@vellumai/assistant 0.4.2 → 0.4.4

package/src/daemon/handlers/apps.ts

@@ -7,6 +7,8 @@ import { v4 as uuid } from 'uuid';
 
 import { packageApp } from '../../bundler/app-bundler.js';
 import { defaultGallery } from '../../gallery/default-gallery.js';
+import { resolveHomeBaseAppId } from '../../home-base/bootstrap.js';
+import { isPrebuiltHomeBaseApp } from '../../home-base/prebuilt-home-base-updater.js';
 import { getAppDiff, getAppFileAtVersion, getAppHistory, restoreAppVersion } from '../../memory/app-git-service.js';
 import { createApp, createAppRecord, deleteAppRecord, getApp, getAppPreview, listApps, queryAppRecords, updateApp,updateAppRecord } from '../../memory/app-store.js';
 import { createSharedAppLink } from '../../memory/shared-app-links-store.js';
@@ -77,28 +79,54 @@ export function handleAppDataRequest(
 }
 
 export function handleAppOpenRequest(msg: { appId: string }, socket: net.Socket, ctx: HandlerContext): void {
-  const appId = msg.appId;
-  if (!appId) {
-    ctx.send(socket, { type: 'error', message: 'app_open_request requires appId' });
-    return;
-  }
+  try {
+    const appId = msg.appId;
+    if (!appId) {
+      ctx.send(socket, { type: 'error', message: 'app_open_request requires appId' });
+      return;
+    }
+
+    const app = getApp(appId);
+    if (app) {
+      const surfaceId = `app-open-${uuid()}`;
+      ctx.send(socket, {
+        type: 'ui_surface_show',
+        sessionId: 'app-panel',
+        surfaceId,
+        surfaceType: 'dynamic_page',
+        title: app.name,
+        data: { html: app.htmlDefinition, appId: app.id, appType: app.appType },
+        display: 'panel',
+      } as UiSurfaceShow);
+      return;
+    }
+
+    // Fallback: the ID might be a surfaceId from an ephemeral ui_show surface
+    // (not a persistent app). Search active sessions for cached surface data.
+    for (const session of ctx.sessions.values()) {
+      const cached = session.surfaceState.get(appId);
+      if (cached && cached.surfaceType === 'dynamic_page') {
+        const newSurfaceId = `app-open-${uuid()}`;
+        ctx.send(socket, {
+          type: 'ui_surface_show',
+          sessionId: 'app-panel',
+          surfaceId: newSurfaceId,
+          surfaceType: 'dynamic_page',
+          title: cached.title ?? (cached.data as { preview?: { title?: string } }).preview?.title,
+          data: cached.data,
+          display: 'panel',
+        } as UiSurfaceShow);
+        return;
+      }
+    }
 
-  const app = getApp(appId);
-  if (!app) {
+    log.warn({ appId }, 'App not found in store or session surfaces');
     ctx.send(socket, { type: 'error', message: `App not found: ${appId}` });
-    return;
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    log.error({ err, appId: msg.appId }, 'Failed to handle app open request');
+    ctx.send(socket, { type: 'error', message: `Failed to open app: ${message}` });
   }
-
-  const surfaceId = `app-open-${uuid()}`;
-  ctx.send(socket, {
-    type: 'ui_surface_show',
-    sessionId: 'app-panel',
-    surfaceId,
-    surfaceType: 'dynamic_page',
-    title: app.name,
-    data: { html: app.htmlDefinition, appId: app.id, appType: app.appType },
-    display: 'panel',
-  } as UiSurfaceShow);
 }
 
 export function handleAppUpdatePreview(msg: AppUpdatePreviewRequest, socket: net.Socket, ctx: HandlerContext): void {
@@ -114,7 +142,35 @@ export function handleAppUpdatePreview(msg: AppUpdatePreviewRequest, socket: net
 
