@vellumai/assistant 0.4.3 → 0.4.4

package/src/runtime/http-server.ts

@@ -87,6 +87,7 @@ import {
   handleGetAttachmentContent,
   handleUploadAttachment,
 } from './routes/attachment-routes.js';
+import { handleGetBrainGraph, handleServeBrainGraphUI, handleServeHomeBaseUI } from './routes/brain-graph-routes.js';
 import {
   handleAnswerCall,
   handleCancelCall,
@@ -98,6 +99,10 @@ import {
   startCanonicalGuardianExpirySweep,
   stopCanonicalGuardianExpirySweep,
 } from './routes/canonical-guardian-expiry-sweep.js';
+import {
+  handleGetChannelReadiness,
+  handleRefreshChannelReadiness,
+} from './routes/channel-readiness-routes.js';
 import {
   handleChannelDeliveryAck,
   handleChannelInbound,
@@ -126,6 +131,7 @@ import {
   handleGuardianActionDecision,
   handleGuardianActionsPending,
 } from './routes/guardian-action-routes.js';
+import { handleGuardianBootstrap } from './routes/guardian-bootstrap-routes.js';
 import { handleGetIdentity,handleHealth } from './routes/identity-routes.js';
 import {
   handleBlockMember,
@@ -160,6 +166,21 @@ import {
   handlePairingStatus,
 } from './routes/pairing-routes.js';
 import { handleAddSecret } from './routes/secret-routes.js';
+import {
+  handleAssignTwilioNumber,
+  handleClearTwilioCredentials,
+  handleDeleteTollfreeVerification,
+  handleGetSmsCompliance,
+  handleGetTwilioConfig,
+  handleListTwilioNumbers,
+  handleProvisionTwilioNumber,
+  handleReleaseTwilioNumber,
+  handleSetTwilioCredentials,
+  handleSmsDoctor,
+  handleSmsSendTest,
+  handleSubmitTollfreeVerification,
+  handleUpdateTollfreeVerification,
+} from './routes/twilio-routes.js';
 
 // Re-export for consumers
 export { isPrivateAddress } from './middleware/auth.js';
@@ -445,7 +466,7 @@ export class RuntimeHttpServer {
         return rateLimitResponse(result);
       }
       // Attach rate limit headers to the eventual response
-      const originalResponse = await this.handleAuthenticatedRequest(req, url, path);
+      const originalResponse = await this.handleAuthenticatedRequest(req, url, path, server);
       const headers = new Headers(originalResponse.headers);
       for (const [k, v] of Object.entries(rateLimitHeaders(result))) {
         headers.set(k, v);
@@ -457,13 +478,13 @@ export class RuntimeHttpServer {
       });
     }
 
-    return this.handleAuthenticatedRequest(req, url, path);
+    return this.handleAuthenticatedRequest(req, url, path, server);
   }
 
   /**
    * Handle requests that have already passed auth and rate limiting.
    */
-  private async handleAuthenticatedRequest(req: Request, url: URL, path: string): Promise<Response> {
+  private async handleAuthenticatedRequest(req: Request, url: URL, path: string, server: ReturnType<typeof Bun.serve>): Promise<Response> {
     // Pairing registration (bearer-authenticated)
     if (path === '/v1/pairing/register' && req.method === 'POST') {
       return await handlePairingRegister(req, this.pairingContext);
@@ -524,7 +545,7 @@ export class RuntimeHttpServer {
     // Runtime routes: /v1/<endpoint>
     const routeMatch = path.match(/^\/v1\/(.+)$/);
     if (routeMatch) {
-      return this.dispatchEndpoint(routeMatch[1], req, url);
+      return this.dispatchEndpoint(routeMatch[1], req, url, server);
     }
 
     return httpError('NOT_FOUND', 'Not found', 404);
@@ -607,6 +628,7 @@ export class RuntimeHttpServer {
     endpoint: string,
     req: Request,
     url: URL,
+    server: ReturnType<typeof Bun.serve>,
   ): Promise<Response> {
     const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
     return withErrorHandling(endpoint, async () => {
@@ -706,18 +728,18 @@ export class RuntimeHttpServer {
           persistAndProcessMessage: this.persistAndProcessMessage,
           sendMessageDeps: this.sendMessageDeps,
           approvalConversationGenerator: this.approvalConversationGenerator,
-        });
+        }, server);
       }
 
