@vellumai/assistant 0.4.33 → 0.4.34

package/src/runtime/routes/inbound-stages/acl-enforcement.ts

@@ -191,14 +191,8 @@ export async function enforceIngressAcl(
         // omitted: rebind sessions create a consumable challenge while a
         // binding already exists, and the identity check inside
         // validateAndConsumeChallenge prevents unauthorized takeovers.
-        const hasPendingChallenge = !!getPendingChallenge(
-          canonicalAssistantId,
-          sourceChannel,
-        );
-        const hasActiveOutboundSession = !!findActiveSession(
-          canonicalAssistantId,
-          sourceChannel,
-        );
+        const hasPendingChallenge = !!getPendingChallenge(sourceChannel);
+        const hasActiveOutboundSession = !!findActiveSession(sourceChannel);
         if (hasPendingChallenge || hasActiveOutboundSession) {
           denyNonMember = false;
         } else {
@@ -219,7 +213,6 @@ export async function enforceIngressAcl(
         ).payload as string;
         const bootstrapTokenForAcl = bootstrapPayload.slice(3); // strip 'gv_' prefix
         const bootstrapSessionForAcl = resolveBootstrapToken(
-          canonicalAssistantId,
           sourceChannel,
           bootstrapTokenForAcl,
         );
@@ -299,13 +292,8 @@ export async function enforceIngressAcl(
         // user can reply with the code in the DM to self-verify.
         if (sourceChannel === "slack" && (canonicalSenderId ?? rawSenderId)) {
           const slackVerifyResult = initiateSlackVerificationChallenge({
-            canonicalAssistantId,
             sourceChannel,
-            conversationExternalId,
             senderUserId: (canonicalSenderId ?? rawSenderId)!,
-            replyCallbackUrl,
-            mintBearerToken,
-            assistantId,
           });
 
           if (slackVerifyResult.initiated) {
@@ -420,14 +408,8 @@ export async function enforceIngressAcl(
         // revoked/blocked — otherwise the user can never re-verify.
         let denyInactiveMember = true;
         if (isGuardianVerifyCode) {
-          const hasPendingChallenge = !!getPendingChallenge(
-            canonicalAssistantId,
-            sourceChannel,
-          );
-          const hasActiveOutboundSession = !!findActiveSession(
-            canonicalAssistantId,
-            sourceChannel,
-          );
+          const hasPendingChallenge = !!getPendingChallenge(sourceChannel);
+          const hasActiveOutboundSession = !!findActiveSession(sourceChannel);
           if (hasPendingChallenge || hasActiveOutboundSession) {
             denyInactiveMember = false;
           } else {
@@ -448,7 +430,6 @@ export async function enforceIngressAcl(
           ).payload as string;
           const bootstrapTokenForAcl = bootstrapPayload.slice(3);
           const bootstrapSessionForAcl = resolveBootstrapToken(
-            canonicalAssistantId,
             sourceChannel,
             bootstrapTokenForAcl,
           );
@@ -538,13 +519,8 @@ export async function enforceIngressAcl(
             (canonicalSenderId ?? rawSenderId)
           ) {
             const slackVerifyResult = initiateSlackVerificationChallenge({
-              canonicalAssistantId,
               sourceChannel,
-              conversationExternalId,
               senderUserId: (canonicalSenderId ?? rawSenderId)!,
-              replyCallbackUrl,
-              mintBearerToken,
-              assistantId,
             });
 
             if (slackVerifyResult.initiated) {
@@ -1098,28 +1074,17 @@ interface SlackVerificationResult {
  * creates a trusted contact record (not a guardian binding).
  */
 function initiateSlackVerificationChallenge(params: {
-  canonicalAssistantId: string;
   sourceChannel: ChannelId;
-  conversationExternalId: string;
   senderUserId: string;
-  replyCallbackUrl: string | undefined;
-  mintBearerToken: () => string;
-  assistantId: string;
 }): SlackVerificationResult {
-  const { canonicalAssistantId, sourceChannel, senderUserId } = params;
+  const { sourceChannel, senderUserId } = params;
 
