@vellumai/assistant 0.4.33 → 0.4.35

package/src/runtime/local-actor-identity.ts

@@ -41,7 +41,7 @@ export function resolveLocalIpcTrustContext(
   const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
 
   // Try contacts-first for the vellum guardian channel
-  const guardianResult = findGuardianForChannel("vellum", assistantId);
+  const guardianResult = findGuardianForChannel("vellum");
   if (guardianResult && guardianResult.contact.principalId) {
     const guardianPrincipalId = guardianResult.contact.principalId;
     const trustCtx = resolveTrustContext({
@@ -93,10 +93,7 @@ export function resolveLocalIpcAuthContext(sessionId: string): AuthContext {
   const authContext = buildIpcAuthContext(sessionId);
 
   // Enrich with the guardian principal ID from contacts-first path
-  const guardianResult = findGuardianForChannel(
-    "vellum",
-    authContext.assistantId,
-  );
+  const guardianResult = findGuardianForChannel("vellum");
   if (guardianResult && guardianResult.contact.principalId) {
     return {
       ...authContext,

package/src/runtime/routes/access-request-decision.ts

@@ -86,7 +86,6 @@ export function handleAccessRequestDecision(
   // so only the original requester can consume the code. Mark as
   // trusted_contact so the consume path skips guardian binding creation.
   const session = createOutboundSession({
-    assistantId: approval.assistantId,
     channel: approval.channel,
     expectedExternalUserId: approval.requesterExternalUserId,
     expectedChatId: approval.requesterChatId,

package/src/runtime/routes/approval-strategies/guardian-callback-strategy.ts

@@ -99,7 +99,6 @@ export async function handleGuardianCallbackDecision(
         callbackDecision.requestId,
         sourceChannel,
         conversationExternalId,
-        assistantId,
       )
     : null;
 
@@ -110,7 +109,6 @@ export async function handleGuardianCallbackDecision(
     const allPending = getAllPendingApprovalsByGuardianChat(
       sourceChannel,
       conversationExternalId,
-      assistantId,
     );
     if (allPending.length === 1) {
       guardianApproval = allPending[0];
@@ -141,7 +139,6 @@ export async function handleGuardianCallbackDecision(
     const allPending = getAllPendingApprovalsByGuardianChat(
       sourceChannel,
       conversationExternalId,
-      assistantId,
     );
     if (allPending.length === 1) {
       guardianApproval = allPending[0];
@@ -204,7 +201,6 @@ export async function handleGuardianCallbackDecision(
   const allGuardianPending = getAllPendingApprovalsByGuardianChat(
     sourceChannel,
     conversationExternalId,
-    assistantId,
   );
   // Only present approvals that belong to this sender so the engine
   // does not offer disambiguation for requests assigned to a rotated
@@ -609,7 +605,6 @@ async function handleLegacyDecision(params: {
         legacyGuardianDecision.requestId,
         sourceChannel,
         conversationExternalId,
-        assistantId,
       );
       if (!resolvedByRequest) {
         // The referenced request doesn't match any pending guardian
@@ -807,7 +802,6 @@ async function handleAccessRequestApproval(
       sourceEventName: "ingress.trusted_contact.guardian_decision",
       sourceChannel: approval.channel,
       sourceSessionId: approval.conversationId,
-      assistantId,
       attentionHints: {
         requiresAction: false,
         urgency: "medium",
@@ -822,7 +816,6 @@ async function handleAccessRequestApproval(
       sourceEventName: "ingress.trusted_contact.denied",
       sourceChannel: approval.channel,
       sourceSessionId: approval.conversationId,
-      assistantId,
       attentionHints: {
         requiresAction: false,
         urgency: "low",
@@ -891,7 +884,6 @@ async function handleAccessRequestApproval(
       sourceEventName: "ingress.trusted_contact.guardian_decision",
       sourceChannel: approval.channel,
       sourceSessionId: approval.conversationId,
-      assistantId,
       attentionHints: {
         requiresAction: false,
         urgency: "medium",
@@ -918,7 +910,6 @@ async function handleAccessRequestApproval(
       sourceEventName: "ingress.trusted_contact.verification_sent",
       sourceChannel: approval.channel,
       sourceSessionId: approval.conversationId,
-      assistantId,
       attentionHints: {
         requiresAction: false,
         urgency: "low",

package/src/runtime/routes/channel-readiness-routes.ts

@@ -7,6 +7,7 @@
 
 import type { ChannelId } from "../../channels/types.js";
 import { getReadinessService } from "../../daemon/handlers/config-channels.js";
+import { getInviteAdapterRegistry } from "../channel-invite-transport.js";
 import type { RouteDefinition } from "../http-router.js";
 
