@vellumai/assistant 0.4.2 → 0.4.4

package/src/home-base/prebuilt/index.html

@@ -488,6 +488,24 @@
       </div>
     </section>
 
+    <!-- Brain Knowledge -->
+    <section class="section" id="home-base-brain-lane">
+      <div class="section-header anim anim-d6"><h2>Knowledge</h2></div>
+
+      <div class="card-stack">
+        <div class="card feature anim anim-d6">
+          <div class="card-icon">🧠</div>
+          <div class="card-body">
+            <div class="task">Knowledge Brain</div>
+            <div class="task-meta" id="home-base-brain-count">Loading...</div>
+            <div class="task-controls">
+              <a href="/v1/brain-graph-ui" class="task-button primary" id="home-base-brain-view">View →</a>
+            </div>
+          </div>
+        </div>
+      </div>
+    </section>
+
     <!-- Onboarding -->
     <section class="section" id="home-base-onboarding-lane">
       <div class="section-header anim anim-d6"><h2>Set up your assistant</h2></div>
@@ -656,6 +674,28 @@
           });
         });
       }
+
+      // Fetch brain graph count for the Knowledge Brain card.
+      (function () {
+        var countEl = byId('home-base-brain-count');
+        if (!countEl) return;
+        var apiToken = document.querySelector('meta[name="api-token"]');
+        var headers = {};
+        if (apiToken && apiToken.content) headers['Authorization'] = 'Bearer ' + apiToken.content;
+        fetch('/v1/brain-graph', { headers: headers })
+          .then(function (res) {
+            if (!res.ok) throw new Error('HTTP ' + res.status);
+            return res.json();
+          })
+          .then(function (data) {
+            var entities = (data.entities || []).length;
+            var relations = (data.relations || []).length;
+            countEl.textContent = entities + ' nodes \u2022 ' + relations + ' relations';
+          })
+          .catch(function () {
+            countEl.textContent = '\u2014';
+          });
+      })();
     })();
   </script>
 </body>