   // Skip if there is already a pending challenge or active session for
   // this sender to avoid flooding them with duplicate codes. We scope by
   // sender identity (expectedExternalUserId) so that a pending session for
   // user A does not suppress challenges for user B.
-  const existingChallenge = getPendingChallenge(
-    canonicalAssistantId,
-    sourceChannel,
-  );
-  const existingSession = findActiveSession(
-    canonicalAssistantId,
-    sourceChannel,
-  );
+  const existingChallenge = getPendingChallenge(sourceChannel);
+  const existingSession = findActiveSession(sourceChannel);
   const senderHasPending =
     (existingChallenge &&
       existingChallenge.expectedExternalUserId === senderUserId) ||
@@ -1140,7 +1105,6 @@ function initiateSlackVerificationChallenge(params: {
 
   try {
     const session = createOutboundSession({
-      assistantId: canonicalAssistantId,
       channel: sourceChannel,
       expectedExternalUserId: senderUserId,
       expectedChatId: senderUserId,

package/src/runtime/routes/inbound-stages/background-dispatch.ts

@@ -507,10 +507,7 @@ export function startTrustedContactApprovalNotifier(params: {
 
         if (info && !globalNotifiedApprovalRequestIds.has(info.requestId)) {
           globalNotifiedApprovalRequestIds.set(info.requestId, conversationId);
-          const guardian = findGuardianForChannel(
-            sourceChannel,
-            assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
-          );
+          const guardian = findGuardianForChannel(sourceChannel);
           const guardianName = resolveGuardianName(
             guardian?.contact.displayName,
           );

package/src/runtime/routes/inbound-stages/bootstrap-intercept.ts

@@ -74,11 +74,7 @@ export async function handleBootstrapIntercept(
   }
 
   const bootstrapToken = (commandIntent.payload as string).slice(3);
-  const bootstrapSession = resolveBootstrapToken(
-    canonicalAssistantId,
-    sourceChannel,
-    bootstrapToken,
-  );
+  const bootstrapSession = resolveBootstrapToken(sourceChannel, bootstrapToken);
 
   if (!bootstrapSession || bootstrapSession.status !== "pending_bootstrap") {
     // Not found or expired — fall through to normal /start handling
@@ -94,7 +90,6 @@ export async function handleBootstrapIntercept(
   // Create a new identity-bound outbound session with a fresh secret.
   // The old bootstrap session is auto-revoked by createOutboundSession.
   const newSession = createOutboundSession({
-    assistantId: canonicalAssistantId,
     channel: sourceChannel,
     expectedExternalUserId: rawSenderId,
     expectedChatId: conversationExternalId,

package/src/runtime/routes/inbound-stages/escalation-intercept.ts

@@ -134,7 +134,6 @@ export function handleEscalationIntercept(
     sourceEventName: "ingress.escalation",
     sourceChannel,
     sourceSessionId: conversationId,
-    assistantId: canonicalAssistantId,
     attentionHints: {
       requiresAction: true,
       urgency: "high",

package/src/runtime/routes/inbound-stages/secret-ingress-check.ts

@@ -115,7 +115,6 @@ export function runSecretIngressCheck(params: SecretIngressCheckParams): void {
           : "User sent media attachment";
       recordConversationSeenSignal({
         conversationId,
-        assistantId: canonicalAssistantId,
         signalType: "telegram_inbound_message",
         confidence: "inferred",
         sourceChannel: "telegram",

package/src/runtime/routes/inbound-stages/verification-intercept.ts

@@ -95,8 +95,8 @@ export async function handleVerificationIntercept(
   // Only intercept when there is a pending challenge or active outbound session
   const shouldIntercept =
     guardianVerifyCode !== undefined &&
-    (!!getPendingChallenge(canonicalAssistantId, sourceChannel) ||
-      !!findActiveSession(canonicalAssistantId, sourceChannel));
+    (!!getPendingChallenge(sourceChannel) ||
+      !!findActiveSession(sourceChannel));
 
   if (
     isDuplicate ||
@@ -108,7 +108,6 @@ export async function handleVerificationIntercept(
   }
 
   const verifyResult = validateAndConsumeChallenge(
-    canonicalAssistantId,
     sourceChannel,
     guardianVerifyCode,
     canonicalSenderId ?? rawSenderId,
@@ -144,7 +143,6 @@ export async function handleVerificationIntercept(
         : actorDisplayName;
 