 export function handleAppsList(socket: net.Socket, ctx: HandlerContext): void {
   try {
-    const apps = listApps();
+    const allApps = listApps();
+    const homeBaseId = resolveHomeBaseAppId();
+
+    // When no home base was found by ID, do a single targeted search for an app
+    // matching the HTML marker. listApps() returns metadata-only (no htmlDefinition),
+    // so the HTML marker check requires loading the full app from disk. We limit
+    // this expensive operation to the case where homeBaseId is null.
+    const excludeIds = new Set<string>();
+    if (homeBaseId) {
+      excludeIds.add(homeBaseId);
+    } else {
+      for (const a of allApps) {
+        if (isPrebuiltHomeBaseApp(a)) {
+          excludeIds.add(a.id);
+          continue;
+        }
+        const fullApp = getApp(a.id);
+        if (fullApp && isPrebuiltHomeBaseApp(fullApp)) {
+          excludeIds.add(a.id);
+          continue;
+        }
+      }
+    }
+
+    const apps = allApps.filter((a) => {
+      if (excludeIds.has(a.id)) return false;
+      if (isPrebuiltHomeBaseApp(a)) return false;
+      return true;
+    });
     ctx.send(socket, {
       type: 'apps_list_response',
       apps: apps.map((a) => {

package/src/daemon/handlers/config-channels.ts

@@ -3,6 +3,7 @@ import * as net from 'node:net';
 import type { ChannelId } from '../../channels/types.js';
 import * as externalConversationStore from '../../memory/external-conversation-store.js';
 import { findMember, revokeMember } from '../../memory/ingress-member-store.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../../runtime/assistant-scope.js';
 import {
   createVerificationChallenge,
   findActiveSession,
@@ -17,9 +18,7 @@ import {
   resendOutbound,
   startOutbound,
 } from '../../runtime/guardian-outbound-actions.js';
-import { normalizeAssistantId } from '../../util/platform.js';
 import type {
-  ChannelReadinessRequest,
   GuardianVerificationRequest,
   GuardianVerificationResponse,
 } from '../ipc-protocol.js';
@@ -60,11 +59,10 @@ export function getReadinessService(): ChannelReadinessService {
 
 export function createGuardianChallenge(
   channel?: ChannelId,
-  assistantId?: string,
   rebind?: boolean,
   sessionId?: string,
 ): GuardianVerificationResult {
-  const resolvedAssistantId = normalizeAssistantId(assistantId ?? 'self');
+  const resolvedAssistantId = DAEMON_INTERNAL_ASSISTANT_ID;
   const resolvedChannel = channel ?? 'telegram';
 
   const existingBinding = getGuardianBinding(resolvedAssistantId, resolvedChannel);
@@ -89,9 +87,8 @@ export function createGuardianChallenge(
 
 export function getGuardianStatus(
   channel?: ChannelId,
-  assistantId?: string,
 ): GuardianVerificationResult {
-  const resolvedAssistantId = normalizeAssistantId(assistantId ?? 'self');
+  const resolvedAssistantId = DAEMON_INTERNAL_ASSISTANT_ID;
   const resolvedChannel = channel ?? 'telegram';
 
   const binding = getGuardianBinding(resolvedAssistantId, resolvedChannel);
@@ -161,17 +158,15 @@ export function handleGuardianVerification(
   socket: net.Socket,
   ctx: HandlerContext,
 ): void {
-  // Normalize the assistant ID so challenges are always stored under the
-  // same key the inbound-call path will use for lookups (typically "self").
-  const assistantId = normalizeAssistantId(msg.assistantId ?? 'self');
+  const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
   const channel = msg.channel ?? 'telegram';
 
   try {
     if (msg.action === 'create_challenge') {
-      const result = createGuardianChallenge(channel, assistantId, msg.rebind, msg.sessionId);
+      const result = createGuardianChallenge(channel, msg.rebind, msg.sessionId);
       ctx.send(socket, { type: 'guardian_verification_response', ...result });
     } else if (msg.action === 'status') {
-      const result = getGuardianStatus(channel, assistantId);
+      const result = getGuardianStatus(channel);
       ctx.send(socket, { type: 'guardian_verification_response', ...result });
     } else if (msg.action === 'revoke') {
       // Capture binding before revoking so we can revoke the guardian's
@@ -200,13 +195,13 @@ export function handleGuardianVerification(
         channel,
       });
     } else if (msg.action === 'start_outbound') {
-      const result = startOutbound({ channel, assistantId, destination: msg.destination, rebind: msg.rebind, originConversationId: msg.originConversationId });
+      const result = startOutbound({ channel, destination: msg.destination, rebind: msg.rebind, originConversationId: msg.originConversationId });
       ctx.send(socket, { type: 'guardian_verification_response', ...result });
     } else if (msg.action === 'resend_outbound') {
-      const result = resendOutbound({ channel, assistantId, originConversationId: msg.originConversationId });
+      const result = resendOutbound({ channel, originConversationId: msg.originConversationId });
       ctx.send(socket, { type: 'guardian_verification_response', ...result });
     } else if (msg.action === 'cancel_outbound') {
-      const result = cancelOutbound({ channel, assistantId });
+      const result = cancelOutbound({ channel });
       ctx.send(socket, { type: 'guardian_verification_response', ...result });
     } else {
       ctx.send(socket, {
@@ -229,53 +224,6 @@ export function handleGuardianVerification(
 }
 