 /**
@@ -21,18 +22,23 @@ export async function handleGetChannelReadiness(url: URL): Promise<Response> {
 
   const service = getReadinessService();
   const snapshots = await service.getReadiness(channel, includeRemote);
+  const adapterRegistry = getInviteAdapterRegistry();
 
   return Response.json({
     success: true,
-    snapshots: snapshots.map((s) => ({
-      channel: s.channel,
-      ready: s.ready,
-      checkedAt: s.checkedAt,
-      stale: s.stale,
-      reasons: s.reasons,
-      localChecks: s.localChecks,
-      remoteChecks: s.remoteChecks,
-    })),
+    snapshots: snapshots.map((s) => {
+      const adapter = adapterRegistry.get(s.channel);
+      return {
+        channel: s.channel,
+        ready: s.ready,
+        checkedAt: s.checkedAt,
+        stale: s.stale,
+        reasons: s.reasons,
+        localChecks: s.localChecks,
+        remoteChecks: s.remoteChecks,
+        channelHandle: adapter?.resolveChannelHandle?.() ?? undefined,
+      };
+    }),
   });
 }
 
@@ -62,18 +68,23 @@ export async function handleRefreshChannelReadiness(
     body.channel,
     body.includeRemote,
   );
+  const adapterRegistry = getInviteAdapterRegistry();
 
   return Response.json({
     success: true,
-    snapshots: snapshots.map((s) => ({
-      channel: s.channel,
-      ready: s.ready,
-      checkedAt: s.checkedAt,
-      stale: s.stale,
-      reasons: s.reasons,
-      localChecks: s.localChecks,
-      remoteChecks: s.remoteChecks,
-    })),
+    snapshots: snapshots.map((s) => {
+      const adapter = adapterRegistry.get(s.channel);
+      return {
+        channel: s.channel,
+        ready: s.ready,
+        checkedAt: s.checkedAt,
+        stale: s.stale,
+        reasons: s.reasons,
+        localChecks: s.localChecks,
+        remoteChecks: s.remoteChecks,
+        channelHandle: adapter?.resolveChannelHandle?.() ?? undefined,
+      };
+    }),
   });
 }
 

package/src/runtime/routes/contact-routes.ts

@@ -81,7 +81,7 @@ const VALID_ASSISTANT_SPECIES: readonly AssistantSpecies[] = [
  * Also supports search query params: query, channelAddress, channelType.
  * When any search param is provided, delegates to searchContacts() instead of listContacts().
  */
-export function handleListContacts(url: URL, assistantId: string): Response {
+export function handleListContacts(url: URL): Response {
   const limit = Number(url.searchParams.get("limit") ?? 50);
   const role = url.searchParams.get("role") as ContactRole | null;
   const contactTypeParam = url.searchParams.get("contactType");
@@ -104,7 +104,6 @@ export function handleListContacts(url: URL, assistantId: string): Response {
 
   if (hasSearchParams) {
     const contacts = searchContacts({
-      assistantId,
       query: query ?? undefined,
       channelAddress: channelAddress ?? undefined,
       channelType: channelType ?? undefined,
@@ -118,12 +117,7 @@ export function handleListContacts(url: URL, assistantId: string): Response {
     });
   }
 
-  const contacts = listContacts(
-    assistantId,
-    limit,
-    role ?? undefined,
-    contactType,
-  );
+  const contacts = listContacts(limit, role ?? undefined, contactType);
   return Response.json({
     ok: true,
     contacts: contacts.map(withGuardianNameOverride),
@@ -133,11 +127,8 @@ export function handleListContacts(url: URL, assistantId: string): Response {
 /**
  * GET /v1/contacts/:id
  */
-export function handleGetContact(
-  contactId: string,
-  assistantId: string,
-): Response {
-  const contact = getContact(contactId, assistantId);
+export function handleGetContact(contactId: string): Response {
+  const contact = getContact(contactId);
   if (!contact) {
     return httpError("NOT_FOUND", `Contact "${contactId}" not found`, 404);
   }
@@ -155,10 +146,7 @@ export function handleGetContact(
 /**
  * POST /v1/contacts/merge { keepId, mergeId }
  */
-export async function handleMergeContacts(
-  req: Request,
-  assistantId: string,
-): Promise<Response> {
+export async function handleMergeContacts(req: Request): Promise<Response> {
   const body = (await req.json()) as { keepId?: string; mergeId?: string };
 