     upsertMember({
-      assistantId: canonicalAssistantId,
       sourceChannel,
       externalUserId: canonicalSenderId ?? rawSenderId,
       externalChatId: conversationExternalId,
@@ -181,7 +179,7 @@ export async function handleVerificationIntercept(
         );
       } else {
         // Revoke any existing active binding before creating a new one (same-user re-verification)
-        revokeGuardianBinding(canonicalAssistantId, sourceChannel);
+        revokeGuardianBinding(sourceChannel);
 
         const metadata: Record<string, string> = {};
         if (actorUsername && actorUsername.trim().length > 0) {
@@ -202,7 +200,6 @@ export async function handleVerificationIntercept(
           rawSenderId;
 
         createGuardianBinding({
-          assistantId: canonicalAssistantId,
           channel: sourceChannel,
           guardianExternalUserId: canonicalSenderId ?? rawSenderId,
           guardianDeliveryChatId: conversationExternalId,
@@ -235,7 +232,6 @@ export async function handleVerificationIntercept(
         sourceEventName: "ingress.trusted_contact.activated",
         sourceChannel,
         sourceSessionId: conversationId,
-        assistantId: canonicalAssistantId,
         attentionHints: {
           requiresAction: false,
           urgency: "low",

package/src/runtime/routes/pairing-routes.ts

@@ -37,22 +37,22 @@ function mintPairingCredentials(
   platform: string,
 ): PairingCredentials | null {
   try {
-    const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
     // Pairing can run before a local client has touched the actor-token
     // bootstrap path. Ensure the vellum guardian principal exists so iOS
     // pairings always have a mint target.
-    const guardianPrincipalId = ensureVellumGuardianBinding(assistantId);
+    const guardianPrincipalId = ensureVellumGuardianBinding(
+      DAEMON_INTERNAL_ASSISTANT_ID,
+    );
     const hashedDeviceId = hashDeviceId(deviceId);
 
     const credentials = mintCredentialPair({
-      assistantId,
       platform,
       deviceId,
       guardianPrincipalId,
       hashedDeviceId,
     });
 
-    log.info({ assistantId, platform }, "Minted credentials during pairing");
+    log.info({ platform }, "Minted credentials during pairing");
     return {
       accessToken: credentials.accessToken,
       accessTokenExpiresAt: credentials.accessTokenExpiresAt,

package/src/runtime/tool-grant-request-helper.ts

@@ -146,7 +146,6 @@ export function createOrReuseToolGrantRequest(
     sourceEventName: "guardian.question",
     sourceChannel,
     sourceSessionId: conversationId,
-    assistantId,
     attentionHints: {
       requiresAction: true,
       urgency: "high",

package/src/tools/browser/browser-manager.ts

@@ -1,11 +1,11 @@
-import { mkdirSync } from "node:fs";
+import { existsSync, mkdirSync } from "node:fs";
 import { join } from "node:path";
 
 import { getLogger } from "../../util/logger.js";
 import { getDataDir } from "../../util/platform.js";
 import { authSessionCache } from "./auth-cache.js";
 import type { ExtractedCredential } from "./network-recording-types.js";
-import { checkBrowserRuntime } from "./runtime-check.js";
+import { importPlaywright } from "./runtime-check.js";
 
 const log = getLogger("browser-manager");
 
@@ -129,20 +129,6 @@ export function setLaunchFn(fn: LaunchFn | null): void {
   launchPersistentContext = fn;
 }
 
-async function getDefaultLaunchFn(): Promise<LaunchFn> {
-  const pw = await import("playwright");
-  // In compiled Bun binaries, CJS→ESM interop may place named exports
-  // under .default instead of at the top level of the module namespace.
-  const chromium =
-    pw.chromium ?? (pw.default as typeof pw | undefined)?.chromium;
-  if (!chromium) {
-    throw new Error(
-      "Failed to resolve Playwright chromium — the module loaded but 'chromium' is missing",
-    );
-  }
-  return chromium.launchPersistentContext.bind(chromium);
-}
-
 function getProfileDir(): string {
   return join(getDataDir(), "browser-profile");
 }
@@ -177,10 +163,24 @@ class BrowserManager {
     this.contextCreating = (async () => {
       await authSessionCache.load();
 