 
-// ---------------------------------------------------------------------------
-// Channel readiness handler
-// ---------------------------------------------------------------------------
-
-export async function handleChannelReadiness(
-  msg: ChannelReadinessRequest,
-  socket: net.Socket,
-  ctx: HandlerContext,
-): Promise<void> {
-  try {
-    const service = getReadinessService();
-
-    if (msg.action === 'refresh') {
-      if (msg.channel) {
-        service.invalidateChannel(msg.channel, msg.assistantId);
-      } else {
-        service.invalidateAll();
-      }
-    }
-
-    const snapshots = await service.getReadiness(msg.channel, msg.includeRemote, msg.assistantId);
-
-    ctx.send(socket, {
-      type: 'channel_readiness_response',
-      success: true,
-      snapshots: snapshots.map((s) => ({
-        channel: s.channel,
-        ready: s.ready,
-        checkedAt: s.checkedAt,
-        stale: s.stale,
-        reasons: s.reasons,
-        localChecks: s.localChecks,
-        remoteChecks: s.remoteChecks,
-      })),
-    });
-  } catch (err) {
-    const message = err instanceof Error ? err.message : String(err);
-    log.error({ err }, 'Failed to handle channel readiness');
-    ctx.send(socket, {
-      type: 'channel_readiness_response',
-      success: false,
-      error: message,
-    });
-  }
-}
-
 export const channelHandlers = defineHandlers({
-  channel_readiness: handleChannelReadiness,
   guardian_verification: handleGuardianVerification,
 });

package/src/daemon/handlers/config-inbox.ts

@@ -40,6 +40,8 @@ export function handleIngressInvite(
           note: msg.note,
           maxUses: msg.maxUses,
           expiresInMs: msg.expiresInMs,
+          friendName: msg.friendName,
+          guardianName: msg.guardianName,
         });
         if (!result.ok) {
           ctx.send(socket, { type: 'ingress_invite_response', success: false, error: result.error });
@@ -303,9 +305,15 @@ async function executeApprove(
     }
   }
   session.setAssistantId(assistantId);
-  // The guardian approved this escalation, so tag as guardian trust to avoid
-  // unknown-provenance memory gating.
-  session.setGuardianContext({ trustClass: 'guardian', sourceChannel: sourceChannel ?? 'vellum' });
+  // The guardian already approved this escalation via the inbox, so we
+  // directly set guardian trust. Going through resolveLocalIpcGuardianContext
+  // would look up the vellum binding's guardian ID and compare it against
+  // a different channel's binding (e.g. telegram/sms), misclassifying the
+  // actor as 'unknown'.
+  session.setGuardianContext({
+    sourceChannel: sourceChannel ?? 'vellum',
+    trustClass: 'guardian',
+  });
   session.setCommandIntent(null);
 