   if (!body.keepId || !body.mergeId) {
@@ -166,7 +154,7 @@ export async function handleMergeContacts(
   }
 
   try {
-    const contact = mergeContacts(body.keepId, body.mergeId, assistantId);
+    const contact = mergeContacts(body.keepId, body.mergeId);
     return Response.json({
       ok: true,
       contact: withGuardianNameOverride(contact),
@@ -209,10 +197,7 @@ function isChannelPolicy(value: string): value is ChannelPolicy {
 /**
  * POST /v1/contacts { displayName, id?, notes?, contactType?, assistantMetadata?, ... }
  */
-export async function handleUpsertContact(
-  req: Request,
-  assistantId: string,
-): Promise<Response> {
+export async function handleUpsertContact(req: Request): Promise<Response> {
   const body = (await req.json()) as {
     id?: string;
     displayName?: string;
@@ -328,7 +313,6 @@ export async function handleUpsertContact(
       notes: body.notes,
       role: body.role as ContactRole | undefined,
       contactType: body.contactType as ContactType | undefined,
-      assistantId,
       channels: body.channels?.map((ch) => ({
         ...ch,
         status: ch.status as ChannelStatus | undefined,
@@ -360,7 +344,6 @@ export async function handleUpsertContact(
 export async function handleUpdateContactChannel(
   req: Request,
   channelId: string,
-  assistantId: string,
 ): Promise<Response> {
   const body = (await req.json()) as {
     status?: string;
@@ -426,7 +409,7 @@ export async function handleUpdateContactChannel(
     return httpError("NOT_FOUND", `Channel "${channelId}" not found`, 404);
   }
 
-  const parentContact = getContact(updated.contactId, assistantId);
+  const parentContact = getContact(updated.contactId);
   return Response.json({
     ok: true,
     contact: parentContact
@@ -487,7 +470,7 @@ export async function handleVerifyContactChannel(
   channelId: string,
   assistantId: string,
 ): Promise<Response> {
-  const contact = getContact(contactId, assistantId);
+  const contact = getContact(contactId);
   if (!contact) {
     return httpError("NOT_FOUND", `Contact "${contactId}" not found`, 404);
   }
@@ -555,7 +538,6 @@ export async function handleVerifyContactChannel(
     }
 
     const sessionResult = createOutboundSession({
-      assistantId,
       channel: verificationChannel,
       expectedPhoneE164: phoneE164,
       expectedExternalUserId: channel.externalUserId ?? undefined,
@@ -589,7 +571,6 @@ export async function handleVerifyContactChannel(
     // Telegram with known chat ID: identity is already bound
     if (channel.externalChatId) {
       const sessionResult = createOutboundSession({
-        assistantId,
         channel: verificationChannel,
         expectedChatId: channel.externalChatId,
         expectedExternalUserId: channel.externalUserId ?? undefined,
@@ -639,7 +620,6 @@ export async function handleVerifyContactChannel(
       .digest("hex");
 
     const sessionResult = createOutboundSession({
-      assistantId,
       channel: verificationChannel,
       identityBindingStatus: "pending_bootstrap",
       destinationAddress: effectiveDestination,
@@ -675,7 +655,6 @@ export async function handleVerifyContactChannel(
     }
 
     const sessionResult = createOutboundSession({
-      assistantId,
       channel: verificationChannel,
       expectedExternalUserId: channel.externalUserId ?? undefined,
       expectedChatId: channel.externalChatId ?? undefined,
@@ -721,27 +700,24 @@ export function contactRouteDefinitions(): RouteDefinition[] {
     {
       endpoint: "contacts",
       method: "GET",
-      handler: ({ url, authContext }) =>
-        handleListContacts(url, authContext.assistantId),
+      handler: ({ url }) => handleListContacts(url),
     },
     {
       endpoint: "contacts",
       method: "POST",
-      handler: async ({ req, authContext }) =>
-        handleUpsertContact(req, authContext.assistantId),
+      handler: async ({ req }) => handleUpsertContact(req),
     },
     {
       endpoint: "contacts/merge",
       method: "POST",
-      handler: async ({ req, authContext }) =>
-        handleMergeContacts(req, authContext.assistantId),
+      handler: async ({ req }) => handleMergeContacts(req),
     },
     {
       endpoint: "contacts/channels/:id",
       method: "PATCH",
       policyKey: "contacts/channels",
-      handler: async ({ req, params, authContext }) =>
-        handleUpdateContactChannel(req, params.id, authContext.assistantId),
+      handler: async ({ req, params }) =>
+        handleUpdateContactChannel(req, params.id),
     },
     {
       endpoint: "contacts/:contactId/channels/:channelId/verify",
@@ -768,8 +744,7 @@ export function contactCatchAllRouteDefinitions(): RouteDefinition[] {
       endpoint: "contacts/:id",
       method: "GET",
       policyKey: "contacts",
-      handler: ({ params, authContext }) =>
-        handleGetContact(params.id, authContext.assistantId),
+      handler: ({ params }) => handleGetContact(params.id),
     },
   ];
 }