package/src/inbound/platform-callback-registration.ts

@@ -0,0 +1,157 @@
+/**
+ * Platform callback route registration for containerized deployments.
+ *
+ * When the assistant daemon runs inside a container (IS_CONTAINERIZED=true)
+ * with a configured PLATFORM_BASE_URL and PLATFORM_ASSISTANT_ID, external
+ * service callbacks (Twilio webhooks, OAuth redirects, Telegram webhooks, etc.)
+ * must route through the platform's gateway proxy instead of hitting the
+ * assistant directly.
+ *
+ * This module registers callback routes with the platform's internal
+ * gateway endpoint so the platform knows how to forward inbound provider
+ * webhooks to the correct containerized assistant instance.
+ *
+ * The platform endpoint is:
+ *   POST {PLATFORM_BASE_URL}/v1/internal/gateway/callback-routes/register/
+ *
+ * It accepts { assistant_id, callback_path, type } and returns a stable
+ * callback_url that external services should use.
+ */
+
+import { getPlatformAssistantId, getPlatformBaseUrl, getPlatformInternalApiKey } from '../config/env.js';
+import { getIsContainerized } from '../config/env-registry.js';
+import { getLogger } from '../util/logger.js';
+
+const log = getLogger('platform-callback-registration');
+
+/**
+ * Whether the daemon should register callback routes with the platform.
+ * True when IS_CONTAINERIZED, PLATFORM_BASE_URL, and PLATFORM_ASSISTANT_ID
+ * are all set.
+ */
+export function shouldUsePlatformCallbacks(): boolean {
+  return getIsContainerized() && !!getPlatformBaseUrl() && !!getPlatformAssistantId();
+}
+
+interface RegisterCallbackRouteResponse {
+  callback_url: string;
+  callback_path: string;
+  type: string;
+  assistant_id: string;
+}
+
+/**
+ * Register a callback route with the platform's internal gateway endpoint.
+ *
+ * @param callbackPath - The path portion after the ingress base URL
+ *   (e.g. "webhooks/twilio/voice"). Leading/trailing slashes are stripped
+ *   by the platform.
+ * @param type - The route type identifier (e.g. "twilio_voice", "twilio_sms",
+ *   "twilio_status", "oauth", "telegram").
+ * @returns The platform-provided callback URL that external services should use.
+ * @throws If the platform request fails.
+ */
+export async function registerCallbackRoute(
+  callbackPath: string,
+  type: string,
+): Promise<string> {
+  const platformBaseUrl = getPlatformBaseUrl().replace(/\/+$/, '');
+  const assistantId = getPlatformAssistantId();
+  const apiKey = getPlatformInternalApiKey();
+
+  const url = `${platformBaseUrl}/v1/internal/gateway/callback-routes/register/`;
+
+  const headers: Record<string, string> = {
+    'Content-Type': 'application/json',
+  };
+
+  if (apiKey) {
+    headers['Authorization'] = `Bearer ${apiKey}`;
+  }
+
+  const body = JSON.stringify({
+    assistant_id: assistantId,
+    callback_path: callbackPath,
+    type,
+  });
+
+  log.debug({ callbackPath, type }, 'Registering platform callback route');
+
+  const response = await fetch(url, {
+    method: 'POST',
+    headers,
+    body,
+    signal: AbortSignal.timeout(10_000),
+  });
+
+  if (!response.ok) {
+    const detail = await response.text().catch(() => '');
+    throw new Error(
+      `Platform callback route registration failed (HTTP ${response.status}): ${detail}`,
+    );
+  }
+
+  const data = (await response.json()) as RegisterCallbackRouteResponse;
+
+  log.info(
+    { callbackPath, type, callbackUrl: data.callback_url },
+    'Platform callback route registered',
+  );
+
+  return data.callback_url;
+}
+
+/**
+ * Resolve a callback URL, registering with the platform when containerized.
+ *
+ * When platform callbacks are enabled, registers the route and returns the
+ * platform's stable callback URL (optionally with query parameters appended).
+ * Otherwise evaluates the lazy direct URL supplier and returns that value.
+ *
+ * The `directUrl` parameter is a **lazy supplier** (a function returning a
+ * string) rather than an eagerly-evaluated string. This is critical because
+ * the direct URL builders (e.g. `getTwilioVoiceWebhookUrl`) call
+ * `getPublicBaseUrl()` which throws when no public ingress URL is configured.
+ * In containerized environments that rely solely on platform callbacks, the
+ * direct URL is never needed — deferring evaluation avoids the throw.
+ *
+ * @param directUrl - Lazy supplier for the direct callback URL.
+ * @param callbackPath - The path to register (e.g. "webhooks/twilio/voice").
+ * @param type - The route type identifier.
+ * @param queryParams - Optional query parameters to append to the resolved URL.
+ * @returns The resolved callback URL.
+ */
+export async function resolveCallbackUrl(
+  directUrl: () => string,
+  callbackPath: string,
+  type: string,
+  queryParams?: Record<string, string>,
+): Promise<string> {
+  if (!shouldUsePlatformCallbacks()) {
+    return directUrl();
+  }
+
+  try {
+    let url = await registerCallbackRoute(callbackPath, type);
+    if (queryParams && Object.keys(queryParams).length > 0) {
+      const params = new URLSearchParams(queryParams);
+      const separator = url.includes('?') ? '&' : '?';
+      url = `${url}${separator}${params.toString()}`;
+    }
+    return url;
+  } catch (err) {
+    log.warn(
+      { err, callbackPath, type },
+      'Failed to register platform callback route, falling back to direct URL',
+    );
+    try {
+      return directUrl();
+    } catch (fallbackErr) {
+      log.error(
+        { fallbackErr, callbackPath, type },
+        'Direct URL fallback also failed after platform registration failure',
+      );
+      throw err;
+    }
+  }
+}

package/src/memory/canonical-guardian-store.ts

@@ -292,7 +292,7 @@ export interface UpdateCanonicalGuardianRequestParams {
   status?: CanonicalRequestStatus;
   answerText?: string;
   decidedByExternalUserId?: string;
-  followupState?: string;
+  followupState?: string | null;
   expiresAt?: string;
 }
 