       // Standalone approval endpoints — keyed by requestId, orthogonal to message sending
-      if (endpoint === 'confirm' && req.method === 'POST') return await handleConfirm(req);
-      if (endpoint === 'secret' && req.method === 'POST') return await handleSecret(req);
-      if (endpoint === 'trust-rules' && req.method === 'POST') return await handleTrustRule(req);
-      if (endpoint === 'pending-interactions' && req.method === 'GET') return handleListPendingInteractions(url);
+      if (endpoint === 'confirm' && req.method === 'POST') return await handleConfirm(req, server);
+      if (endpoint === 'secret' && req.method === 'POST') return await handleSecret(req, server);
+      if (endpoint === 'trust-rules' && req.method === 'POST') return await handleTrustRule(req, server);
+      if (endpoint === 'pending-interactions' && req.method === 'GET') return handleListPendingInteractions(url, req, server);
 
       // Guardian action endpoints — deterministic button-based decisions
-      if (endpoint === 'guardian-actions/pending' && req.method === 'GET') return handleGuardianActionsPending(req);
-      if (endpoint === 'guardian-actions/decision' && req.method === 'POST') return await handleGuardianActionDecision(req);
+      if (endpoint === 'guardian-actions/pending' && req.method === 'GET') return handleGuardianActionsPending(req, server);
+      if (endpoint === 'guardian-actions/decision' && req.method === 'POST') return await handleGuardianActionDecision(req, server);
 
       // Contacts
       if (endpoint === 'contacts' && req.method === 'GET') return handleListContacts(url);
@@ -759,6 +781,34 @@ export class RuntimeHttpServer {
       if (endpoint === 'integrations/guardian/outbound/resend' && req.method === 'POST') return await handleResendOutbound(req);
       if (endpoint === 'integrations/guardian/outbound/cancel' && req.method === 'POST') return await handleCancelOutbound(req);
 
+      // Guardian vellum channel bootstrap
+      if (endpoint === 'integrations/guardian/vellum/bootstrap' && req.method === 'POST') return await handleGuardianBootstrap(req, server);
+
+      // Integrations — Twilio config
+      if (endpoint === 'integrations/twilio/config' && req.method === 'GET') return handleGetTwilioConfig();
+      if (endpoint === 'integrations/twilio/credentials' && req.method === 'POST') return await handleSetTwilioCredentials(req);
+      if (endpoint === 'integrations/twilio/credentials' && req.method === 'DELETE') return handleClearTwilioCredentials();
+      if (endpoint === 'integrations/twilio/numbers' && req.method === 'GET') return await handleListTwilioNumbers();
+      if (endpoint === 'integrations/twilio/numbers/provision' && req.method === 'POST') return await handleProvisionTwilioNumber(req);
+      if (endpoint === 'integrations/twilio/numbers/assign' && req.method === 'POST') return await handleAssignTwilioNumber(req);
+      if (endpoint === 'integrations/twilio/numbers/release' && req.method === 'POST') return await handleReleaseTwilioNumber(req);
+      if (endpoint === 'integrations/twilio/sms/compliance' && req.method === 'GET') return await handleGetSmsCompliance();
+      if (endpoint === 'integrations/twilio/sms/compliance/tollfree' && req.method === 'POST') return await handleSubmitTollfreeVerification(req);
+      if (endpoint === 'integrations/twilio/sms/test' && req.method === 'POST') return await handleSmsSendTest(req);
+      if (endpoint === 'integrations/twilio/sms/doctor' && req.method === 'POST') return await handleSmsDoctor();
+
+      // Twilio toll-free verification PATCH/DELETE with :verificationSid
+      const tollfreeVerificationMatch = endpoint.match(/^integrations\/twilio\/sms\/compliance\/tollfree\/([^/]+)$/);
+      if (tollfreeVerificationMatch) {
+        const verificationSid = tollfreeVerificationMatch[1];
+        if (req.method === 'PATCH') return await handleUpdateTollfreeVerification(req, verificationSid);
+        if (req.method === 'DELETE') return await handleDeleteTollfreeVerification(verificationSid);
+      }
+
+      // Channel readiness
+      if (endpoint === 'channels/readiness' && req.method === 'GET') return await handleGetChannelReadiness(url);
+      if (endpoint === 'channels/readiness/refresh' && req.method === 'POST') return await handleRefreshChannelReadiness(req);
+
       if (endpoint === 'attachments' && req.method === 'POST') return await handleUploadAttachment(req);
       if (endpoint === 'attachments' && req.method === 'DELETE') return await handleDeleteAttachment(req);
 