   // Process the message through the agent loop (no IPC event callback

package/src/daemon/handlers/config-ingress.ts

@@ -10,6 +10,7 @@ import {
   setIngressPublicBaseUrl,
 } from '../../config/env.js';
 import { loadRawConfig, saveRawConfig } from '../../config/loader.js';
+import { registerCallbackRoute, resolveCallbackUrl, shouldUsePlatformCallbacks } from '../../inbound/platform-callback-registration.js';
 import {
   getTwilioSmsWebhookUrl,
   getTwilioStatusCallbackUrl,
@@ -92,9 +93,21 @@ export async function syncTwilioWebhooks(
   ingressConfig: IngressConfig,
 ): Promise<{ success: boolean; warning?: string }> {
   try {
-    const voiceUrl = getTwilioVoiceWebhookUrl(ingressConfig);
-    const statusCallbackUrl = getTwilioStatusCallbackUrl(ingressConfig);
-    const smsUrl = getTwilioSmsWebhookUrl(ingressConfig);
+    const voiceUrl = await resolveCallbackUrl(
+      () => getTwilioVoiceWebhookUrl(ingressConfig),
+      'webhooks/twilio/voice',
+      'twilio_voice',
+    );
+    const statusCallbackUrl = await resolveCallbackUrl(
+      () => getTwilioStatusCallbackUrl(ingressConfig),
+      'webhooks/twilio/status',
+      'twilio_status',
+    );
+    const smsUrl = await resolveCallbackUrl(
+      () => getTwilioSmsWebhookUrl(ingressConfig),
+      'webhooks/twilio/sms',
+      'twilio_sms',
+    );
     await updatePhoneNumberWebhooks(accountSid, authToken, phoneNumber, {
       voiceUrl,
       statusCallbackUrl,
@@ -183,6 +196,18 @@ export async function handleIngressConfig(
       // Use the effective URL from process.env (which accounts for the
       // fallback branch above) rather than the raw `value` from the UI.
       const effectiveUrl = isEnabled ? getIngressPublicBaseUrl() : undefined;
+
+      // When containerized with a platform, register the Telegram callback
+      // route so the platform knows how to forward Telegram webhooks.
+      // This must happen independently of effectiveUrl — in containerized
+      // deployments without ingress.publicBaseUrl, platform callbacks are the
+      // only way to receive Telegram webhooks.
+      if (shouldUsePlatformCallbacks()) {
+        registerCallbackRoute('webhooks/telegram', 'telegram').catch((err) => {
+          log.warn({ err }, 'Failed to register Telegram platform callback route');
+        });
+      }
+
       triggerGatewayReconcile(effectiveUrl);
 
       // Best-effort Twilio webhook reconciliation: when ingress is being

package/src/daemon/handlers/config-telegram.ts

@@ -1,6 +1,7 @@
 import * as net from 'node:net';
 
 import { getIngressPublicBaseUrl } from '../../config/env.js';
+import { registerCallbackRoute, shouldUsePlatformCallbacks } from '../../inbound/platform-callback-registration.js';
 import { deleteSecureKey,getSecureKey, setSecureKey } from '../../security/secure-keys.js';
 import { deleteCredentialMetadata, getCredentialMetadata,upsertCredentialMetadata } from '../../tools/credentials/metadata-store.js';
 import type { TelegramConfigRequest, TelegramConfigResponse } from '../ipc-protocol.js';
@@ -161,6 +162,17 @@ export async function setTelegramConfig(botToken?: string): Promise<TelegramConf
     hasWebhookSecret,
   };
 
+  // When containerized with a platform, register the Telegram callback
+  // route so the platform knows how to forward Telegram webhooks.
+  // This must happen independently of effectiveUrl — in containerized
+  // deployments without ingress.publicBaseUrl, platform callbacks are the
+  // only way to receive Telegram webhooks.
+  if (shouldUsePlatformCallbacks()) {
+    registerCallbackRoute('webhooks/telegram', 'telegram').catch((err) => {
+      log.warn({ err }, 'Failed to register Telegram platform callback route');
+    });
+  }
+
   // Trigger gateway reconcile so the webhook registration updates immediately
   const effectiveUrl = getIngressPublicBaseUrl();
   if (effectiveUrl) {

package/src/daemon/handlers/config.ts

@@ -11,13 +11,12 @@
  *   config-platform.ts    — Platform base URL configuration
  *   config-integrations.ts — Vercel API & Twitter integration
  *   config-telegram.ts    — Telegram bot configuration
- *   config-twilio.ts      — Twilio SMS/voice configuration
- *   config-channels.ts    — Channel guardian & readiness
+ *   config-channels.ts    — Channel guardian verification
  *   config-tools.ts       — Env vars, tool permission simulation, tool names
  */
 