package/src/memory/conversation-crud.ts

@@ -7,6 +7,7 @@ import { parseChannelId, parseInterfaceId } from '../channels/types.js';
 import { CHANNEL_IDS, INTERFACE_IDS, isChannelId } from '../channels/types.js';
 import { getConfig } from '../config/loader.js';
 import type { GuardianRuntimeContext } from '../daemon/session-runtime-assembly.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { getLogger } from '../util/logger.js';
 import { createRowMapper } from '../util/row-mapper.js';
 import { deleteOrphanAttachments } from './attachments-store.js';
@@ -299,7 +300,7 @@ export async function addMessage(conversationId: string, role: string, content:
     try {
       projectAssistantMessage({
         conversationId,
-        assistantId: 'self',
+        assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
         messageId: message.id,
         messageAt: message.createdAt,
       });

package/src/memory/conversation-title-service.ts

@@ -286,7 +286,7 @@ function buildTitlePrompt(
   assistantResponse?: string,
 ): string {
   const parts: string[] = [
-    'Generate a very short title for this conversation. Rules: at most 5 words, at most 40 characters, no quotes.',
+    'Generate a very short title for this conversation. Rules: at most 5 words, at most 40 characters, no quotes, no markdown formatting.',
   ];
 
   if (context) {
@@ -313,12 +313,26 @@ function buildTitlePrompt(
 
 function normalizeTitle(raw: string): string {
   let title = raw.trim().replace(/^["']|["']$/g, '');
+  title = stripMarkdown(title);
   const words = title.split(/\s+/);
   if (words.length > 5) title = words.slice(0, 5).join(' ');
   if (title.length > 40) title = title.slice(0, 40).trimEnd();
   return title;
 }
 
+/** Strip common markdown formatting so titles render as plain text. */
+function stripMarkdown(text: string): string {
+  return text
+    .replace(/\*\*(.+?)\*\*/g, '$1')   // **bold**
+    .replace(/__(.+?)__/g, '$1')        // __bold__
+    .replace(/\*(.+?)\*/g, '$1')        // *italic*
+    .replace(/(?<!\w)_(.+?)_(?!\w)/g, '$1') // _italic_ (word-boundary-aware to preserve snake_case)
+    .replace(/~~(.+?)~~/g, '$1')        // ~~strikethrough~~
+    .replace(/`(.+?)`/g, '$1')          // `code`
+    .replace(/\[(.+?)\]\(.+?\)/g, '$1') // [link](url)
+    .replace(/^#{1,6}\s+/gm, '');       // # headings
+}
+
 function deriveFallbackTitle(context?: TitleContext): string | null {
   if (!context) return null;
   if (context.systemHint) return truncate(context.systemHint, 40, '');
@@ -328,7 +342,7 @@ function deriveFallbackTitle(context?: TitleContext): string | null {
 
 function buildRegenerationPrompt(recentMessages: MessageRow[]): string {
   const parts: string[] = [
-    'Generate a very short title for this conversation based on the recent messages below. Rules: at most 5 words, at most 40 characters, no quotes.',
+    'Generate a very short title for this conversation based on the recent messages below. Rules: at most 5 words, at most 40 characters, no quotes, no markdown formatting.',
     '',
     'Recent messages:',
   ];

package/src/memory/db-init.ts

@@ -1,6 +1,7 @@
 import { getDb } from './db-connection.js';
 import {
   addCoreColumns,
+  createActorTokenRecordsTable,
   createAssistantInboxTables,
   createCallSessionsTables,
   createCanonicalGuardianTables,
@@ -37,6 +38,7 @@ import {
   migrateReminderRoutingIntent,
   migrateSchemaIndexesAndColumns,
   migrateVoiceInviteColumns,
+  migrateVoiceInviteDisplayMetadata,
   recoverCrashedMigrations,
   runComplexMigrations,
   runLateMigrations,
@@ -165,5 +167,11 @@ export function initializeDb(): void {
   // 26. Voice invite columns on assistant_ingress_invites
   migrateVoiceInviteColumns(database);
 
