@vellumai/assistant 0.4.2 → 0.4.3

package/src/__tests__/session-init.benchmark.test.ts

@@ -103,7 +103,6 @@ mock.module('../util/platform.js', () => ({
   getTCPPort: () => 8765,
   isIOSPairingEnabled: () => false,
   isTCPEnabled: () => false,
-  normalizeAssistantId: (id: string) => id,
   readHttpToken: () => null,
   readLockfile: () => null,
   readPlatformToken: () => null,

package/src/__tests__/session-runtime-assembly.test.ts

@@ -615,7 +615,10 @@ describe('injectInboundActorContext', () => {
 
     const result = injectInboundActorContext(baseUserMessage, ctx);
     const text = (result.content[0] as { type: 'text'; text: string }).text;
-    expect(text).toContain('non-guardian account');
+    expect(text).toContain('trusted contact (non-guardian)');
+    expect(text).toContain('attempt to fulfill it normally');
+    expect(text).toContain('tool execution layer will automatically deny it and escalate');
+    expect(text).toContain('Do not self-approve');
     expect(text).toContain('Do not explain the verification system');
     expect(text).toContain('member_status: active');
     expect(text).toContain('member_policy: default');

package/src/__tests__/session-surfaces-task-progress.test.ts

@@ -2,6 +2,7 @@ import { describe, expect, test } from 'bun:test';
 
 import type {
   CardSurfaceData,
+  DynamicPageSurfaceData,
   ServerMessage,
   SurfaceData,
   SurfaceType,
@@ -96,6 +97,48 @@ describe('task_progress surface compatibility', () => {
     expect((card.templateData as Record<string, unknown>).status).toBe('in_progress');
   });
 
+  test('ui_show normalizes top-level dynamic_page fields into data', async () => {
+    const sent: ServerMessage[] = [];
+    const ctx = makeContext(sent);
+
+    const result = await surfaceProxyResolver(ctx, 'ui_show', {
+      surface_type: 'dynamic_page',
+      title: 'My Slides',
+      html: '<h1>Hello</h1>',
+      preview: { title: 'Slides', subtitle: '3 slides about Apple' },
+    });
+
+    expect(result.isError).toBe(false);
+
+    const showMessage = sent.find((msg): msg is UiSurfaceShow => msg.type === 'ui_surface_show');
+    expect(showMessage).toBeDefined();
+    if (!showMessage || showMessage.surfaceType !== 'dynamic_page') return;
+
+    const page = showMessage.data as DynamicPageSurfaceData;
+    expect(page.html).toBe('<h1>Hello</h1>');
+    expect(page.preview).toEqual({ title: 'Slides', subtitle: '3 slides about Apple' });
+  });
+
+  test('ui_show dynamic_page uses data.html when properly nested', async () => {
+    const sent: ServerMessage[] = [];
+    const ctx = makeContext(sent);
+
+    const result = await surfaceProxyResolver(ctx, 'ui_show', {
+      surface_type: 'dynamic_page',
+      title: 'My Slides',
+      data: { html: '<h1>Nested</h1>' },
+    });
+
+    expect(result.isError).toBe(false);
+
+    const showMessage = sent.find((msg): msg is UiSurfaceShow => msg.type === 'ui_surface_show');
+    expect(showMessage).toBeDefined();
+    if (!showMessage || showMessage.surfaceType !== 'dynamic_page') return;
+
+    const page = showMessage.data as DynamicPageSurfaceData;
+    expect(page.html).toBe('<h1>Nested</h1>');
+  });
+
   test('ui_update normalizes top-level task_progress fields into templateData', async () => {
     const sent: ServerMessage[] = [];
     const ctx = makeContext(sent);

package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts

@@ -34,7 +34,6 @@ mock.module('../util/platform.js', () => ({
   getDbPath: () => join(testDir, 'test.db'),
   getLogPath: () => join(testDir, 'test.log'),
   ensureDataDir: () => {},
-  normalizeAssistantId: (id: string) => id === 'self' ? 'self' : id,
   readHttpToken: () => 'test-bearer-token',
 }));
 