@@ -826,7 +876,10 @@ export class RuntimeHttpServer {
       }
 
       if (endpoint === 'identity' && req.method === 'GET') return handleGetIdentity();
-      if (endpoint === 'events' && req.method === 'GET') return handleSubscribeAssistantEvents(req, url);
+      if (endpoint === 'brain-graph' && req.method === 'GET') return handleGetBrainGraph();
+      if (endpoint === 'brain-graph-ui' && req.method === 'GET') return handleServeBrainGraphUI(this.bearerToken);
+      if (endpoint === 'home-base-ui' && req.method === 'GET') return handleServeHomeBaseUI(this.bearerToken);
+      if (endpoint === 'events' && req.method === 'GET') return handleSubscribeAssistantEvents(req, url, { server });
 
       // Internal OAuth callback endpoint (gateway -> runtime)
       if (endpoint === 'internal/oauth/callback' && req.method === 'POST') {

package/src/runtime/http-types.ts

@@ -1,6 +1,10 @@
 /**
  * Shared types for the runtime HTTP server and its route handlers.
  */
+import type {
+  CallPointerMessageContext,
+  ComposeCallPointerMessageOptions,
+} from '../calls/call-pointer-message-composer.js';
 import type { ChannelId, InterfaceId } from '../channels/types.js';
 import type { Session } from '../daemon/session.js';
 import type { GuardianRuntimeContext } from '../daemon/session-runtime-assembly.js';
@@ -55,6 +59,15 @@ export type ApprovalConversationGenerator = (
   context: ApprovalConversationContext,
 ) => Promise<ApprovalConversationResult>;
 
+/**
+ * Daemon-injected function that generates call pointer copy using a provider.
+ * Returns generated text or `null` on failure (caller falls back to deterministic text).
+ */
+export type PointerCopyGenerator = (
+  context: CallPointerMessageContext,
+  options?: ComposeCallPointerMessageOptions,
+) => Promise<string | null>;
+
 /**
  * Daemon-injected function that generates guardian action copy using a provider.
  * Returns generated text or `null` on failure (caller falls back to deterministic text).

package/src/runtime/invite-redemption-service.ts

@@ -286,12 +286,20 @@ export function redeemVoiceInviteCode(params: {
   const STALE_INVITE = Symbol('stale_invite');
   let memberId: string | undefined;
 
+  // Reactivation should not overwrite a guardian-managed nickname (same
+  // protection as the token-based redemption path above).
+  const preservedDisplayName = existingMember?.displayName?.trim().length
+    ? existingMember.displayName
+    : (invite.friendName ?? undefined);
+
   try {
     getSqlite().transaction(() => {
       const member = upsertMember({
         assistantId: invite.assistantId,
         sourceChannel: 'voice',
         externalUserId: callerExternalUserId,
+        externalChatId: callerExternalUserId,
+        displayName: preservedDisplayName,
         status: 'active',
         policy: 'allow',
         inviteId: invite.id,