package/src/runtime/routes/conversation-attention-routes.ts

@@ -10,7 +10,6 @@ import {
 } from "../../memory/conversation-attention-store.js";
 import * as conversationStore from "../../memory/conversation-store.js";
 import { truncate } from "../../util/truncate.js";
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
 
@@ -38,7 +37,6 @@ export function handleListConversationAttention(url: URL): Response {
   }
 
   const attentionStates = listConversationAttention({
-    assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
     state: stateParam as AttentionFilterState,
     sourceChannel: channel,
     source: sourceParam !== "all" ? sourceParam : undefined,

package/src/runtime/routes/global-search-routes.ts

@@ -19,7 +19,6 @@ import { rawAll } from "../../memory/raw-query.js";
 import { semanticSearch } from "../../memory/search/semantic.js";
 import { listSchedules } from "../../schedule/schedule-store.js";
 import { getLogger } from "../../util/logger.js";
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
 
@@ -250,7 +249,6 @@ export async function handleGlobalSearch(url: URL): Promise<Response> {
 
   if (categories.has("contacts")) {
     const contactResults = searchContacts({
-      assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
       query,
       limit,
     });

package/src/runtime/routes/guardian-bootstrap-routes.ts

@@ -45,7 +45,7 @@ function ensureGuardianPrincipal(assistantId: string): {
   guardianPrincipalId: string;
   isNew: boolean;
 } {
-  const guardianResult = findGuardianForChannel("vellum", assistantId);
+  const guardianResult = findGuardianForChannel("vellum");
   if (guardianResult && guardianResult.contact.principalId) {
     return {
       guardianPrincipalId: guardianResult.contact.principalId,
@@ -57,7 +57,6 @@ function ensureGuardianPrincipal(assistantId: string): {
   const guardianPrincipalId = `vellum-principal-${uuid()}`;
 
   createGuardianBinding({
-    assistantId,
     channel: "vellum",
     guardianExternalUserId: guardianPrincipalId,
     guardianDeliveryChatId: "local",
@@ -115,7 +114,7 @@ export async function handleGuardianBootstrap(
       );
     }
 
-    if (platform !== "macos" && platform !== "cli") {
+    if (platform !== "macos" && platform !== "cli" && platform !== "web") {
       return httpError(
         "BAD_REQUEST",
         "Invalid platform. Bootstrap is macOS/CLI-only; iOS uses QR pairing.",
@@ -123,13 +122,13 @@ export async function handleGuardianBootstrap(
       );
     }
 
-    const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
-    const { guardianPrincipalId, isNew } = ensureGuardianPrincipal(assistantId);
+    const { guardianPrincipalId, isNew } = ensureGuardianPrincipal(
+      DAEMON_INTERNAL_ASSISTANT_ID,
+    );
     const hashedDeviceId = hashDeviceId(deviceId);
 
     // Mint credential pair (access token + refresh token)
     const credentials = mintCredentialPair({
-      assistantId,
       platform,
       deviceId,
       guardianPrincipalId,
@@ -137,7 +136,7 @@ export async function handleGuardianBootstrap(
     });
 
     log.info(
-      { assistantId, platform, guardianPrincipalId, isNew },
+      { platform, guardianPrincipalId, isNew },
       "Guardian bootstrap completed",
     );
 

package/src/runtime/routes/guardian-expiry-sweep.ts

@@ -9,6 +9,7 @@ import {
 } from "../../memory/channel-guardian-store.js";
 import { getLogger } from "../../util/logger.js";
 import { composeApprovalMessageGenerative } from "../approval-message-composer.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
 import type { ApprovalDecisionResult } from "../channel-approval-types.js";
 import { handleChannelDecision } from "../channel-approvals.js";
 import { deliverChannelReply } from "../gateway-client.js";
@@ -68,7 +69,7 @@ export function sweepExpiredGuardianApprovals(
         {
           chatId: approval.requesterChatId,
           text: requesterText,
-          assistantId: approval.assistantId,
+          assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
         },
         mintBearerToken?.(),
       );
@@ -96,7 +97,7 @@ export function sweepExpiredGuardianApprovals(
         {
           chatId: approval.guardianChatId,
           text: guardianText,
-          assistantId: approval.assistantId,
+          assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
         },
         mintBearerToken?.(),
       );