+  // 27. Voice invite display metadata (friend_name, guardian_name) for personalized prompts
+  migrateVoiceInviteDisplayMetadata(database);
+
+  // 28. Actor token records (hash-only actor token persistence)
+  createActorTokenRecordsTable(database);
+
   validateMigrationState(database);
 }

package/src/memory/delivery-crud.ts

@@ -8,6 +8,7 @@
 import { and, desc, eq, isNotNull } from 'drizzle-orm';
 import { v4 as uuid } from 'uuid';
 
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { getConversationByKey, getOrCreateConversation, setConversationKeyIfAbsent } from './conversation-key-store.js';
 import { getDb } from './db.js';
 import { channelInboundEvents, conversations } from './schema.js';
@@ -73,7 +74,7 @@ export function recordInbound(
   const scopedMapping = assistantId ? getConversationByKey(scopedKey) : null;
   if (scopedMapping) {
     mapping = { conversationId: scopedMapping.conversationId, created: false };
-  } else if (assistantId === 'self') {
+  } else if (assistantId === DAEMON_INTERNAL_ASSISTANT_ID) {
     const legacyMapping = getConversationByKey(legacyKey);
     if (legacyMapping) {
       mapping = { conversationId: legacyMapping.conversationId, created: false };

package/src/memory/guardian-action-store.ts

@@ -10,6 +10,7 @@
 import { and, desc, eq, inArray, lt } from 'drizzle-orm';
 import { v4 as uuid } from 'uuid';
 
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { getLogger } from '../util/logger.js';
 import { getDb, rawChanges } from './db.js';
 import {
@@ -160,7 +161,7 @@ export function createGuardianActionRequest(params: {
 
   const row = {
     id,
-    assistantId: params.assistantId ?? 'self',
+    assistantId: params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
     kind: params.kind,
     sourceChannel: params.sourceChannel,
     sourceConversationId: params.sourceConversationId,

package/src/memory/guardian-approvals.ts

@@ -9,6 +9,7 @@
 import { and, count, desc, eq, gt, lte } from 'drizzle-orm';
 import { v4 as uuid } from 'uuid';
 
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { getDb } from './db.js';
 import { channelGuardianApprovalRequests } from './schema.js';
 
@@ -100,7 +101,7 @@ export function createApprovalRequest(params: {
     runId: params.runId,
     requestId: params.requestId ?? null,
     conversationId: params.conversationId,
-    assistantId: params.assistantId ?? 'self',
+    assistantId: params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
     channel: params.channel,
     requesterExternalUserId: params.requesterExternalUserId,
     requesterChatId: params.requesterChatId,
@@ -402,7 +403,7 @@ export function listPendingApprovalRequests(params: {
   const db = getDb();
 
   const conditions = [
-    eq(channelGuardianApprovalRequests.assistantId, params.assistantId ?? 'self'),
+    eq(channelGuardianApprovalRequests.assistantId, params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID),
   ];
   if (params.channel) {
     conditions.push(eq(channelGuardianApprovalRequests.channel, params.channel));

package/src/memory/ingress-invite-store.ts

@@ -10,6 +10,7 @@ import { createHash, randomBytes, randomUUID } from 'node:crypto';
 
 import { and, desc, eq } from 'drizzle-orm';
 
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { getDb } from './db.js';
 import { assistantIngressInvites, assistantIngressMembers } from './schema.js';
 
@@ -37,6 +38,9 @@ export interface IngressInvite {
   expectedExternalUserId: string | null;
   voiceCodeHash: string | null;
   voiceCodeDigits: number | null;
+  // Display metadata for personalized voice prompts (null for non-voice invites)
+  friendName: string | null;
+  guardianName: string | null;
   createdAt: number;
   updatedAt: number;
 }
@@ -97,6 +101,8 @@ function rowToInvite(row: typeof assistantIngressInvites.$inferSelect): IngressI
     expectedExternalUserId: row.expectedExternalUserId,
     voiceCodeHash: row.voiceCodeHash,
     voiceCodeDigits: row.voiceCodeDigits,
+    friendName: row.friendName,
+    guardianName: row.guardianName,
     createdAt: row.createdAt,
     updatedAt: row.updatedAt,
   };
@@ -138,6 +144,8 @@ export function createInvite(params: {
   expectedExternalUserId?: string;
   voiceCodeHash?: string;
   voiceCodeDigits?: number;
+  friendName?: string;
+  guardianName?: string;
 }): { invite: IngressInvite; rawToken: string } {
   const db = getDb();
   const now = Date.now();
@@ -147,7 +155,7 @@ export function createInvite(params: {
 