package/src/runtime/local-actor-identity.ts

@@ -0,0 +1,76 @@
+/**
+ * Deterministic local actor identity for IPC connections.
+ *
+ * IPC (Unix domain socket) connections come from the local macOS native app.
+ * No actor token is sent over the socket; instead, the daemon assigns a
+ * deterministic local actor identity server-side by looking up the vellum
+ * channel guardian binding.
+ *
+ * This routes IPC connections through the same `resolveGuardianContext`
+ * pathway used by HTTP channel ingress, producing equivalent
+ * guardian-context behavior for the vellum channel.
+ */
+
+import type { ChannelId } from '../channels/types.js';
+import type { GuardianRuntimeContext } from '../daemon/session-runtime-assembly.js';
+import { getActiveBinding } from '../memory/guardian-bindings.js';
+import { getLogger } from '../util/logger.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from './assistant-scope.js';
+import {
+  resolveGuardianContext,
+  toGuardianRuntimeContext,
+} from './guardian-context-resolver.js';
+
+const log = getLogger('local-actor-identity');
+
+/**
+ * Resolve the guardian runtime context for a local IPC connection.
+ *
+ * Looks up the vellum guardian binding to obtain the `guardianPrincipalId`,
+ * then passes it as the sender identity through `resolveGuardianContext` --
+ * the same pathway HTTP channel routes use. This ensures IPC and HTTP
+ * produce equivalent trust classification for the vellum channel.
+ *
+ * When no vellum guardian binding exists (e.g. fresh install before
+ * bootstrap), falls back to a minimal guardian context so the local
+ * user is not incorrectly denied.
+ */
+export function resolveLocalIpcGuardianContext(
+  sourceChannel: ChannelId = 'vellum',
+): GuardianRuntimeContext {
+  const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
+  const binding = getActiveBinding(assistantId, 'vellum');
+
+  if (!binding) {
+    // No vellum binding yet (pre-bootstrap). The local user is
+    // inherently the guardian of their own machine, so produce a
+    // guardian context without a binding match. The trust resolver
+    // would classify this as 'unknown' due to no_binding, but for
+    // the local IPC case that is incorrect -- the local macOS user
+    // is always the guardian.
+    log.debug('No vellum guardian binding found; using fallback guardian context for IPC');
+    return {
+      sourceChannel,
+      trustClass: 'guardian',
+    };
+  }
+
+  const guardianPrincipalId = binding.guardianExternalUserId;
+
+  // Route through the shared trust resolution pipeline using 'vellum'
+  // as the channel for binding lookup. The guardianPrincipalId comes
+  // from the vellum binding, so the binding lookup must also target
+  // 'vellum' — otherwise resolveActorTrust would look up a different
+  // channel's binding (e.g. telegram/sms) and the IDs wouldn't match,
+  // causing a 'unknown' trust classification.
+  const guardianCtx = resolveGuardianContext({
+    assistantId,
+    sourceChannel: 'vellum',
+    externalChatId: 'local',
+    senderExternalUserId: guardianPrincipalId,
+  });
+
+  // Overlay the caller's actual sourceChannel onto the resolved context
+  // so downstream consumers see the correct channel provenance.
+  return toGuardianRuntimeContext(sourceChannel, guardianCtx);
+}