 // Re-export individual handlers for direct import by tests and other modules
-export { getReadinessService,handleChannelReadiness, handleGuardianVerification } from './config-channels.js';
+export { getReadinessService, handleGuardianVerification } from './config-channels.js';
 export { handleHeartbeatChecklistRead, handleHeartbeatChecklistWrite,handleHeartbeatConfig, handleHeartbeatRunNow, handleHeartbeatRunsList } from './config-heartbeat.js';
 export { computeGatewayTarget, handleIngressConfig, syncTwilioWebhooks,triggerGatewayReconcile } from './config-ingress.js';
 export { handleTwitterIntegrationConfig,handleVercelApiConfig } from './config-integrations.js';
@@ -28,7 +27,6 @@ export { handleShareToSlack, handleSlackWebhookConfig } from './config-slack.js'
 export { handleTelegramConfig, summarizeTelegramError } from './config-telegram.js';
 export { handleEnvVarsRequest, handleToolNamesList,handleToolPermissionSimulate } from './config-tools.js';
 export { handleAcceptStarterBundle,handleAddTrustRule, handleRemoveTrustRule, handleTrustRulesList, handleUpdateTrustRule } from './config-trust.js';
-export { handleTwilioConfig } from './config-twilio.js';
 export { broadcastClientSettingsUpdate, handleVoiceConfigUpdate, normalizeActivationKey } from './config-voice.js';
 
 // Assemble the combined dispatch map from domain-specific handler groups
@@ -43,7 +41,6 @@ import { slackHandlers } from './config-slack.js';
 import { telegramHandlers } from './config-telegram.js';
 import { toolHandlers } from './config-tools.js';
 import { trustHandlers } from './config-trust.js';
-import { twilioHandlers } from './config-twilio.js';
 import { voiceHandlers } from './config-voice.js';
 
 export const configHandlers = {
@@ -55,7 +52,6 @@ export const configHandlers = {
   ...platformHandlers,
   ...integrationHandlers,
   ...telegramHandlers,
-  ...twilioHandlers,
   ...channelHandlers,
   ...toolHandlers,
   ...heartbeatHandlers,

package/src/daemon/handlers/index.ts

@@ -2,6 +2,7 @@ import * as net from 'node:net';
 
 import { type Confidence, recordConversationSeenSignal, type SignalType } from '../../memory/conversation-attention-store.js';
 import { updateDeliveryClientOutcome } from '../../notifications/deliveries-store.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../../runtime/assistant-scope.js';
 import type { ClientMessage } from '../ipc-protocol.js';
 import { handleRideShotgunStart, handleRideShotgunStop } from '../ride-shotgun-handler.js';
 import { handleWatchObservation } from '../watch-handler.js';
@@ -104,7 +105,7 @@ const inlineHandlers = defineHandlers({
     try {
       recordConversationSeenSignal({
         conversationId: msg.conversationId,
-        assistantId: 'self',
+        assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
         sourceChannel: msg.sourceChannel,
         signalType: msg.signalType as SignalType,
         confidence: msg.confidence as Confidence,

package/src/daemon/handlers/pairing.ts

@@ -1,5 +1,6 @@
 import * as net from 'node:net';
 
+import { cleanupPairingState } from '../../runtime/routes/pairing-routes.js';
 import {
   approveDevice,
   clearAllDevices,
@@ -46,6 +47,7 @@ function handlePairingApprovalResponse(
 
   if (msg.decision === 'deny') {
     pairingStoreRef.deny(msg.pairingRequestId);
+    cleanupPairingState(msg.pairingRequestId);
     log.info({ pairingRequestId: msg.pairingRequestId }, 'Pairing request denied');
     return;
   }

package/src/daemon/handlers/publish.ts

@@ -4,15 +4,13 @@ import * as net from 'node:net';
 import { v4 as uuid } from 'uuid';
 
 import { createPublishedPage, getPublishedPageByDeploymentId, getPublishedPageByHash, markDeleted, updatePublishedPage } from '../../memory/published-pages-store.js';
-import { setSecureKey } from '../../security/secure-keys.js';
 import { deleteVercelDeployment,deployHtmlToVercel } from '../../services/vercel-deploy.js';
 import { credentialBroker } from '../../tools/credentials/broker.js';
-import { getCredentialMetadata, upsertCredentialMetadata } from '../../tools/credentials/metadata-store.js';
 import type {
   PublishPageRequest,
   UnpublishPageRequest,
 } from '../ipc-protocol.js';
-import { defineHandlers, type HandlerContext,log, requestSecretStandalone } from './shared.js';
+import { defineHandlers, type HandlerContext,log } from './shared.js';
 
 export async function handlePublishPage(
   msg: PublishPageRequest,
@@ -60,57 +58,24 @@ export async function handlePublishPage(
       return { url: result.url, deploymentId: result.deploymentId };
     };
 
-    let useResult = await credentialBroker.serverUse({
+    const useResult = await credentialBroker.serverUse({
       service: 'vercel',
       field: 'api_token',
       toolName: 'publish_page',
       execute: publishExecute,
     });
 