package/src/runtime/routes/inbound-message-handler.ts

@@ -501,7 +501,6 @@ export async function handleChannelInbound(
                 : body.callbackData!;
             recordConversationSeenSignal({
               conversationId: result.conversationId,
-              assistantId: canonicalAssistantId,
               signalType: `${sourceChannel}_callback` as SignalType,
               confidence: "inferred",
               sourceChannel,
@@ -515,7 +514,6 @@ export async function handleChannelInbound(
                 : trimmedContent;
             recordConversationSeenSignal({
               conversationId: result.conversationId,
-              assistantId: canonicalAssistantId,
               signalType: `${sourceChannel}_inbound_message` as SignalType,
               confidence: "inferred",
               sourceChannel,
@@ -554,7 +552,6 @@ export async function handleChannelInbound(
               : body.callbackData!;
           recordConversationSeenSignal({
             conversationId: result.conversationId,
-            assistantId: canonicalAssistantId,
             signalType: `${sourceChannel}_callback` as SignalType,
             confidence: "inferred",
             sourceChannel,

package/src/runtime/routes/inbound-stages/acl-enforcement.ts

@@ -191,14 +191,8 @@ export async function enforceIngressAcl(
         // omitted: rebind sessions create a consumable challenge while a
         // binding already exists, and the identity check inside
         // validateAndConsumeChallenge prevents unauthorized takeovers.
-        const hasPendingChallenge = !!getPendingChallenge(
-          canonicalAssistantId,
-          sourceChannel,
-        );
-        const hasActiveOutboundSession = !!findActiveSession(
-          canonicalAssistantId,
-          sourceChannel,
-        );
+        const hasPendingChallenge = !!getPendingChallenge(sourceChannel);
+        const hasActiveOutboundSession = !!findActiveSession(sourceChannel);
         if (hasPendingChallenge || hasActiveOutboundSession) {
           denyNonMember = false;
         } else {
@@ -219,7 +213,6 @@ export async function enforceIngressAcl(
         ).payload as string;
         const bootstrapTokenForAcl = bootstrapPayload.slice(3); // strip 'gv_' prefix
         const bootstrapSessionForAcl = resolveBootstrapToken(
-          canonicalAssistantId,
           sourceChannel,
           bootstrapTokenForAcl,
         );
@@ -299,13 +292,8 @@ export async function enforceIngressAcl(
         // user can reply with the code in the DM to self-verify.
         if (sourceChannel === "slack" && (canonicalSenderId ?? rawSenderId)) {
           const slackVerifyResult = initiateSlackVerificationChallenge({
-            canonicalAssistantId,
             sourceChannel,
-            conversationExternalId,
             senderUserId: (canonicalSenderId ?? rawSenderId)!,
-            replyCallbackUrl,
-            mintBearerToken,
-            assistantId,
           });
 
           if (slackVerifyResult.initiated) {
@@ -420,14 +408,8 @@ export async function enforceIngressAcl(
         // revoked/blocked — otherwise the user can never re-verify.
         let denyInactiveMember = true;
         if (isGuardianVerifyCode) {
-          const hasPendingChallenge = !!getPendingChallenge(
-            canonicalAssistantId,
-            sourceChannel,
-          );
-          const hasActiveOutboundSession = !!findActiveSession(
-            canonicalAssistantId,
-            sourceChannel,
-          );
+          const hasPendingChallenge = !!getPendingChallenge(sourceChannel);
+          const hasActiveOutboundSession = !!findActiveSession(sourceChannel);
           if (hasPendingChallenge || hasActiveOutboundSession) {
             denyInactiveMember = false;
           } else {
@@ -448,7 +430,6 @@ export async function enforceIngressAcl(
           ).payload as string;
           const bootstrapTokenForAcl = bootstrapPayload.slice(3);
           const bootstrapSessionForAcl = resolveBootstrapToken(
-            canonicalAssistantId,
             sourceChannel,
             bootstrapTokenForAcl,
           );
@@ -538,13 +519,8 @@ export async function enforceIngressAcl(
             (canonicalSenderId ?? rawSenderId)
           ) {
             const slackVerifyResult = initiateSlackVerificationChallenge({
-              canonicalAssistantId,
               sourceChannel,
-              conversationExternalId,
               senderUserId: (canonicalSenderId ?? rawSenderId)!,
-              replyCallbackUrl,
-              mintBearerToken,
-              assistantId,
             });
 