   const row = {
     id,
-    assistantId: params.assistantId ?? 'self',
+    assistantId: params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
     sourceChannel: params.sourceChannel,
     tokenHash: tokenH,
     createdBySessionId: params.createdBySessionId ?? null,
@@ -162,6 +170,8 @@ export function createInvite(params: {
     expectedExternalUserId: params.expectedExternalUserId ?? null,
     voiceCodeHash: params.voiceCodeHash ?? null,
     voiceCodeDigits: params.voiceCodeDigits ?? null,
+    friendName: params.friendName ?? null,
+    guardianName: params.guardianName ?? null,
     createdAt: now,
     updatedAt: now,
   };
@@ -183,7 +193,7 @@ export function listInvites(params: {
   offset?: number;
 }): IngressInvite[] {
   const db = getDb();
-  const assistantId = params.assistantId ?? 'self';
+  const assistantId = params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID;
 
   const conditions = [eq(assistantIngressInvites.assistantId, assistantId)];
 

package/src/memory/ingress-member-store.ts

@@ -8,6 +8,7 @@
 import { and, desc, eq, or } from 'drizzle-orm';
 import { v4 as uuid } from 'uuid';
 
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
 import { getDb } from './db.js';
 import { assistantIngressMembers } from './schema.js';
 
@@ -78,7 +79,7 @@ export function upsertMember(params: {
   createdBySessionId?: string;
   assistantId?: string;
 }): IngressMember {
-  const assistantId = params.assistantId ?? 'self';
+  const assistantId = params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID;
 
   if (!params.externalUserId && !params.externalChatId) {
     throw new Error('At least one of externalUserId or externalChatId must be provided');
@@ -181,7 +182,7 @@ export function listMembers(params?: {
   offset?: number;
 }): IngressMember[] {
   const db = getDb();
-  const assistantId = params?.assistantId ?? 'self';
+  const assistantId = params?.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID;
 
   const conditions = [eq(assistantIngressMembers.assistantId, assistantId)];
   if (params?.sourceChannel) {
@@ -304,7 +305,7 @@ export function findMember(params: {
   }
 
   const db = getDb();
-  const assistantId = params.assistantId ?? 'self';
+  const assistantId = params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID;
 
   // Prefer lookup by externalUserId when available, fall back to externalChatId
   const matchConditions = [];

package/src/memory/migrations/038-actor-token-records.ts

@@ -0,0 +1,39 @@
+import type { DrizzleDb } from '../db-connection.js';
+
+/**
+ * Create the actor_token_records table for hash-only actor token persistence.
+ *
+ * Stores the SHA-256 hash of each actor token alongside metadata for
+ * verification and revocation. The raw token plaintext is never stored.
+ */
+export function createActorTokenRecordsTable(database: DrizzleDb): void {
+  database.run(/*sql*/ `
+    CREATE TABLE IF NOT EXISTS actor_token_records (
+      id TEXT PRIMARY KEY,
+      token_hash TEXT NOT NULL,
+      assistant_id TEXT NOT NULL,
+      guardian_principal_id TEXT NOT NULL,
+      hashed_device_id TEXT NOT NULL,
+      platform TEXT NOT NULL,
+      status TEXT NOT NULL DEFAULT 'active',
+      issued_at INTEGER NOT NULL,
+      expires_at INTEGER,
+      created_at INTEGER NOT NULL,
+      updated_at INTEGER NOT NULL
+    )
+  `);
+
+  // Unique active token per device binding
+  database.run(
+    /*sql*/ `CREATE UNIQUE INDEX IF NOT EXISTS idx_actor_tokens_active_device
+      ON actor_token_records(assistant_id, guardian_principal_id, hashed_device_id)
+      WHERE status = 'active'`,
+  );
+
+  // Token hash lookup for verification
+  database.run(
+    /*sql*/ `CREATE INDEX IF NOT EXISTS idx_actor_tokens_hash
+      ON actor_token_records(token_hash)
+      WHERE status = 'active'`,
+  );
+}