-    // If no credential found, prompt the user and retry
+    // If no credential found, return a structured error so the client can
+    // trigger the assistant-driven token setup flow instead of blocking on
+    // a vault dialog.
     if (!useResult.success && useResult.reason?.includes('No credential found')) {
-      const allowedTools = ['publish_page', 'unpublish_page'];
-      const secretResult = await requestSecretStandalone(socket, ctx, {
-        service: 'vercel',
-        field: 'api_token',
-        label: 'Vercel API Token',
-        description: 'Required to publish site apps to the web. Create a token at vercel.com/account/tokens.',
-        placeholder: 'Enter your Vercel API token',
-        purpose: 'Publish site apps to the web',
-        allowedTools,
-        allowedDomains: ['api.vercel.com'],
-      });
-
-      if (!secretResult.value) {
-        ctx.send(socket, {
-          type: 'publish_page_response',
-          success: false,
-          error: 'Cancelled',
-        });
-        return;
-      }
-
-      if (secretResult.delivery === 'transient_send') {
-        // One-time send: inject for single use without persisting to keychain.
-        // Metadata must exist for broker policy checks.
-        if (!getCredentialMetadata('vercel', 'api_token')) {
-          upsertCredentialMetadata('vercel', 'api_token', { allowedTools });
-        }
-        credentialBroker.injectTransient('vercel', 'api_token', secretResult.value);
-      } else {
-        // Default: persist to keychain
-        const storageKey = `credential:vercel:api_token`;
-        setSecureKey(storageKey, secretResult.value);
-        upsertCredentialMetadata('vercel', 'api_token', { allowedTools });
-      }
-
-      // Retry with the newly stored credential
-      useResult = await credentialBroker.serverUse({
-        service: 'vercel',
-        field: 'api_token',
-        toolName: 'publish_page',
-        execute: publishExecute,
+      ctx.send(socket, {
+        type: 'publish_page_response',
+        success: false,
+        error: 'Vercel API token not configured',
+        errorCode: 'credentials_missing',
       });
+      return;
     }
 
     if (useResult.success && useResult.result) {

package/src/daemon/handlers/sessions.ts

@@ -17,7 +17,9 @@ import { getAttentionStateByConversationIds } from '../../memory/conversation-at
 import * as conversationStore from '../../memory/conversation-store.js';
 import { GENERATING_TITLE, queueGenerateConversationTitle, UNTITLED_FALLBACK } from '../../memory/conversation-title-service.js';
 import * as externalConversationStore from '../../memory/external-conversation-store.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../../runtime/assistant-scope.js';
 import { routeGuardianReply } from '../../runtime/guardian-reply-router.js';
+import { resolveLocalIpcGuardianContext } from '../../runtime/local-actor-identity.js';
 import * as pendingInteractions from '../../runtime/pending-interactions.js';
 import { checkIngressForSecrets } from '../../security/secret-ingress.js';
 import { compileCustomPatterns, redactSecrets } from '../../security/secret-scanner.js';
@@ -175,6 +177,10 @@ export async function handleUserMessage(
       conversationId: msg.sessionId,
       sourceChannel: ipcChannel,
     });
+    // Route prompter-originated events (confirmation_request/secret_request)
+    // through the IPC wrapper so pending-interactions + canonical tracking
+    // are updated before the message is sent to the client.
+    session.updateClient(sendEvent, false);
     const ipcInterface = parseInterfaceId(msg.interface);
     if (!ipcInterface) {
       ctx.send(socket, {
@@ -263,6 +269,7 @@ export async function handleUserMessage(
       }
 