             if (slackVerifyResult.initiated) {
@@ -1098,28 +1074,17 @@ interface SlackVerificationResult {
  * creates a trusted contact record (not a guardian binding).
  */
 function initiateSlackVerificationChallenge(params: {
-  canonicalAssistantId: string;
   sourceChannel: ChannelId;
-  conversationExternalId: string;
   senderUserId: string;
-  replyCallbackUrl: string | undefined;
-  mintBearerToken: () => string;
-  assistantId: string;
 }): SlackVerificationResult {
-  const { canonicalAssistantId, sourceChannel, senderUserId } = params;
+  const { sourceChannel, senderUserId } = params;
 
   // Skip if there is already a pending challenge or active session for
   // this sender to avoid flooding them with duplicate codes. We scope by
   // sender identity (expectedExternalUserId) so that a pending session for
   // user A does not suppress challenges for user B.
-  const existingChallenge = getPendingChallenge(
-    canonicalAssistantId,
-    sourceChannel,
-  );
-  const existingSession = findActiveSession(
-    canonicalAssistantId,
-    sourceChannel,
-  );
+  const existingChallenge = getPendingChallenge(sourceChannel);
+  const existingSession = findActiveSession(sourceChannel);
   const senderHasPending =
     (existingChallenge &&
       existingChallenge.expectedExternalUserId === senderUserId) ||
@@ -1140,7 +1105,6 @@ function initiateSlackVerificationChallenge(params: {
 
   try {
     const session = createOutboundSession({
-      assistantId: canonicalAssistantId,
       channel: sourceChannel,
       expectedExternalUserId: senderUserId,
       expectedChatId: senderUserId,

package/src/runtime/routes/inbound-stages/background-dispatch.ts

@@ -507,10 +507,7 @@ export function startTrustedContactApprovalNotifier(params: {
 
         if (info && !globalNotifiedApprovalRequestIds.has(info.requestId)) {
           globalNotifiedApprovalRequestIds.set(info.requestId, conversationId);
-          const guardian = findGuardianForChannel(
-            sourceChannel,
-            assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
-          );
+          const guardian = findGuardianForChannel(sourceChannel);
           const guardianName = resolveGuardianName(
             guardian?.contact.displayName,
           );

package/src/runtime/routes/inbound-stages/bootstrap-intercept.ts

@@ -74,11 +74,7 @@ export async function handleBootstrapIntercept(
   }
 
   const bootstrapToken = (commandIntent.payload as string).slice(3);
-  const bootstrapSession = resolveBootstrapToken(
-    canonicalAssistantId,
-    sourceChannel,
-    bootstrapToken,
-  );
+  const bootstrapSession = resolveBootstrapToken(sourceChannel, bootstrapToken);
 
   if (!bootstrapSession || bootstrapSession.status !== "pending_bootstrap") {
     // Not found or expired — fall through to normal /start handling
@@ -94,7 +90,6 @@ export async function handleBootstrapIntercept(
   // Create a new identity-bound outbound session with a fresh secret.
   // The old bootstrap session is auto-revoked by createOutboundSession.
   const newSession = createOutboundSession({
-    assistantId: canonicalAssistantId,
     channel: sourceChannel,
     expectedExternalUserId: rawSenderId,
     expectedChatId: conversationExternalId,

package/src/runtime/routes/inbound-stages/escalation-intercept.ts

@@ -134,7 +134,6 @@ export function handleEscalationIntercept(
     sourceEventName: "ingress.escalation",
     sourceChannel,
     sourceSessionId: conversationId,
-    assistantId: canonicalAssistantId,
     attentionHints: {
       requiresAction: true,
       urgency: "high",

package/src/runtime/routes/inbound-stages/secret-ingress-check.ts

@@ -115,7 +115,6 @@ export function runSecretIngressCheck(params: SecretIngressCheckParams): void {
           : "User sent media attachment";
       recordConversationSeenSignal({
         conversationId,
-        assistantId: canonicalAssistantId,
         signalType: "telegram_inbound_message",
         confidence: "inferred",
         sourceChannel: "telegram",