-      // Auto-install Chromium if needed (skip when test launcher is injected)
-      if (!launchPersistentContext) {
-        const status = await checkBrowserRuntime();
-        if (status.playwrightAvailable && !status.chromiumInstalled) {
+      // Resolve launch function: use injected test launcher or resolve
+      // playwright (may install at runtime in compiled binaries).
+      let launch: LaunchFn;
+      if (launchPersistentContext) {
+        launch = launchPersistentContext;
+      } else {
+        const pw = await importPlaywright();
+
+        // Auto-install Chromium if the browser binary is missing
+        let chromiumInstalled = false;
+        try {
+          const execPath = pw.chromium.executablePath();
+          chromiumInstalled = existsSync(execPath);
+        } catch {
+          // executablePath() may throw if registry is missing
+        }
+
+        if (!chromiumInstalled) {
           log.info("Chromium not installed, installing via playwright...");
           const proc = Bun.spawn(
             ["bunx", "playwright", "install", "chromium"],
@@ -213,11 +213,12 @@ class BrowserManager {
             throw new Error(`Failed to install Chromium: ${msg}`);
           }
         }
+
+        launch = pw.chromium.launchPersistentContext.bind(pw.chromium);
       }
 
       const profileDir = getProfileDir();
       mkdirSync(profileDir, { recursive: true });
-      const launch = launchPersistentContext ?? (await getDefaultLaunchFn());
       const headless = !canDisplayGui();
       const ctx = await launch(profileDir, { headless });
       log.info(

package/src/tools/browser/runtime-check.ts

@@ -1,4 +1,7 @@
-import { existsSync } from "node:fs";
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+
+import { getWorkspaceDir } from "../../util/platform.js";
 
 export interface BrowserRuntimeStatus {
   playwrightAvailable: boolean;
@@ -7,14 +10,116 @@ export interface BrowserRuntimeStatus {
   error: string | null;
 }
 
+/**
+ * Resolve playwright's chromium export from a module namespace object,
+ * handling CJS→ESM interop where named exports may land under .default.
+ */
+function resolveChromium(
+  pw: Record<string, unknown>,
+): Record<string, unknown> | undefined {
+  if (pw.chromium) return pw;
+  const def = pw.default as Record<string, unknown> | undefined;
+  if (def?.chromium) return def;
+  return undefined;
+}
+
+/**
+ * Try importing playwright from the bundled binary. Returns the module
+ * if chromium is resolvable, otherwise undefined. This never installs
+ * anything — safe for diagnostic/read-only use.
+ */
+async function tryBundledPlaywright(): Promise<
+  typeof import("playwright") | undefined
+> {
+  try {
+    const pw = await import("playwright");
+    const mod = resolveChromium(pw as unknown as Record<string, unknown>);
+    if (mod?.chromium) return mod as unknown as typeof import("playwright");
+  } catch {
+    // Bundled import failed entirely
+  }
+  return undefined;
+}
+
+/**
+ * Resolve the package entry point from its package.json exports/main fields.
+ */
+function resolvePackageEntry(pkgDir: string): string {
+  try {
+    const pkg = JSON.parse(readFileSync(join(pkgDir, "package.json"), "utf-8"));
+    // Prefer ESM entry from exports map
+    const exportsRoot = pkg.exports?.["."];
+    if (typeof exportsRoot === "object" && exportsRoot?.import) {
+      return join(pkgDir, exportsRoot.import);
+    }
+    if (pkg.module) return join(pkgDir, pkg.module);
+    if (pkg.main) return join(pkgDir, pkg.main);
+  } catch {
+    // Fall through to default
+  }
+  return join(pkgDir, "index.mjs");
+}
+
+/**
+ * Import playwright, falling back to a runtime-installed copy if the
+ * bundled import fails (compiled Bun binaries can't initialize
+ * playwright's in-process client/server bridge correctly).
+ */
+export async function importPlaywright(): Promise<typeof import("playwright")> {
+  // Try bundled import (works in dev/source mode)
+  const bundled = await tryBundledPlaywright();
+  if (bundled) return bundled;
+
+  // Compiled binary fallback: install playwright to disk and import
+  // from an absolute path so the JS runtime resolves it from the
+  // filesystem instead of the compiled module cache.
+  const externalDir = join(getWorkspaceDir(), "external");
+  const pwPkg = join(externalDir, "node_modules", "playwright");
+
+  if (!existsSync(join(pwPkg, "package.json"))) {
+    mkdirSync(externalDir, { recursive: true });
+    if (!existsSync(join(externalDir, "package.json"))) {
+      writeFileSync(join(externalDir, "package.json"), '{"private":true}\n');
+    }
+    const proc = Bun.spawn(["bun", "add", "playwright"], {
+      cwd: externalDir,
+      stdout: "pipe",
+      stderr: "pipe",
+    });
+    const exitCode = await proc.exited;
+    if (exitCode !== 0) {
+      const stderr = await new Response(proc.stderr).text();
+      throw new Error(`Failed to install playwright: ${stderr}`);
+    }
+  }
+
+  // Dynamic import with a runtime-computed path — bun can't statically
+  // analyze this, so it resolves from the filesystem at runtime.
+  const entryPath = resolvePackageEntry(pwPkg);
+  const pw: Record<string, unknown> = await import(entryPath);
+  const mod = resolveChromium(pw);
+  if (!mod?.chromium) {
+    throw new Error(
+      "Failed to resolve Playwright chromium from runtime-installed copy",
+    );
+  }
+  return mod as unknown as typeof import("playwright");
+}
+
 export async function checkBrowserRuntime(): Promise<BrowserRuntimeStatus> {
-  // Check if playwright can be imported
+  // Diagnostic only — no side effects (no playwright installation)
   let chromium: { executablePath: () => string };
   try {
-    const pw = await import("playwright");
-    // In compiled Bun binaries, CJS→ESM interop may place named exports
-    // under .default instead of at the top level of the module namespace.
-    chromium = pw.chromium ?? (pw.default as typeof pw | undefined)?.chromium;
+    const pw = await tryBundledPlaywright();
+    if (!pw) {
+      return {
+        playwrightAvailable: false,
+        chromiumInstalled: false,
+        chromiumPath: null,
+        error: "playwright package not available",
+      };
+    }
+    chromium = pw.chromium;
   } catch {
     return {
       playwrightAvailable: false,