package/src/runtime/middleware/actor-token.ts

@@ -0,0 +1,271 @@
+/**
+ * Actor-token verification middleware for HTTP routes.
+ *
+ * Extracts the X-Actor-Token header, verifies the HMAC signature,
+ * checks that the token is active in the store, and returns the
+ * verified claims and resolved guardian runtime context.
+ *
+ * Used by vellum-channel HTTP routes (POST /v1/messages, POST /v1/confirm,
+ * POST /v1/guardian-actions/decision, etc.) to enforce identity-based
+ * authentication.
+ *
+ * For backward compatibility with bearer-authenticated local clients (CLI),
+ * provides fallback functions that resolve identity through the local IPC
+ * guardian context pathway when no actor token is present.
+ */
+
+import type { ChannelId } from '../../channels/types.js';
+import type { GuardianRuntimeContext } from '../../daemon/session-runtime-assembly.js';
+import { getActiveBinding } from '../../memory/guardian-bindings.js';
+import { getLogger } from '../../util/logger.js';
+import { type ActorTokenClaims, hashToken, verifyActorToken } from '../actor-token-service.js';
+import { findActiveByTokenHash } from '../actor-token-store.js';
+import { DAEMON_INTERNAL_ASSISTANT_ID } from '../assistant-scope.js';
+import {
+  resolveGuardianContext,
+  toGuardianRuntimeContext,
+} from '../guardian-context-resolver.js';
+import { resolveLocalIpcGuardianContext } from '../local-actor-identity.js';
+
+const log = getLogger('actor-token-middleware');
+
+// ---------------------------------------------------------------------------
+// Types
+// ---------------------------------------------------------------------------
+
+export interface ActorTokenResult {
+  ok: true;
+  claims: ActorTokenClaims;
+  guardianContext: GuardianRuntimeContext;
+}
+
+export interface ActorTokenError {
+  ok: false;
+  status: number;
+  message: string;
+}
+
+export type ActorTokenVerification = ActorTokenResult | ActorTokenError;
+
+// ---------------------------------------------------------------------------
+// Header extraction
+// ---------------------------------------------------------------------------
+
+const ACTOR_TOKEN_HEADER = 'x-actor-token';
+
+export function extractActorToken(req: Request): string | null {
+  return req.headers.get(ACTOR_TOKEN_HEADER) || null;
+}
+
+// ---------------------------------------------------------------------------
+// Full verification pipeline
+// ---------------------------------------------------------------------------
+
+/**
+ * Verify the X-Actor-Token header and resolve a guardian runtime context.
+ *
+ * Steps:
+ * 1. Extract the header value.
+ * 2. Verify HMAC signature and expiration.
+ * 3. Check the token hash is active in the actor-token store.
+ * 4. Resolve a guardian context through the standard trust pipeline using
+ *    the claims' guardianPrincipalId as the sender identity.
+ *
+ * Returns an ok result with claims and guardianContext, or an error with
+ * the HTTP status code and message to return.
+ */
+export function verifyHttpActorToken(req: Request): ActorTokenVerification {
+  const rawToken = extractActorToken(req);
+  if (!rawToken) {
+    return {
+      ok: false,
+      status: 401,
+      message: 'Missing X-Actor-Token header. Vellum HTTP requests require actor identity.',
+    };
+  }
+
+  // Structural + signature verification
+  const verifyResult = verifyActorToken(rawToken);
+  if (!verifyResult.ok) {
+    log.warn({ reason: verifyResult.reason }, 'Actor token verification failed');
+    return {
+      ok: false,
+      status: 401,
+      message: `Invalid actor token: ${verifyResult.reason}`,
+    };
+  }
+
+  // Check the token is active in the store (not revoked)
+  const tokenHash = hashToken(rawToken);
+  const record = findActiveByTokenHash(tokenHash);
+  if (!record) {
+    log.warn('Actor token not found in active store (possibly revoked)');
+    return {
+      ok: false,
+      status: 401,
+      message: 'Actor token is no longer active',
+    };
+  }
+
+  const { claims } = verifyResult;
+
+  // Resolve guardian context through the shared trust pipeline.
+  // The guardianPrincipalId from the token is used as the sender identity,
+  // and 'vellum' is used as the channel for binding lookup.
+  const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
+  const guardianCtx = resolveGuardianContext({
+    assistantId,
+    sourceChannel: 'vellum',
+    externalChatId: 'local',
+    senderExternalUserId: claims.guardianPrincipalId,
+  });
+
+  const guardianContext = toGuardianRuntimeContext('vellum' as ChannelId, guardianCtx);
+
+  return {
+    ok: true,
+    claims,
+    guardianContext,
+  };
+}
+
+/**
+ * Verify that the actor identity from a verified token matches the bound
+ * guardian for the vellum channel. Used for guardian-decision endpoints
+ * where only the guardian should be able to approve/reject.
+ *
+ * Returns true if the actor is the bound guardian, false otherwise.
+ */
+export function isActorBoundGuardian(claims: ActorTokenClaims): boolean {
+  const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
+  const binding = getActiveBinding(assistantId, 'vellum');
+  if (!binding) return false;
+  return binding.guardianExternalUserId === claims.guardianPrincipalId;
+}
+