package/src/memory/migrations/124-voice-invite-display-metadata.ts

@@ -0,0 +1,14 @@
+import type { DrizzleDb } from '../db-connection.js';
+
+/**
+ * Add display metadata columns to assistant_ingress_invites for personalized
+ * voice invite prompts. Both columns are nullable to keep existing invite
+ * rows compatible.
+ *
+ * - friend_name: the name of the person being invited (used in welcome prompt)
+ * - guardian_name: the name of the guardian who created the invite (used in prompts)
+ */
+export function migrateVoiceInviteDisplayMetadata(database: DrizzleDb): void {
+  try { database.run(/*sql*/ `ALTER TABLE assistant_ingress_invites ADD COLUMN friend_name TEXT`); } catch { /* already exists */ }
+  try { database.run(/*sql*/ `ALTER TABLE assistant_ingress_invites ADD COLUMN guardian_name TEXT`); } catch { /* already exists */ }
+}

package/src/memory/migrations/index.ts

@@ -39,6 +39,7 @@ export { migrateGuardianActionToolMetadata } from './034-guardian-action-tool-me
 export { migrateGuardianActionSupersession } from './035-guardian-action-supersession.js';
 export { migrateNormalizePhoneIdentities } from './036-normalize-phone-identities.js';
 export { migrateVoiceInviteColumns } from './037-voice-invite-columns.js';
+export { createActorTokenRecordsTable } from './038-actor-token-records.js';
 export { createCoreTables } from './100-core-tables.js';
 export { createWatchersAndLogsTables } from './101-watchers-and-logs.js';
 export { addCoreColumns } from './102-alter-table-columns.js';
@@ -63,6 +64,7 @@ export { migrateFkCascadeRebuilds } from './120-fk-cascade-rebuilds.js';
 export { createCanonicalGuardianTables } from './121-canonical-guardian-requests.js';
 export { migrateCanonicalGuardianRequesterChatId } from './122-canonical-guardian-requester-chat-id.js';
 export { migrateCanonicalGuardianDeliveriesDestinationIndex } from './123-canonical-guardian-deliveries-destination-index.js';
+export { migrateVoiceInviteDisplayMetadata } from './124-voice-invite-display-metadata.js';
 export {
   MIGRATION_REGISTRY,
   type MigrationRegistryEntry,

package/src/memory/schema.ts

@@ -1,5 +1,7 @@
 import { blob, index,integer, real, sqliteTable, text, uniqueIndex } from 'drizzle-orm/sqlite-core';
 
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../runtime/assistant-scope.js';
+
 export const conversations = sqliteTable('conversations', {
   id: text('id').primaryKey(),
   title: text('title'),
@@ -683,7 +685,7 @@ export const channelGuardianApprovalRequests = sqliteTable('channel_guardian_app
   runId: text('run_id').notNull(),
   requestId: text('request_id'),
   conversationId: text('conversation_id').notNull(),
-  assistantId: text('assistant_id').notNull().default('self'),
+  assistantId: text('assistant_id').notNull().default(DAEMON_INTERNAL_ASSISTANT_ID),
   channel: text('channel').notNull(),
   requesterExternalUserId: text('requester_external_user_id').notNull(),
   requesterChatId: text('requester_chat_id').notNull(),
@@ -819,7 +821,7 @@ export const mediaEventFeedback = sqliteTable('media_event_feedback', {
 
 export const guardianActionRequests = sqliteTable('guardian_action_requests', {
   id: text('id').primaryKey(),
-  assistantId: text('assistant_id').notNull().default('self'),
+  assistantId: text('assistant_id').notNull().default(DAEMON_INTERNAL_ASSISTANT_ID),
   kind: text('kind').notNull(),                                  // 'ask_guardian'
   sourceChannel: text('source_channel').notNull(),               // 'voice'
   sourceConversationId: text('source_conversation_id').notNull(),
@@ -930,7 +932,7 @@ export const canonicalGuardianDeliveries = sqliteTable('canonical_guardian_deliv
 
