'pending' | 'answered' | 'expired' | 'cancelled';
 
 /**

package/src/calls/voice-session-bridge.ts

@@ -250,8 +250,8 @@ export async function startVoiceTurn(opts: VoiceTurnOptions): Promise<VoiceTurnH
   // - guardian: permission prompts auto-allow (parity with guardian chat)
   // - everyone else (including unknown): fail-closed strict side-effects
   //   with auto-deny confirmations.
-  const actorRole = opts.guardianContext?.actorRole;
-  const isGuardian = actorRole === 'guardian';
+  const trustClass = opts.guardianContext?.trustClass;
+  const isGuardian = trustClass === 'guardian';
   const forceStrictSideEffects = isGuardian ? undefined : true;
 
   // Replace the [CALL_OPENING] marker with a neutral instruction before
@@ -264,7 +264,7 @@ export async function startVoiceTurn(opts: VoiceTurnOptions): Promise<VoiceTurnH
 
   // Build the call-control protocol prompt so the model knows how to emit
   // control markers (ASK_GUARDIAN, END_CALL, etc.) and recognize opener turns.
-  const isCallerGuardian = opts.guardianContext?.actorRole === 'guardian';
+  const isCallerGuardian = opts.guardianContext?.trustClass === 'guardian';
 
   const voiceCallControlPrompt = buildVoiceCallControlPrompt({
     isInbound: opts.isInbound,

package/src/cli.ts

@@ -492,6 +492,18 @@ export async function startCli(): Promise<void> {
         break;
       }
 
+      case 'message_request_complete': {
+        // Request-level terminal for inline approval consumption.
+        // When no agent turn remains active, clear busy state and re-prompt.
+        if (msg.runStillActive !== true) {
+          spinner.stop();
+          generating = false;
+          process.stdout.write('\n\n');
+          prompt();
+        }
+        break;
+      }
+
       case 'generation_handoff': {
         // The current request's generation is done; show usage and re-prompt.
         // Always clear `generating` — this CLI client's generation is finished