@@ -82,6 +81,7 @@ mock.module('../runtime/approval-message-composer.js', () => ({
   composeApprovalMessageGenerative: async () => 'mock generative message',
 }));
 
+import { getResolver } from '../approvals/guardian-request-resolvers.js';
 import {
   createApprovalRequest,
   createBinding,
@@ -489,6 +489,16 @@ describe('trusted contact activated notification signal', () => {
     expect(activatedSignals.length).toBe(0);
   });
 
+  test('voice access_request resolver has registered handler for access_request kind', () => {
+    // The access_request resolver is registered during module load. When the
+    // source channel is 'voice', it should directly activate the member via
+    // upsertMember (no verification session). This test validates the resolver
+    // is registered and accessible.
+    const resolver = getResolver('access_request');
+    expect(resolver).toBeDefined();
+    expect(resolver!.kind).toBe('access_request');
+  });
+
   test('member is persisted BEFORE activated signal is emitted', async () => {
     // Set up a guardian binding
     createBinding({

package/src/__tests__/trusted-contact-multichannel.test.ts

@@ -29,7 +29,6 @@ mock.module('../util/platform.js', () => ({
   getDbPath: () => join(testDir, 'test.db'),
   getLogPath: () => join(testDir, 'test.log'),
   ensureDataDir: () => {},
-  normalizeAssistantId: (id: string) => id === 'self' ? 'self' : id,
   readHttpToken: () => 'test-bearer-token',
 }));
 

package/src/__tests__/trusted-contact-verification.test.ts

@@ -32,7 +32,6 @@ mock.module('../util/platform.js', () => ({
   getDbPath: () => join(testDir, 'test.db'),
   getLogPath: () => join(testDir, 'test.log'),
   ensureDataDir: () => {},
-  normalizeAssistantId: (id: string) => id === 'self' ? 'self' : id,
   readHttpToken: () => 'test-bearer-token',
 }));
 

package/src/__tests__/twilio-routes.test.ts

@@ -704,19 +704,20 @@ describe('twilio webhook routes', () => {
       expect(res.status).toBe(400);
     });
 
-    test('inbound webhook with forwarded assistantId creates session with correct assistantId', async () => {
+    test('inbound webhook creates session with internal scope assistantId', async () => {
       const req = makeInboundVoiceRequest({
         CallSid: 'CA_inbound_assist_1',
         From: '+14155551234',
         To: '+15550001111',
       });
 
-      const res = await handleVoiceWebhook(req, 'my-assistant-id');
+      const res = await handleVoiceWebhook(req);
 
       expect(res.status).toBe(200);
       const session = getCallSessionByCallSid('CA_inbound_assist_1');
       expect(session).not.toBeNull();
-      expect(session!.assistantId).toBe('my-assistant-id');
+      // Daemon always uses internal scope — external assistant IDs are not leaked into session state.
+      expect(session!.assistantId).toBe('self');
     });
 
     test('outbound call flow remains non-regressed with callSessionId present', async () => {

package/src/__tests__/update-bulletin.test.ts

@@ -53,7 +53,6 @@ mock.module('../util/platform.js', () => ({
   getInterfacesDir: () => '',
   getClipboardCommand: () => null,
   readLockfile: () => null,
-  normalizeAssistantId: (id: string) => id,
   writeLockfile: () => {},
   readPlatformToken: () => null,
   readSessionToken: () => null,

package/src/approvals/guardian-decision-primitive.ts

@@ -35,6 +35,7 @@ import {
   type GuardianApprovalRequest,
   updateApprovalDecision,
 } from '../memory/channel-guardian-store.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import type {
   ApprovalAction,
   ApprovalDecisionResult,
@@ -233,7 +234,7 @@ export function mintCanonicalRequestGrant(params: {
   }
 