 export const assistantIngressInvites = sqliteTable('assistant_ingress_invites', {
   id: text('id').primaryKey(),
-  assistantId: text('assistant_id').notNull().default('self'),
+  assistantId: text('assistant_id').notNull().default(DAEMON_INTERNAL_ASSISTANT_ID),
   sourceChannel: text('source_channel').notNull(),
   tokenHash: text('token_hash').notNull(),
   createdBySessionId: text('created_by_session_id'),
@@ -946,13 +948,16 @@ export const assistantIngressInvites = sqliteTable('assistant_ingress_invites',
   expectedExternalUserId: text('expected_external_user_id'),
   voiceCodeHash: text('voice_code_hash'),
   voiceCodeDigits: integer('voice_code_digits'),
+  // Display metadata for personalized voice prompts (nullable — non-voice invites leave these NULL)
+  friendName: text('friend_name'),
+  guardianName: text('guardian_name'),
   createdAt: integer('created_at').notNull(),
   updatedAt: integer('updated_at').notNull(),
 });
 
 export const assistantIngressMembers = sqliteTable('assistant_ingress_members', {
   id: text('id').primaryKey(),
-  assistantId: text('assistant_id').notNull().default('self'),
+  assistantId: text('assistant_id').notNull().default(DAEMON_INTERNAL_ASSISTANT_ID),
   sourceChannel: text('source_channel').notNull(),
   externalUserId: text('external_user_id'),
   externalChatId: text('external_chat_id'),
@@ -974,7 +979,7 @@ export const assistantInboxThreadState = sqliteTable('assistant_inbox_thread_sta
   conversationId: text('conversation_id')
     .primaryKey()
     .references(() => conversations.id, { onDelete: 'cascade' }),
-  assistantId: text('assistant_id').notNull().default('self'),
+  assistantId: text('assistant_id').notNull().default(DAEMON_INTERNAL_ASSISTANT_ID),
   sourceChannel: text('source_channel').notNull(),
   externalChatId: text('external_chat_id').notNull(),
   externalUserId: text('external_user_id'),
@@ -1138,6 +1143,22 @@ export const conversationAssistantAttentionState = sqliteTable('conversation_ass
   index('idx_conv_attn_state_assistant_last_seen').on(table.assistantId, table.lastSeenAssistantMessageAt),
 ]);
 
+// ── Actor Token Records ──────────────────────────────────────────────
+
+export const actorTokenRecords = sqliteTable('actor_token_records', {
+  id: text('id').primaryKey(),
+  tokenHash: text('token_hash').notNull(),
+  assistantId: text('assistant_id').notNull(),
+  guardianPrincipalId: text('guardian_principal_id').notNull(),
+  hashedDeviceId: text('hashed_device_id').notNull(),
+  platform: text('platform').notNull(),
+  status: text('status').notNull().default('active'),
+  issuedAt: integer('issued_at').notNull(),
+  expiresAt: integer('expires_at'),
+  createdAt: integer('created_at').notNull(),
+  updatedAt: integer('updated_at').notNull(),
+});
+
 // ── Scoped Approval Grants ──────────────────────────────────────────
 
 export const scopedApprovalGrants = sqliteTable('scoped_approval_grants', {

package/src/messaging/provider-types.ts

@@ -81,3 +81,27 @@ export interface SendOptions {
   /** Optional assistant scope for multi-assistant channels. */
   assistantId?: string;
 }
+
+/** Result from a sender digest scan — groups messages by sender for bulk cleanup. */
+export interface SenderDigestEntry {
+  id: string;
+  displayName: string;
+  email: string;
+  messageCount: number;
+  hasUnsubscribe: boolean;
+  newestMessageId: string;
+  searchQuery: string;
+  messageIds: string[];
+  hasMore: boolean;
+}
+
+export interface SenderDigestResult {
+  senders: SenderDigestEntry[];
+  totalScanned: number;
+  queryUsed: string;
+}
+
+export interface ArchiveResult {
+  archived: number;
+  truncated?: boolean;
+}