package/src/tools/calls/call-start.ts

@@ -1,6 +1,5 @@
 import { startCall } from "../../calls/call-domain.js";
 import { getConfig } from "../../config/loader.js";
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../../runtime/assistant-scope.js";
 import { findActiveSession } from "../../runtime/channel-guardian-service.js";
 import { normalizePhoneNumber } from "../../util/phone.js";
 import type { ToolContext, ToolExecutionResult } from "../types.js";
@@ -22,8 +21,7 @@ export async function executeCallStart(
       ? normalizePhoneNumber(input.phone_number)
       : null;
   if (requestedPhone) {
-    const assistantId = context.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID;
-    const activeVoiceVerification = findActiveSession(assistantId, "voice");
+    const activeVoiceVerification = findActiveSession("voice");
     const verificationDestination =
       activeVoiceVerification?.destinationAddress ??
       activeVoiceVerification?.expectedPhoneE164;

package/src/tools/followups/followup_create.ts

@@ -1,7 +1,6 @@
 import { getContact } from "../../contacts/contact-store.js";
 import { createFollowUp } from "../../followups/followup-store.js";
 import type { FollowUp } from "../../followups/types.js";
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../../runtime/assistant-scope.js";
 import type { ToolContext, ToolExecutionResult } from "../types.js";
 
 function formatFollowUp(f: FollowUp): string {
@@ -63,7 +62,7 @@ export async function executeFollowupCreate(
 
   // Validate contact exists if provided
   if (contactId) {
-    const contact = getContact(contactId, DAEMON_INTERNAL_ASSISTANT_ID);
+    const contact = getContact(contactId);
     if (!contact) {
       return {
         content: `Error: Contact "${contactId}" not found`,

package/src/tools/tool-approval-handler.ts

@@ -5,7 +5,6 @@ import {
   updateCanonicalGuardianRequest,
 } from "../memory/canonical-guardian-store.js";
 import { isUntrustedTrustClass } from "../runtime/actor-trust-resolver.js";
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../runtime/assistant-scope.js";
 import { createOrReuseToolGrantRequest } from "../runtime/tool-grant-request-helper.js";
 import { computeToolApprovalDigest } from "../security/tool-approval-digest.js";
 import { getTaskRunRules } from "../tasks/ephemeral-permissions.js";
@@ -275,7 +274,6 @@ export class ToolApprovalHandler {
         inputDigest,
         consumingRequestId:
           context.requestId ?? `preexec-${context.sessionId}-${Date.now()}`,
-        assistantId: context.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
         executionChannel: context.executionChannel,
         conversationId: context.conversationId,
         callSessionId: context.callSessionId,