   const result = mintGrantFromDecision({
-    assistantId: 'self',
+    assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
     scopeMode: 'tool_signature',
     toolName: request.toolName,
     inputDigest: request.inputDigest,

package/src/approvals/guardian-request-resolvers.ts

@@ -13,8 +13,10 @@
 
 import { answerCall } from '../calls/call-domain.js';
 import type { CanonicalGuardianRequest } from '../memory/canonical-guardian-store.js';
+import { upsertMember } from '../memory/ingress-member-store.js';
 import { emitNotificationSignal } from '../notifications/emit-signal.js';
 import { addRule } from '../permissions/trust-store.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import type { ApprovalAction } from '../runtime/channel-approval-types.js';
 import { createOutboundSession } from '../runtime/channel-guardian-service.js';
 import { deliverChannelReply } from '../runtime/gateway-client.js';
@@ -24,6 +26,10 @@ import { getLogger } from '../util/logger.js';
 
 const log = getLogger('guardian-request-resolvers');
 
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
 // ---------------------------------------------------------------------------
 // Types
 // ---------------------------------------------------------------------------
@@ -278,7 +284,7 @@ const accessRequestResolver: GuardianRequestResolver = {
     const requesterExternalUserId = request.requesterExternalUserId ?? '';
     const requesterChatId = request.requesterChatId ?? request.requesterExternalUserId ?? '';
     const decidedByExternalUserId = ctx.actor.externalUserId ?? '';
-    const assistantId = channelDeliveryContext?.assistantId ?? 'self';
+    const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
 
     if (decision.action === 'reject') {
       log.info(
@@ -340,7 +346,40 @@ const accessRequestResolver: GuardianRequestResolver = {
       return { ok: true, applied: true };
     }
 
-    // On approve: mint an identity-bound verification session so the
+    // Voice approvals: directly activate the trusted contact without minting
+    // a verification session. The caller is already on the line and the
+    // relay server's in-call wait loop will detect the approved status.
+    if (channel === 'voice') {
+      try {
+        upsertMember({
+          assistantId,
+          sourceChannel: 'voice',
+          externalUserId: requesterExternalUserId,
+          externalChatId: requesterChatId,
+          status: 'active',
+          policy: 'allow',
+        });
+      } catch (err) {
+        log.error(
+          { err, requesterExternalUserId },
+          'Access request resolver: failed to activate voice caller as trusted contact',
+        );
+      }
+
+      log.info(
+        {
+          event: 'resolver_access_request_voice_approved',
+          requestId: request.id,
+          channel,
+          requesterExternalUserId,
+        },
+        'Access request resolver: voice approval — direct trusted-contact activation (no verification session)',
+      );
+
+      return { ok: true, applied: true };
+    }
+
+    // Non-voice approvals: mint an identity-bound verification session so the
     // requester can verify their identity.
     const session = createOutboundSession({
       assistantId,
@@ -461,7 +500,7 @@ const toolGrantRequestResolver: GuardianRequestResolver = {
   async resolve(ctx: ResolverContext): Promise<ResolverResult> {
     const { request, decision, channelDeliveryContext } = ctx;
     const requesterChatId = request.requesterChatId ?? request.requesterExternalUserId ?? '';
-    const assistantId = channelDeliveryContext?.assistantId ?? 'self';
+    const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
 
     if (decision.action === 'reject') {
       log.info(

package/src/calls/call-constants.ts

@@ -41,6 +41,14 @@ export function getUserConsultationTimeoutMs(): number {
   return getConfig().calls.userConsultTimeoutSeconds * 1000;
 }
 
+export function getTtsPlaybackDelayMs(): number {
+  return getConfig().calls.ttsPlaybackDelayMs;
+}
+
+export function getAccessRequestPollIntervalMs(): number {
+  return getConfig().calls.accessRequestPollIntervalMs;
+}
+
 export const SILENCE_TIMEOUT_MS = 30 * 1000; // 30 seconds
 