       rlog.info({ source }, 'Processing user message');
+      session.emitActivityState('thinking', 'message_dequeued', 'assistant_turn', dispatchRequestId);
       session.setTurnChannelContext({
         userMessageChannel: ipcChannel,
         assistantMessageChannel: ipcChannel,
@@ -271,10 +278,12 @@ export async function handleUserMessage(
         userMessageInterface: ipcInterface,
         assistantMessageInterface: ipcInterface,
       });
-      session.setAssistantId('self');
-      // IPC/desktop user IS the guardian — default to guardian trust so
-      // messages are not tagged as unknown provenance.
-      session.setGuardianContext({ trustClass: 'guardian', sourceChannel: ipcChannel });
+      session.setAssistantId(DAEMON_INTERNAL_ASSISTANT_ID);
+      // Resolve local IPC actor identity through the same trust pipeline
+      // used by HTTP channel ingress. The vellum guardian binding provides
+      // the guardianPrincipalId, and resolveGuardianContext classifies the
+      // local user as 'guardian' via binding match.
+      session.setGuardianContext(resolveLocalIpcGuardianContext(ipcChannel));
       session.setCommandIntent(null);
       // Fire-and-forget: don't block the IPC handler so the connection can
       // continue receiving messages (e.g. cancel, confirmations, or
@@ -599,9 +608,29 @@ export async function handleUserMessage(
             conversationId: msg.sessionId,
             pendingRequestIds: pendingRequestIdsForConversation,
             approvalConversationGenerator: desktopApprovalConversationGenerator,
+            emissionContext: {
+              source: 'inline_nl',
+              causedByRequestId: requestId,
+              decisionText: messageText.trim(),
+            },
           });
 
           if (routerResult.consumed && routerResult.type !== 'nl_keep_pending') {
+            // Success-path emissions (approved/denied) are handled centrally
+            // by handleConfirmationResponse (called via the resolver chain).
+            // However, stale/failed paths never reach handleConfirmationResponse,
+            // so we emit resolved_stale here for those cases.
+            if (routerResult.requestId && !routerResult.decisionApplied) {
+              session.emitConfirmationStateChanged({
+                sessionId: msg.sessionId,
+                requestId: routerResult.requestId,
+                state: 'resolved_stale',
+                source: 'inline_nl',
+                causedByRequestId: requestId,
+                decisionText: messageText.trim(),
+              });
+            }
+
             const consumedChannelMeta = {
               userMessageChannel: ipcChannel,
               assistantMessageChannel: ipcChannel,
@@ -685,6 +714,19 @@ export async function handleUserMessage(
     // will see the denial and can re-request the tool if still needed.
     if (session.hasAnyPendingConfirmation()) {
       rlog.info('Auto-denying pending confirmation(s) due to new user message');
+      // Emit authoritative confirmation state for each auto-denied request
+      // before the prompter clears them.
+      for (const interaction of pendingInteractions.getByConversation(msg.sessionId)) {
+        if (interaction.session === session && interaction.kind === 'confirmation') {
+          session.emitConfirmationStateChanged({
+            sessionId: msg.sessionId,
+            requestId: interaction.requestId,
+            state: 'denied',
+            source: 'auto_deny',
+            causedByRequestId: requestId,
+          });
+        }
+      }
       session.denyAllPendingConfirmations();
       // Keep the pending-interaction tracker aligned with the prompter so
       // stale request IDs are not reused as routing candidates.
@@ -730,6 +772,8 @@ export function handleConfirmationResponse(
         msg.decision,
         msg.selectedPattern,
         msg.selectedScope,
+        undefined,
+        { source: 'button' },
       );
       syncCanonicalStatusFromIpcConfirmationDecision(msg.requestId, msg.decision);
       pendingInteractions.resolve(msg.requestId);
@@ -909,6 +953,7 @@ export async function handleSessionCreate(
       conversationId: conversation.id,
       sourceChannel: transportChannel,
     });
+    session.updateClient(sendEvent, false);
     session.setTurnChannelContext({
       userMessageChannel: transportChannel,
       assistantMessageChannel: transportChannel,
@@ -1154,7 +1199,15 @@ export function handleHistoryRequest(
           surfaceId: s.surfaceId,
           surfaceType: s.surfaceType,
           title: s.title,
-          data: {} as Record<string, unknown>,
+          data: {
+            ...(s.surfaceType === 'dynamic_page'
+              ? {
+                  ...(s.data.preview ? { preview: s.data.preview } : {}),
+                  ...(s.data.appId ? { appId: s.data.appId } : {}),
+                  ...(s.data.appType ? { appType: s.data.appType } : {}),
+                }
+              : {}),
+          } as Record<string, unknown>,
           ...(s.actions ? { actions: s.actions } : {}),
           ...(s.display ? { display: s.display } : {}),
         })))
@@ -1251,6 +1304,7 @@ export async function handleRegenerate(
     conversationId: msg.sessionId,
     sourceChannel: regenerateChannel,
   });
+  session.updateClient(sendEvent, false);
   const requestId = uuid();
   session.traceEmitter.emit('request_received', 'Regenerate requested', {
     requestId,