+// ---------------------------------------------------------------------------
+// Bearer-auth fallback variants
+// ---------------------------------------------------------------------------
+
+/** Loopback addresses — used to gate the local identity fallback. */
+const LOOPBACK_ADDRESSES = new Set(['127.0.0.1', '::1', '::ffff:127.0.0.1']);
+
+/** Bun server shape needed for requestIP — avoids importing the full Bun type. */
+export type ServerWithRequestIP = {
+  requestIP(req: Request): { address: string; family: string; port: number } | null;
+};
+
+/**
+ * Result for the fallback verification path where the actor token is absent
+ * but the request is bearer-authenticated (local trusted client like CLI).
+ */
+export interface ActorTokenLocalFallbackResult {
+  ok: true;
+  claims: null;
+  guardianContext: GuardianRuntimeContext;
+  localFallback: true;
+}
+
+export type ActorTokenVerificationWithFallback =
+  | ActorTokenResult
+  | ActorTokenLocalFallbackResult
+  | ActorTokenError;
+
+/**
+ * Verify the actor token with fallback to local IPC identity resolution.
+ *
+ * When an actor token is present, the full verification pipeline runs.
+ * When absent AND the request originates from a loopback address, the
+ * request is treated as a trusted local client (e.g. CLI) and we fall
+ * back to `resolveLocalIpcGuardianContext()` which produces the same
+ * guardian context as the IPC pathway.
+ *
+ * Two conditions must BOTH be met for the local fallback:
+ * 1. No X-Forwarded-For header (rules out gateway-proxied requests).
+ * 2. The peer remote address is a loopback address (rules out LAN/container
+ *    connections when the runtime binds to 0.0.0.0).
+ *
+ * The peer address is checked via `server.requestIP(req)`.
+ *
+ * --- CLI compatibility note ---
+ *
+ * The local fallback is an intentional CLI compatibility path, not a
+ * security gap. The CLI currently sends only `Authorization: Bearer <token>`
+ * without `X-Actor-Token`. This fallback allows the CLI to function until
+ * it is migrated to actor tokens in a future milestone.
+ *
+ * The fallback is gated by three conditions that together ensure only
+ * genuinely local connections receive guardian identity:
+ *   (1) Absence of X-Forwarded-For header — the gateway always injects
+ *       this header when proxying, so its presence indicates a remote client.
+ *   (2) Loopback origin check — verifies the peer IP is 127.0.0.1/::1,
+ *       preventing LAN or container peers.
+ *   (3) Valid bearer authentication — already enforced upstream by the
+ *       HTTP server's auth gate before this function is called.
+ *
+ * Once the CLI adopts actor tokens, this fallback can be removed.
+ */
+export function verifyHttpActorTokenWithLocalFallback(
+  req: Request,
+  server: ServerWithRequestIP,
+): ActorTokenVerificationWithFallback {
+  const rawToken = extractActorToken(req);
+
+  // If an actor token is present, use the strict verification pipeline.
+  if (rawToken) {
+    return verifyHttpActorToken(req);
+  }
+
+  // Gate the local fallback on provably-local origin. The gateway runtime
+  // proxy always injects X-Forwarded-For with the real client IP when
+  // forwarding requests. Direct local connections (CLI, macOS app) never
+  // set this header. If X-Forwarded-For is present, the request was
+  // proxied through the gateway on behalf of a potentially remote client
+  // and must not receive local guardian identity.
+  if (req.headers.get('x-forwarded-for')) {
+    log.warn('Rejecting local identity fallback: request has X-Forwarded-For (proxied through gateway)');
+    return {
+      ok: false,
+      status: 401,
+      message: 'Missing X-Actor-Token header. Proxied requests require actor identity.',
+    };
+  }
+
+  // Verify the peer address is actually loopback. This prevents LAN or
+  // container peers from receiving local guardian identity when the
+  // runtime binds to 0.0.0.0.
+  const peerIp = server.requestIP(req)?.address;
+  if (!peerIp || !LOOPBACK_ADDRESSES.has(peerIp)) {
+    log.warn({ peerIp }, 'Rejecting local identity fallback: peer is not loopback');
+    return {
+      ok: false,
+      status: 401,
+      message: 'Missing X-Actor-Token header. Non-loopback requests require actor identity.',
+    };
+  }
+
+  // No actor token, no forwarding header, and the peer is on loopback
+  // — this is a direct local connection that passed bearer auth at the
+  // HTTP server layer. Resolve identity the same way as IPC.
+  log.debug('No actor token present on direct local request; using local IPC identity fallback');
+  const guardianContext = resolveLocalIpcGuardianContext('vellum');
+  return {
+    ok: true,
+    claims: null,
+    guardianContext,
+    localFallback: true,
+  };
+}
+
+/**
+ * Check whether the local fallback identity is the bound guardian.
+ *
+ * When no actor token is present (local fallback), the local user is
+ * treated as the guardian of their own machine — equivalent to IPC.
+ * This returns true when either the resolved trust class is 'guardian'
+ * or no vellum binding exists yet (pre-bootstrap).
+ */
+export function isLocalFallbackBoundGuardian(): boolean {
+  const guardianContext = resolveLocalIpcGuardianContext('vellum');
+  return guardianContext.trustClass === 'guardian';
+}