 // Legacy named exports for backward compatibility (use functions above for config-backed values)

package/src/calls/call-controller.ts

@@ -18,6 +18,7 @@ import {
   listCanonicalGuardianDeliveries,
 } from '../memory/canonical-guardian-store.js';
 import { revokeScopedApprovalGrantsForContext } from '../memory/scoped-approval-grants.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { computeToolApprovalDigest } from '../security/tool-approval-digest.js';
 import { getLogger } from '../util/logger.js';
 import { readHttpToken } from '../util/platform.js';
@@ -245,7 +246,7 @@ export class CallController {
     this.task = task;
     this.isInbound = !task;
     this.broadcast = opts?.broadcast;
-    this.assistantId = opts?.assistantId ?? 'self';
+    this.assistantId = opts?.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID;
     this.guardianContext = opts?.guardianContext ?? null;
 
     // Resolve the conversation ID from the call session

package/src/calls/call-domain.ts

@@ -14,6 +14,7 @@ import { getOrCreateConversation } from '../memory/conversation-key-store.js';
 import { queueGenerateConversationTitle } from '../memory/conversation-title-service.js';
 import { upsertBinding } from '../memory/external-conversation-store.js';
 import { revokeScopedApprovalGrantsForContext } from '../memory/scoped-approval-grants.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { isGuardian } from '../runtime/channel-guardian-service.js';
 import { getSecureKey } from '../security/secure-keys.js';
 import { getLogger } from '../util/logger.js';
@@ -208,7 +209,7 @@ export type CreateInboundVoiceSessionResult = {
 export function createInboundVoiceSession(
   input: CreateInboundVoiceSessionInput,
 ): CreateInboundVoiceSessionResult {
-  const { callSid, fromNumber, toNumber, assistantId = 'self' } = input;
+  const { callSid, fromNumber, toNumber, assistantId = DAEMON_INTERNAL_ASSISTANT_ID } = input;
 
   // Check if a session already exists for this CallSid (replay protection)
   const existing = getCallSessionByCallSid(callSid);
@@ -219,7 +220,7 @@ export function createInboundVoiceSession(
 
   // Create a dedicated voice conversation keyed by CallSid so inbound calls
   // get their own conversation thread.
-  const voiceConvKey = assistantId && assistantId !== 'self'
+  const voiceConvKey = assistantId && assistantId !== DAEMON_INTERNAL_ASSISTANT_ID
     ? `asst:${assistantId}:voice:inbound:${callSid}`
     : `voice:inbound:${callSid}`;
   const { conversationId: voiceConversationId } = getOrCreateConversation(voiceConvKey);
@@ -272,7 +273,7 @@ export function createInboundVoiceSession(
  * Initiate a new outbound call.
  */
 export async function startCall(input: StartCallInput): Promise<StartCallResult | CallError> {
-  const { phoneNumber, task, context: callContext, conversationId, callerIdentityMode, assistantId = 'self' } = input;
+  const { phoneNumber, task, context: callContext, conversationId, callerIdentityMode, assistantId = DAEMON_INTERNAL_ASSISTANT_ID } = input;
 
   if (!phoneNumber || typeof phoneNumber !== 'string') {
     return { ok: false, error: 'phone_number is required and must be a string', status: 400 };
@@ -644,7 +645,7 @@ export type StartGuardianVerificationCallResult =
 export async function startGuardianVerificationCall(
   input: StartGuardianVerificationCallInput,
 ): Promise<StartGuardianVerificationCallResult> {
-  const { phoneNumber, guardianVerificationSessionId, assistantId = 'self', originConversationId } = input;
+  const { phoneNumber, guardianVerificationSessionId, assistantId = DAEMON_INTERNAL_ASSISTANT_ID, originConversationId } = input;
 
   if (!phoneNumber || !E164_REGEX.test(phoneNumber)) {
     return { ok: false, error: 'phone_number must be in E.164 format', status: 400 };